Compassoft releases Sarbox compliance software

With this release, corporate financial and IT departments now have a powerful enterprise information asset discovery software that can automatically locate analyze and report on information stored within the entire enterprise-computing environment - from server to desktop.

"Many Sarbanes-Oxley solutions for the compliance process focus on managing and controlling the flow of known information, but Compassoft addresses the challenging task of discovering information that existing controls are unaware of and therefore not yet monitoring," said Robert Lerner, senior analyst, Data Warehousing and Application Infrastructure, at Current Analysis. "Compassoft has brought to market a strong tool that not only retrieves financial information from centralized and remote repositories, but maps relationships between key data sources, compares changes to the data over time and analyzes the results."

Compassoft automatically discovers, maps dependent data sources, compares iterations of data sources and reports on critical changes to information assets across all distributed machines in the enterprise. The software complements existing ERP systems and professional consulting organizations by reporting on thousands of spreadsheets, Crystal Reports and databases that reside on desktops or centralized corporate servers.

"This is the missing piece of the technology puzzle in the Sarbanes-Oxley compliance challenge," said Paul Bach, CEO of Compassoft. "Compassoft eliminates the many hours of manual labor that financial and IT departments must otherwise spend to locate and analyze financial information hidden within highly distributed and remote systems such as servers, desktop and laptop computers."

Until now, companies have been forced to rely on extensive interviews with key stakeholders and then sift through the files those employees have been asked to download from their hard drives. This manual process has proven to be extremely expensive in terms of consulting dollars, and unreliable because it depends on people's memories and cooperation.

The High Cost of Sarbanes-Oxley Compliance

The Financial Executives International (FEI) Committee on Corporate Reporting (CCR) sent a letter to the SEC on April 1, 2005 noting that a March 2005 survey of 217 member companies found they paid an average of $4.3 million for added internal costs and additional fees spent on auditors and other consultants and software associated with complying with Section 404. The letter noted that companies over $25 billion in revenue spent $14.7 million on average.

Section 404 of the Sarbanes-Oxley Act mandating internal controls for "validity" and "transparency" of data and Section 409 mandating "real-time" material disclosures have created an urgent need for monitoring, analyzing and managing change on the enterprise. Most IT infrastructures are not equipped to handle these real-time requirements.

French Caldwell, Gartner Inc's VP of the Knowledge Management Practice, wrote in a report entitled "New Sarbanes-Oxley Milestone Expands Disclosure Requirements" (August 2004) about the need to extend compliance management to other SOX requirements such as Section 409 whose rules "dramatically expand the types of events that can trigger a need for disclosure." Caldwell noted that companies will need to "expedite the processes used to pull together the supporting documentation that puts the event in context."

Compassoft, with its patented technology, provides visibility and control over highly distributed financial information that is often less visible and therefore not monitored for required compliance statutes by either finance or IT. Compassoft has designed a dashboard for use by chief financial officers, VPs of Finance, internal and external auditors, directors of compliance and corporate controllers as well as chief technology officers and directors of IT.