RealTime IT News

IBM Targets Regulatory Compliance

To support enterprises who struggle to comply with the maze of government regulations for record-keeping, IBM Monday rolled out three new software products to help track and manage internal e-mails and instant messaging conversations.

IBM Content Management for Message Monitoring and Retention; IBM Lotus Workplace for Business Controls and Reporting and the IBM Tivoli Security Compliance Manager all offer specific tools to properly manage business data and set up a compliance policy across the enterprise.

"To stay on top of the hundreds of rules and regulations, companies need a compliance infrastructure. To deal with things like privacy, digital rights management (DRM), records and life cycle management, content and document management and storage management," said Brett MacIntyre, vice president of IBM's software group.

"Good businesses have these components in place today. They know where information is and they are in control of managing it."

MacIntyre said the new content management software would deal specifically with managing and archiving data subject to government regulations like SEC 17a-4 and NASD 3010/3110. In partnership with iLumin Software Services, IBM is offering "smart indexing" capabilities to scan and analyze electronic messages.

The Lotus Workplace for Business Controls and Reporting software helps companies comply with the Sarbanes-Oxley Act of 2002. It handles archived data and audit trails, allowing companies to identify, assign, test and monitor business controls.

On the security side, IBM released the Tivoli Security Compliance Manager to provide automated policy compliance audits across a large enterprise. The software can be used to create policies to address requirements from regulations like the Gramm-Leach-Bliley Act, The Health Insurance Portability and Accountability Act or other local privacy regulations, MacIntyre explained.

IBM also released results of a survey that found that only one in ten CFOs and financial executives believe they are in compliance with Section 404 of the Sarbanes-Oxley Act. That section deals with assurances to shareholders regarding a company's internal controls.

The survey found that the executives expected to be compliant within the required time frame even though this may require "significant changes" to established business practices.