IBM Targets Regulatory Compliance

To support enterprises who struggle to comply with the maze of government regulations for record-keeping, IBM Monday rolled out three new software products to help track and manage internal e-mails and instant messaging conversations.

IBM Content Management for Message Monitoring and Retention; IBM Lotus Workplace for Business Controls and Reporting and the IBM Tivoli Security Compliance Manager all offer specific tools to properly manage business data and set up a compliance policy across the
enterprise.

“To stay on top of the hundreds of rules and regulations, companies need
a compliance infrastructure. To deal with things like privacy, digital
rights management (DRM), records and life cycle management, content and
document management and storage management,” said Brett MacIntyre, vice
president of IBM’s software group.

“Good businesses have these components in place today. They know where
information is and they are in control of managing it.”

MacIntyre said the new content management software would deal
specifically with managing and archiving data subject to government
regulations like SEC 17a-4 and NASD 3010/3110. In partnership with iLumin
Software Services, IBM is offering “smart indexing” capabilities to scan and
analyze electronic messages.

The Lotus Workplace for Business Controls and Reporting software helps
companies comply with the Sarbanes-Oxley Act of 2002. It handles archived data
and audit trails, allowing companies to identify, assign, test and monitor
business controls.

On the security side, IBM released the Tivoli Security Compliance
Manager to provide automated policy compliance audits across a large
enterprise. The software can be used to create policies to address
requirements from regulations like the Gramm-Leach-Bliley Act, The Health
Insurance Portability and Accountability Act or other local privacy
regulations, MacIntyre explained.

IBM also released results of a survey that found that only one in ten
CFOs and financial executives believe they are in compliance with Section
404 of the Sarbanes-Oxley Act. That section deals with assurances to
shareholders regarding a company’s internal controls.

The survey found that the executives expected to be compliant within the
required time frame even though this may require “significant changes” to
established business practices.

News Around the Web