Compassoft News Archive

Scotts Valley, CA -- March 25, 2008 -- (BUSINESS WIRE) –– Compassoft, the market leader for Enterprise Spreadsheet Governance, Risk and Compliance (GRC) controls, announced today that its Spreadsheet GRC control solution received a “Positive” rating in Gartner’s “MarketScope for Spreadsheet Control Products, 2008.” The report was published March 11th, 2008 by Gartner and was authored by Jay Heiser and David Furlonger.

Gartner states in the report, “CFOs and corporate officers responsible for regulatory compliance should welcome the introduction of a tool that can easily identify operational risk accidents waiting to happen and must be aware that auditors are becoming increasingly aggressive in demanding the identification of high-risk spreadsheets.”

"With government and industry regulations on the rise, and high-profile banking frauds such as Societe Generale's dominating the news, companies are now realizing they must give higher priority to finding and mitigating the risks posed by user-developed applications, most notably spreadsheets,” said Paul Bach, CEO of Compassoft. “Our global customer base has grown dramatically as companies are looking for an enterprise-wide solution. We believe Gartner’s ‘Positive’ rating confirms the value of Compassoft Enterprise, and confirms our strong position in the market.”

Compassoft Enterprise is the most comprehensive spreadsheet GRC solution on the marketplace. The software uniquely combines automated policy-based controls with an ability to discover new or changed spreadsheets, create detailed audit logs of changes to spreadsheets, and perform automated risk assessment. Compassoft Enterprise can detect control violations — and notify the appropriate authorities — as well as conduct forensic analysis. Extensive reporting capabilities and dashboards that work with the risk management platforms that companies already have in place, improve management visibility and make it a powerful solution for risk management.

^ back to top

 

Scotts Valley, CA – January 7, 2008 -- (BUSINESS WIRE) -- Compassoft, the leading provider of spreadsheet Governance, Risk and Control (GRC) solutions for the enterprise, today announced that it was selected by CMP’s Intelligent Enterprise for an Editor’s Choice Award as one of 36 “Companies to Watch” in 2008.

Awarded to standouts in their field, the list of “Companies to Watch” is selected by the editors of Intelligent Enterprise based on input from a panel of industry experts, analysts, and consultants. Alongside Compassoft, the list for 2008 includes HP (NYSE:HPQ), eBay (Nasdaq:EBAY), Tibco (Nasdaq:TIBX), and other industry-recognized leaders.

Intelligent Enterprise’s Editor-in-Chief Doug Henschen noted that the 2008 Editors’ Choice honorees are chosen based on exceptional vision, technology innovation, and customer leadership in attaining strategic objectives.

Compassoft was further praised as one of six companies to watch in the Performance Management category for its unique ability to “discover, interrogate and analyze spreadsheet problems within enterprises large and small.”

“This award underscores the growing recognition that it’s just not acceptable for companies to ignore the 30-40 percent of their corporate data that resides in end-user applications such as spreadsheets,” said Compassoft CEO Paul Bach. “With countless examples of companies losing millions of dollars due to errors or fraud in spreadsheets, the industry is turning its eye towards GRC solutions that can discover, validate and control the distributed information in end-user applications. Compassoft is honored to be recognized with this Editor’s Choice Award from Intelligent Enterprise as a leader in this field.”

The Intelligent Enterprise article can be found here

^ back to top

 

Scotts Valley, CA – September 25th, 2007 – Compassoft, the leading provider of spreadsheet discovery, validation and control solutions for the enterprise, today announced the availability of Compassoft Enterprise v3.5™, the first automated, policy-based software framework that can continuously assess risk factors in every spreadsheet on every laptop, desktop and database within the enterprise.  Now large companies and organizations can cast a much wider net to find and prioritize sources of risk as it emerges in new or changed spreadsheets, and implement continuous monitoring controls within their most mission-critical spreadsheets.  

Automated Risk Discovery
With Compassoft Enterprise 3.5, chief financial officers, controllers and internal auditors can set risk policies based on their business.  Compassoft’s solution uses these policies to continuously flag potential problems within spreadsheets down to the cell level. By automating spreadsheet quality control, auditors can immediately detect violations to company spreadsheet policies in new or revised spreadsheets to mitigate financial risk from honest mistakes or fraud.  More than 70 rules reflecting the standard industry practices of the Big Four accounting firms are packaged with the 3.5 version, and additional custom rules can be created to reflect corporate policies and industry requirements.

Continuous Control Monitoring
Individuals and financial groups responsible for data integrity and compliance will have added peace of mind with the new continuous control monitoring feature that scans mission critical spreadsheets.  This new feature introduced in Compassoft Enterprise v3.5 triggers an alert if the contents of a spreadsheet fall outside of acceptable standards and rules set by the companies themselves.

“Spreadsheet control must be a process, not a one-time project because spreadsheets are continuously being altered, and changes to a single data field inside a spreadsheet can have a profound ripple effect throughout an organization,” said Paul Bach, CEO of Compassoft. “Compassoft Enterprise 3.5 comprehensively examines all the financial, analytical and operational spreadsheets within the enterprise system determining what is high, medium and low risk, and rectifying the errors and fraud vulnerabilities in real-time.

Five Elements of a Spreadsheet Control Process
Compassoft Enterprise 3.5 works within the parameters of a continuous spreadsheet control process that includes the following five elements:

1. Set control policy to determine spreadsheet risk parameters and the appropriate alerts and processes that will be triggered by the criteria;
2. Create a living inventory of all new and changed spreadsheets on an ongoing basis -- without the need for a desktop agent on the monitored computers;
3. Automate risk assessment and prioritization to make it possible to continuously enforce policies, monitoring and controlling  thousands or even millions of spreadsheets that would be impossible if done manually;
4. Analyze and baseline  the data to detect and remove errors, eliminate fraud vulnerabilities and create documentation;
5. Monitor and manage spreadsheet contents and external dependencies based on risk category.

Improved Interoperability: Microsoft SharePoint and Other New Features
In addition to the enhanced automated risk assessment and control monitoring capabilities, Compassoft Enterprise v3.5 includes new features for Microsoft SharePoint, Crystal Reports and user interface enhancements:

• Improved integration with Microsoft SharePoint 2007
• Ad-hoc reporting using industry-standard Crystal Reports
• Deeper spreadsheet analytics, including 71 types of external links and embedded VBA macro detection and analysis
• User interface improvements, including analytics shortcuts, graphics drilldown, and improved audit trail browsing

Bloor Research Comments
“The policy-based automation introduced by Compassoft in this release represents a major step forward in the battle to manage spreadsheets,” said Philip Howard, research director at Bloor Research. “I have not seen another product that can automate the entire process of discovering and managing spreadsheets to such a degree.”

HiredBrains Comments
"Spreadsheets allow people to express themselves without constraint and to communicate their ideas freely,” said Neil Raden, president at Hired Brains Research. “No organization could function today without them. Inherent in this degree of autonomy is a great deal of risk due to error, malfeasance, data quality, duplication of effort and distortion. The solution is not to replace spreadsheets, but rather to embrace them. Compassoft offers a unique solution that constantly scours the entire enterprise computing environment to identify spreadsheet risk that might easily go undetected with manual quality control procedures.”

Protiviti Comments
“The risk associated with the use of spreadsheets has become increasingly high profile over the last couple of years,” said Ed Hill, managing director of Protiviti, a leading provider of independent internal audit and business and technology risk consulting services who work with their clients to help them manage these risks.  “Having prepared the inventories and assessed this risk, many businesses have not been able to identify practical solutions and have found themselves asking the question, what do we do next?  Spreadsheet management solutions provide that level of validation and control over spreadsheets that would be virtually impossible to achieve manually.”

Ventana Research Comments
“In order to have any chance of success, software designed to improve the accuracy, usability and productivity of spreadsheets must allow people to continue doing their jobs the way they’ve always done them, said Robert Kugel, SVP and research director for financial performance management at Ventana Research. “By automating a comprehensive spreadsheet monitoring and control process, Compassoft offers an attractive spreadsheet management solution for those companies that want to address the inherent problems with spreadsheets without having to make major changes in how people work.” 

^ back to top

 

Scotts Valley, CA – June 12, 2007 –  When the 8th annual conference of The European Spreadsheet Risks Interest Group (EuSpRIG) convenes in London, July 11-13, leading authorities on enterprise spreadsheet risk will gather to discuss ways that companies can protect themselves from a host of common spreadsheet errors or even fraudulent manipulation of data before such problems impact revenues and profits, affect regulatory compliance filings, or lead to pricing errors and poor decision-making.  Compassoft, the leader in enterprise spreadsheet control with over 160 customers worldwide, is the main sponsor of the conference, entitled “Enterprise Spreadsheet Management: A Necessary Evil.” Compassoft CEO Paul Bach will present a keynote outlining the state of technology identifying and managing spreadsheets in enterprise environments.

The Invisible Applications that Can Cost Millions
“Software solutions must factor into any discussion about spreadsheet risk because it is only through automation that large companies can continuously document, evaluate, and test controls against the thousands of end-user computing applications such as spreadsheets that reside on their servers and employee’s desktops and laptops,” said Paul Bach, CEO of Compassoft.  “These user-developed spreadsheets are rarely subjected to the same controls and governance of the larger, centralized systems, yet they contain staggering amounts of sensitive data — data that can expose companies to serious financial and regulatory-compliance breaches.”

The EuSpRIG Agenda
“The participants will table solutions that address the prevalence and impact of uncontrolled spreadsheets in the business environment today,” said Patrick O'Beirne, chair of EuSpRIG. “EuSpRIG has been tracking public reports of spreadsheet errors since 1999, and our conferences provide a forum for participants to discuss and find solutions to counter these risks that can compromise regulatory filings and cost companies millions of dollars in lost revenues.”

Presentations by Industry Leaders
There are 18 papers and presentations at this year’s conference, highlighted by industry-leading speakers:

• Paul Bach, CEO of Compassoft, will outline the state of technology for quality control and compliance of spreadsheets in enterprise environments;
• Ray Panko, Professor of IT Management, University of Hawaii, has spent years researching and writing about spreadsheet errors, and is often quoted by the international business press.  He will discuss his latest research;
• Dean Buckner of the Financial Services Authority will provide an update on spreadsheet regulation in financial markets. The FSA is an independent non-governmental body given statutory powers by the UK Financial Services and Markets Act 2000.

8th EuSpRIG Annual Conference
The 8th EuSpRIG Annual Conference will be held at the University of Greenwich in London from July 11-13, 2007.  The Conference Web site is at: http://www.uwic.ac.uk/eusprig/2007/

^ back to top

 

Scotts Valley, CA – June 15, 2007 – Bloor Research (www.bloor-research.com) evaluated 16 vendors serving the enterprise spreadsheet management market in its newly released Spreadsheet Management Report, and declared Compassoft as the market leader with the largest customer base and the strongest discovery and compliance solution.

“Spreadsheets, used improperly or without sufficient control, pose a greater threat to your business than almost anything you can imagine,” stated Philip Howard, research director at Bloor Research. “A further complication is that most large organizations have probably thousands, if not tens of thousands, of spreadsheets distributed across the enterprise. Not only are these uncontrolled, they are unknown.”

“This Bloor Research report is an excellent wake up call for public companies to address the greatest threat to their business, out of control end user computing applications,” said Paul Bach, CEO of Compassoft.  “Compassoft has developed very deep domain expertise around discovering, validating and controlling spreadsheets and other end user applications. We’ve helped thousands of people solve these exact problems that Bloor Research is highlighting.”

^ back to top

 

Scotts Valley, CA – May 3, 2007 – As the forerunner to a major report on the enterprise spreadsheet management industry that is expected to be published later this month, Bloor Research (www.bloor-research.com) has issued an In-Detail Paper concluding that Compassoft is the market leader for enterprise spreadsheet management, Compassoft announced today.

“The key point to note about Compassoft is that it can do all of the major things required to take control of existing spreadsheet mayhem, and manage that on an on-going basis going forward,” said author Philip Howard, research director of data at Bloor Research. “Compassoft is the market leader -- particularly in terms of its installed base for enterprise spreadsheet management with its comprehensive offering for managing spreadsheets at a corporate level.”

Howard noted that the market for spreadsheet and End User Computing (EUC) applications is divided into four areas: monitoring tools, control and compliance tools, auditor’s tools and automation tools. Monitoring tools constantly audit changes to spreadsheets.  Control and compliance tools add security and management to determine levels of authority and authorization.  Auditor’s tools enable spreadsheet comparisons to detect formulae errors and other potential problems.  Automation tools provide controlled development environments for creating new spreadsheet applications. 

Compassoft stands out in the market by uniquely providing monitoring, control and compliance, and auditor’s tools.  Its customers are in many industries ranging from banking and manufacturing to retail, pharmaceutical and life-sciences organizations.

“With 30-40 percent of corporate data within spreadsheets, PC databases, and reports, we increasingly see audits from the Big Four focusing on the risk exposure of these undocumented, untested and typically uncontrolled corporate applications,” said Paul Bach, CEO of Compassoft. “Companies concerned with quality control and governance use our software to continually discover, test and control critical data that is on tens of thousands of desktops, notebooks and servers within their organizations. You can think of Compassoft as the company that provides production level Governance, Risk, and Compliance (GRC) application control for your smaller and highly distributed systems,” he added.

Download Bloor Research's full product review of Compassoft Enterprise here

^ back to top

 

Scotts Valley, CA – March 12, 2007 – To help pharmaceutical and life-sciences companies ensure their spreadsheets and databases meet the Food and Drug Administration's (FDA's) stringent compliance regulations, Compassoft Inc, a software leader in the discovery, validation and control of End User Computing (EUC) applications such as spreadsheets, databases and reports, today announced that its entire compliance and auditing product line has successfully completed the SynTegra Software Supplier Process Audit as licensed by the Parenteral Drug Association (PDA). The PDA audit requires that software suppliers to the pharmaceutical and life-sciences industry meet pre-defined standards that also comply with FDA regulations.

The audit was initiated at the request of a major international pharmaceutical company, one of the more than 60 pharmaceutical and clinical research companies that rely on Compassoft to inventory their research data, provide security, real-time logging and audit trails for the thousands of Microsoft Excel spreadsheets and databases containing lab statistics and other research and findings that are stored on desktops and laptops companywide.

"When I first saw Compassoft locate different versions of the same spreadsheets in email and desktop files, identify inconsistencies, show hidden pages and 'a second set of books,' I was impressed," said Microsoft General Manager, Emerging Business Team Cliff Reeves. "Compassoft can analyze data from Excel spreadsheets, Access databases, and relational databases to map dependencies and identify an audit trail. I believe it has an important role to play in any spreadsheet compliance strategy."

Rigorous SynTegra/PDA audits meet requirements for all computer product and service providers within the highly regulated pharmaceutical market Compassoft participates in with its industry-leading Data Compliance System (DaCS(TM)) technology that ensures compliance with Compassoft Completes PDA Software Audit - computerized reporting requirements such as the US Food and Drug Administration's Electronic Records and Electronic Signatures Rule (21 CFR Part 11) and other government regulations. DaCS is now offered as part of Compassoft Enterprise Edition, a computing platform for managing business critical data stored in spreadsheets, databases and reports on servers, desktops and laptops.

With this audit, Compassoft Enterprise has streamlined the process for adoption by all pharmaceutical companies, clinical research and medical device organizations. Today, over 150 public corporations use Compassoft technology for General Auditing, Risk Control, Sarbanes-Oxley or US Electronic Document Regulation 21 CFR Part 11 compliance.

"Pharmaceutical and life-science companies can now use Compassoft's compliance and auditing software to easily discover, validate and control the hundreds -- often thousands -- of spreadsheets containing critical research scattered throughout their distributed computing systems," said Paul Bach, president and CEO of Compassoft. "Spreadsheets have been the Achilles heel of data management because they are not always well documented or tested. Compassoft applies the security, control and logging sophistication used in production databases to the management of spreadsheets."

Reducing Risk Exposure in the Pharmaceutical Industry
The audit was conducted by SynTegra's PDA certified auditor who examined documented evidence of Compassoft's internal processes and procedures for its governance and control software to assure that it is in compliance with the PDA's established Supplier Audit Process Model (TR-32). The audit focused on 10 key areas: Quality System, Project Management, Software Methodology, Testing, Configuration Management, Manufacturing, Documentation & Records Management, Security, Training & Education and Maintenance.

Information on obtaining the complete audit report will be available on SynTegra's Audit Resource Center (ARC) Web site. SynTegra, LLC is a pharmaceutical supply chain and patient safety solutions provider, located at www.syntegrallc.com. In 2005, the PDA selected SynTegra to conduct audits and manage the audit library as a PDA licensee. The ARC library is maintained for pharmaceutical company subscribers who may "check out" audits under circumstances that maintain all appropriate confidentiality.

"The audit will be readily available to ARC subscribers from SynTegra so our customers won't need to conduct costly and time-consuming audits of their own," said Libby Koehn, founder and executive vice president of customer services. "Pharmaceutical and life-sciences companies recognize the importance of audits for both interpreting and meeting FDA guidelines, and we are pleased to offer a product that provides detailed change history while discovering and eliminating errors and other irregularities in Microsoft Excel spreadsheets."

The PDA audit evaluated three of Compassoft's products for use within the pharmaceutical and life sciences industry: Compassoft Enterprise, Compassoft ExChecker, and Compassoft DaCs.

• Compassoft Enterprise(TM) automatically discovers EUC applications across the enterprise, maps dependencies to primary databases, compares iterations of data sources and reports on critical changes (whether intentional and valid or caused by error or fraud) that could lead to misstatements or non-compliance.
• Compassoft's DaCS(TM) adds security, real-time cell-level audit trails, electronic signature control over changes, and electronic authorization and tamper detection to Excel spreadsheets. DaCS is the undisputed market leader for compliance with FDA 21 CFR Part 11 in the Life Science sector and is seeing high demand for Sarbanes-Oxley Section 404 internal control requirements based on its proven compliance track record.
• Compassoft's EXChecker(TM) is an auditing application designed to assist Excel users in the analysis, development and auditing of spreadsheet models. EXChecker's advanced filtering, grouping, and exporting procedures simplify auditing and can be used to dramatically reduce formula and calculation errors within spreadsheets.

About the PDA
The Parenteral Drug Association (www.pda.org), Connecting People, Science and Regulation(SM), is the leading global provider of science, technology, and regulatory information and education for the pharmaceutical and biopharmaceutical community. As a nonprofit organization, PDA is committed to developing scientifically sound, practical technical information and resources to advance science and regulation through the expertise of its more than 10,000 members worldwide.

^ back to top

 

Scotts Valley, CA - November 17, 2005 - Delivering a major coup for companies facing an array of compliance regulations across government agencies, Compassoft Inc, a software leader in automated regulatory compliance initiatives and enterprise risk management (ERM), today announced the acquisition of Wimmer Systems, Inc  (Wimmer's flagship product, Data Compliance System (DaCS), adds robust security, real-time audit trails, electronic signatures, and tamper detection to Microsoft Excel spreadsheets to ensure compliance with computerized reporting requirements such as the US Food and Drug Administration's (FDA's) Electronic Records and Electronic Signatures Rule (21 CFR Part 11) and Section 404 of the SEC's Sarbanes-Oxley Act mandating internal controls.

"A complex information ecosystem exists within all businesses today, but we believe the first line of defense against reporting, budgeting/forecasting errors and fraud is the integrity of data within the spreadsheet," said Compassoft President and CEO Paul Bach. "While Compassoft monitors data and financial applications throughout the entire computing environment from enterprise databases to Crystal Reports, our recent corporate acquisitions of Spreadsheet Auditing Ltd and Wimmer Systems address the critical need for real-time monitoring of spreadsheet controls for regulatory compliance."

Wimmer Systems' DaCS technology is currently employed at more than 60 pharmaceutical and clinical research companies worldwide.  ABB (NYSE: ABB), the leading automation and power technology group (http://www.abb.com), is a major distributor and implementer of the DaCS technology, using it as a key building block in their spreadsheet compliance solutions.

"We are delighted that Compassoft has recognized DaCS as best in class technology for ensuring the integrity of spreadsheet data for Corporate Governance and Life Sciences applications," said John Springell ABB's head of compliance services. "We look forward to working with Compassoft to provide our customers with additional business and compliance benefits."

Marriage of Spreadsheet Technology

DaCS technology will bring deeper spreadsheet capabilities and FDA and Sarbanes-Oxley compliance controls to Compassoft's existing enterprise-wide governance and control software adding more visibility with functionality for real-time logging and spreadsheet change control, ability to rollback changes to an exact moment in time, selective enforced change documentation, cell-by-cell audit trails, electronic signature control over changes, electronic authorization and approval. DaCS strongly complements Compassoft's newly acquired EXChecker spreadsheet auditing application. ( Compassoft acquired Spreadsheet Auditing , maker of EXChecker, in September 2005).  Both DaCS and EXChecker will be integrated into Compassoft's enterprise-class solution.

Customers in the Pharmaceutical Market and a Microsoft Perspective
Representative customers who rely on DaCS technology include Alcon, Allergan, Alpharma, AstraZeneca, Baxter, Bayer, Beckman-Coulter, Bristol Myers Squibb, Eli Lilly, KOS Pharmaceuticals, Medtronic, Pfizer, Schering-Plough, SSL International, and Surface Measurement Systems.

Most companies today use Microsoft Excel spreadsheets due to the ease with which they can create applications through templates and programming. Microsoft's General Manager of .NET Platform Strategy Cliff Reaves commented on Compassoft's ability to collect and analyze metadata from spreadsheets, databases and reporting systems, saying "I don't see this as an easy business to copy." He noted "Compassoft is a breath of fresh air because it deals with today's mess, and shows how to avoid and detect it in the future."

^ back to top

 

Scotts Valley, CA - September 26, 2005 - Compassoft Inc, a software leader in automated Sarbanes-Oxley regulatory compliance initiatives and enterprise risk management (ERM), today announced the acquisition of UK-headquartered Spreadsheet Auditing Ltd, creator of the widely used EXCheckerT, a spreadsheet auditing application that discovers and reduces errors in spreadsheets that could lead to material misstatements in financial reports. The announcement was made at the Sarbanes-Oxley Conference & Exposition in Baltimore, MD where Compassoft is currently exhibiting.

"News stories abound about spreadsheet errors that have caused budget miscalculations, stock prices to drop, CEOs to resign, and the restatement of earnings," said Compassoft CEO Paul Bach. "The integration of EXChecker'sT powerful spreadsheet analysis capabilities into our existing enterprise financial control software enables Compassoft to provide a comprehensive solution for enterprise risk management."

Spreadsheet control deficiencies can be a major contributor to material misstatements. PricewaterhouseCoopers cautions in its landmark report, "The Use of Spreadsheets: Considerations for Section 404 of the Sarbanes-Oxley Act," that "understanding how spreadsheets are used and the adequacy of related controls is a critical part of management's assessment of the effectiveness of its internal control over financial reporting under Section 404."

With this acquisition, Compassoft brings to market the first enterprise-class Sarbanes-Oxley software solution to seamlessly combine auditing and change management control processes for spreadsheets, enterprise databases and Crystal ReportsT within highly-distributed computing environments. Until now, spreadsheet-auditing applications have been available only as stand-alone software products.

First Enterprise-Level Sarbanes-Oxley 302 and 404 Auditing Solution for the Discovery and Control of Spreadsheets, Databases and Crystal ReportsT

"Spreadsheet auditing is a critical, but often-under-performed internal control in the Sarbanes-Oxley compliance process," said Patrick O'Beirne, managing director of Systems Modelling Limited, and chair of the European Spreadsheet Risks Interest Group (EuSpRIG). "Public companies are beginning to recognize the high risk they run as the result of their reliance on spreadsheets that are error-prone and can easily be manipulated to commit fraud."

EXChecker'sT software reveals where spreadsheets are located, their level of complexity, whether or not they contain errors, the connectivity to other financial instruments, and who owns the spreadsheet.

^ back to top

 

Scotts Valley, CA - August 17, 2005 - Compassoft Inc, a technology leader in automated regulatory compliance initiatives, today announced the public Beta release of Compassoft â visibility software, a solution that enables financial and IT departments to achieve sustainable Sarbanes-Oxley compliance.  With this release, corporate financial and IT departments now have a powerful enterprise information asset discovery software that can automatically locate analyze and report on information stored within the entire enterprise-computing environment - from server to desktop.

"Many Sarbanes-Oxley solutions for the compliance process focus on managing and controlling the flow of known information, but Compassoft â addresses the challenging task of discovering information that existing controls are unaware of and therefore not yet monitoring," said Robert Lerner, senior analyst, Data Warehousing and Application Infrastructure, at Current Analysis.  "Compassoft has brought to market a strong tool that not only retrieves financial information from centralized and remote repositories, but maps relationships between key data sources, compares changes to the data over time and analyzes the results."

Compassoft automatically discovers, maps dependent data sources, compares iterations of data sources and reports on critical changes to information assets across all distributed machines in the enterprise. The software complements existing ERP systems and professional consulting organizations by reporting on thousands of spreadsheets, Crystal Reports and databases that reside on desktops or centralized corporate servers.

"This is the missing piece of the technology puzzle in the Sarbanes-Oxley compliance challenge," said Paul Bach, CEO of Compassoft. "Compassoft eliminates the many hours of manual labor that financial and IT departments must otherwise spend to locate and analyze financial information hidden within highly distributed and remote systems such as servers, desktop and laptop computers."

Until now, companies have been forced to rely on extensive interviews with key stakeholders and then sift through the files those employees have been asked to download from their hard drives.  This manual process has proven to be extremely expensive in terms of consulting dollars, and unreliable because it depends on people's memories and cooperation.

The High Cost of Sarbanes-Oxley Compliance
The Financial Executives International (FEI) Committee on Corporate Reporting (CCR) sent a letter to the SEC on April 1, 2005 noting that a March 2005 survey of 217 member companies found they paid an average of $4.3 million for added internal costs and additional fees spent on auditors and other consultants and software associated with complying with Section 404.  The letter noted that companies over $25 billion in revenue spent $14.7 million on average.

Section 404 of the Sarbanes-Oxley Act mandating internal controls for "validity" and "transparency" of data and Section 409 mandating "real-time" material disclosures have created an urgent need for monitoring, analyzing and managing change on the enterprise. Most IT infrastructures are not equipped to handle these real-time requirements.

French Caldwell, Gartner Inc's VP of the Knowledge Management Practice, wrote in a report entitled "New Sarbanes-Oxley Milestone Expands Disclosure Requirements" (August 2004) about the need to extend compliance management to other SOX requirements such as Section 409 whose rules "dramatically expand the types of events that can trigger a need for disclosure." Caldwell noted that companies will need to "expedite the processes used to pull together the supporting documentation that puts the event in context."

Compassoft, with its patented technology, provides visibility and control over highly distributed financial information that is often less visible and therefore not monitored for required compliance statutes by either finance or IT.  Compassoft has designed a dashboard for use by chief financial officers, VPs of Finance, internal and external auditors, directors of compliance and corporate controllers as well as chief technology officers and directors of IT.

^ back to top