Oracle today debuted its newly integrated governance, risk and compliance
management suite, giving IT administrators and C-level executives an
opportunity to automate and monitor multiple security projects from one
Monday’s release of Oracle Enterprise Governance, Risk and Compliance
Manager and the latest release of Oracle Enterprise Governance, Risk and
Compliance Controls will give customers a single dashboard and closed-loop
approach to regulate security and compliance rules for everything from
SEC-mandated financial reports to health and safety procedures at the
“Customers are asking us to reach into different risk areas beyond
financial governance,” Chris Leone, group vice president of Oracle’s
(NASDAQ: ORCL) applications development group, told InternetNews.com.
“Executives want more transparency associated with their businesses, be it
IT governance, supply chain or other people-oriented risks.”
Leone said the new application suite will let top executives and business
managers automate the testing of compliance and security controls directly
in the transactional systems.
This is no small consideration — particularly for publicly traded
companies that have to meet governance and control standards established by
regulators at the state, national and international level.
While it’s important to know that the same policies and procedures are in
place to make sure the petty cash drawer is properly managed for that trip
to OfficeMax or for Wednesday morning donuts, it’s the visibility into the
decisions made by employees making multimillion-dollar transactions that
keeps GRC vendors in the green.
IDC is predicting that storage services alone will grow from annual sales
of $31.7 billion last year to roughly $40 billion by 2012.
Novell and Oracle archrival SAP announced in March they would team up to extend their development
partnership to deliver the next generation of integrated governance, risk
and compliance software applications.
CA and IBM are also developing new integrated applications they say
will help bridge the gap between business processes and IT security and
controls, and will give enterprise customers a holistic view of their
internal financial reporting and compliance procedures.
Oracle officials said this latest release will provide greater fraud
detection, while improved business process integrity and performance is
enabled through a business rules engine that programmatically looks for
violations and anomalies in transactions.
It includes new versions of Oracle Enterprise Transaction Controls
Governor (TCG) and Oracle Application Access Controls Governor (AACG). All
of these software components are integrated and run atop the company’s
flagship Fusion middleware software.
The TCG application uses statistical logic to uncover suspect and
out-of-policy transactions, allowing the reduction of false positives.
By spotting anomalies before they incur large losses and limiting
exposure to fraud and wastage, Oracle officials said the GRC suite can
reduce the time and cost from errors and remediation, prevent the escalation
of risk and optimize business performance.
Leone said the giving customers a single system to manage enterprise-wide
risk and compliance initiatives helps reduce the cost of auditing and
governing change management processes on their enterprise controls.
“From the top down through the executive ranks, this gives companies the
visibility they need and the automation drives out a lot of the costs,” he
Article courtesy of InternetNews.com.