Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IDC: 'Users, Do Your Homework'

Sarbanes-Oxley (SOX) compliance is set to be a major cash cow for vendors, but users shouldn't fall for slick marketing when it comes to compliance, warns analyst firm IDC.

Today alone, Trusted Edge, Inc., Solutionary Inc., and Procera Networks Inc. all unveiled offerings designed to take the regulatory strain off data centers (see Trusted Edge, CSG Team on Compliance, ActiveGuard Enforces Compliance, and Procera Unveils Compliance Appliance).

In many respects, it is still early days for SOX compliance. Although the deadline has already kicked in for Americas largest firms, last week the Securities and Exchange Commission (SEC) threw a lifeline to what are known as non-accelerated filers (firms with a market cap of less than $75 million). These businesses must now comply for their first fiscal year ending on or after July 15, 2006, a one-year extension on the previous deadline (see SEC Extends Sarbanes Compliance).

But, with the deadline extension, Kathy Wilhide, director of compliance solutions at IDC, is urging firms to do more than just read labels on technology aimed at SOX compliance. She says enterprises ought to evaluate how a vendor has done with other SOX situations before committing hard dollars. "The value proposition isn't going to come from the vendors, it will come from the real world," she says.

Given that businesses with a $75 million-plus market cap have been working to a much earlier compliance schedule, there should be plenty of opportunity to study the technologies they've deployed.

  • 1