IPLocks Up Automated Policy Management

IPLocks unveiled a new Sarbanes-Oxley policy-management package this week it says will help IT departments manage Sarbanes-Oxley compliance largely by automating the creation of SOX reports.

IT is beset by government and industry compliance requirements, so any steps vendors take to simplify compliance reporting is welcome. IPLocks's SOX reports are one such tool. Other vendors also provide compliance assistance. AppSecInc, a database security vendor, offers predefined policies and guidelines, for example, to help customers comply with regulations such as SOX and PCI. But customers must take such offerings with a grain of salt: Prepackaged reports may not satisfy internal or external auditors, and the database is only one component of a larger audit environment that includes network and endpoint systems and must span multiple departments--IT, legal, finance, accounting and so on. Any box that truly fits SOX (and other regulations) must be a big one. Andrew Conry-Murray NWC New Products & Business Editor

The vendor's SOX-in-a-Box comes with best-practice reports created in consultation with the Big Four auditing firms that focus on broad controls for IT and more granular controls for accounting databases. The software suite, developed in accordance with the Public Company Accounting Oversight Board (PCAOB) guidelines, gives companies a centralized point-and-click interface they can use to track, analyze, enforce and report on corporate financial database compliance.