The dust is settling after the initial stampede to comply with regulations such as Sarbanes-Oxley, and now enterprises are reaching for tools that automate compliance processes and prevent violations.
To that end, Virsa Systems Inc. recently launched its Confident Compliance software, designed to integrate into ERP systems for real-time monitoring of transactions and correction of problems. In addition, the company launched Version 4.0 of its Continuous Compliance suite for monitoring application access and controlling authorization.
Compliance efforts today are primarily manual and focused on documentation, according to Doug Laird, senior vice-president of marketing at Virsa. As a result, most companies are not truly compliant. “Compliance is a fantasy. Today it is largely a manual exercise, very expensive and driven by truckloads of consultants. It looks to be unsustainable,” Laird said.
Virsa’s approach aims to automate compliance processes by embedding software directly into transactional systems where business processes and financial data reside.
“We are really about automating the compliance process and providing a real-time perspective,” Laird said. “We are seeing a move toward automation, to connect to ERP, supply chain, [and] key business processes, which is what Sarbanes-Oxley is all about.”
Confident Compliance’s role-based dashboards connect to ERP systems at the transaction level, providing a real-time view into business processes that span the enterprise, said Virsa officials.
One benefit of directly connecting to an ERP system: the data does not have to be downloaded and stored externally in order to be monitored and acted upon, the company said. Confident Compliance also taps native ERP services such as data warehousing, data archiving and workflow.
The new 4.0 version of the Continuous Compliance suite adds an automated rule builder, alerts and management dashboards and change tracking in the role management dashboard. Business-software provider SAP AG resells the Compliance Calibrator piece of Virsa’s suite as a core component of SAP’s governance solution.
Virsa customer Kimberly-Clark, a worldwide consumer products company with about 65,000 employees, began implementing compliance controls long before recent legislation mandated it, but the tight restrictions in Sarbanes-Oxley drove the company to seek a more automated tool, according to Jayne Gibbon, team leader of North America security support at Kimberly-Clark.
“Recent regulations brought an even [stronger] need to automate. Previously, we just did internal audits, [which] were very manually intensive with our previous application,” Gibbon said.
Gibbon estimates that Kimberly-Clark saves 40 hours per audit at 120 locations that need to be validated every year under Sarbanes-Oxley.