• Home
• Topics
• Enterprise business intelligence
• Financial reporting and compliance data management
• Sarbanes-Oxley compliance: GRC technology vs. spreadsheets

Sarbanes-Oxley compliance: GRC technology vs. spreadsheets

Requires Free Membership to View

Login



When you register, you'll begin receiving targeted emails from my team of award-winning writers. Our goal is to keep you informed on the hottest data and information management trends today.

Hannah Smalltree, Editorial Director

• E-mail Address: 

By submitting your registration information to SearchDataManagement.com you agree to receive email communications from TechTarget and TechTarget partners. We encourage you to read our Privacy Policy which contains important disclosures about how we collect and use your registration and other information. If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States. Your use of SearchDataManagement.com is governed by our Terms of Use. You may contact us at webmaster@TechTarget.com.

Spreadsheets are a thorn in the flesh of risk and compliance. I have seen organizations with upwards of 40,000 spreadsheets collected for Sarbanes-Oxley, as control questionnaires are sent to nearly everyone in the organization. The questionnaires come back and the compliance team scratches their heads and says Now what? How do we manage and report on this data?

It gets worse . . . auditors can step in and cry 'foul.' It is difficult to provide non-repudiation within spreadsheets in a scalable context. Basically, one can not go back and truly state that "this person answered this compliance (a legal process) on this date and time, and we know this is the original answer and it has not been modified." Spreadsheets do not have this level of authentication, access control and audit trail. There are spreadsheet management solutions that do provide authentication, access controls and audit trails -- but they are cumbersome to use for broad compliance purposes. Plus, there are technologies with integrated content and workflow that can be more easily managed.

GRC technology for Sarbanes-Oxley compliance

To replace spreadsheets I would look towards governance, risk and compliance (GRC) management platforms. Vendors in this space include Axentis, BWise, MEGA, MetricStream, OpenPages, Paisley and QUMAS. These vendors, and many more, have integrated content and workflow technologies to manage GRC assessment processes. They are a much better choice over the use of spreadsheets for Sarbanes-Oxley compliance.

More information about Sarbanes-Oxley compliance

Dig Deeper

This was first published in February 2008

More from Related TechTarget Sites

• Business Analytics
• Data Management UK
• Content Management
• Oracle
• SAP
• SOA
• SQL Server

• Business Analytics

  • On the go the way to go? Answer lies with building mobile BI business case

    According to a recent Gartner survey, mobile technology is the second most important priority for CIOs in 2012, but building the business case is easier said than done.

  • Basic vs. complex: Companies walk the line on analytics best practices

    Businesses looking to build effective business intelligence and analytics programs have to toe the line between focusing on the basics and using new technology to build more complex BI systems.

  • Real estate company refines, expands geographic information system

    Marcus & Millichap shakes off its archaic data cleansing and analytics system for more automated processes, enabling the firm to explore its data on a more granular level.

• DataManagement UK

  • Podcast: How to craft an effective MDM strategy

    In this podcast interview, Andy Hayler gives advice on how to create and implement an MDM strategy that is ruthlessly focused on business value.

  • Jill Dyché: CEO big data focus good news and bad news for IT

    Jill Dyché, a data management expert, sees CEO interest and scepticism as both an opportunity and a threat. Avoid the big data 'gotchas', and don't mistake data warehousing for big data.

  • Infostrada teams up with Roambi, mobile sports analytics at Olympics

    Dutch media sports information provider Infostrada has teamed up with mobile BI company Roambi to create an iPhone and iPad app for the Olympics. It will predict medal counts.

• Content Management

  • Out with old: Effective records management begins with losing useless data

    An effective records management program is one that not only knows what to keep – but which expired data can be removed to save time and money, said consultant Randolph Kahn.

  • Document management system success relies on proper scope

    Document management system success relies on proper planning for the scope and needs of your organization -- not only today, but in the future, says consultant Steve Weissman.

  • Well-planted SharePoint 2010 backup strategy could help save the farm

    A SharePoint farm backup as part of an enterprise SharePoint 2010 backup strategy is simple, but on its own might not be enough. Brien M. Posey points out the other important considerations.

• Oracle

  • Midmarket companies find JD Edwards upgrades a good fit

    At some point, your JD Edwards shop will have to decide whether to switch to a different product, upgrade or stay where you are. Learn what two other organizations did when working through JD Edwards upgrades.

  • Jury issues partial verdict in Oracle vs. Google Java lawsuit

    The jury has issued a partial verdict in the copyright phase of the Oracle vs. Google lawsuit, in which Oracle is claiming that Google violated Java patents and copyright with its Android mobile operating system.

  • Support of Oracle customizations

    Sebastian Grady, president of Oracle third-party support firm Rimini Street, explains how Oracle does not support Oracle software customizations.

• SAP

  • Spinnaker to fight Rimini Street for third-party SAP support market

    It was only a matter of time before SAP third-party support and maintenance provider Rimini Street had some competition from other vendors. That time has come.

  • SAP SapphireNow attendees heading to Orlando looking for answers

    SapphireNow attendees are looking for answers to a long list of questions on issues ranging from mobility to the acquisition of SuccessFactors and SAP’s long-term cloud strategy.

  • Eight stories tell the tale of SAP mobility

    From its growing ecosystem to Sybase Afaria, here is a collection of SearchSAP.com stories that clarify what SAP’s evolving mobile roadmap means for customers.

• SOA

  • App integration advisory: Use ESBs for message routing, translation

    Middleware experts advise that an ESB can help a SOA, but it can be harmful if used in the wrong cases.

  • How will mainframes fare in the face of mobile and Web?

    Heard at IBM Impact: Mainframes mean high-integrity transactions. How does this jibe with mobile apps using ''eventually consistent'' transactions?

  • Is REST remaking SOA? Gateways add features

    Lightweight REST-based SOA is beginning to exist aside established enterprise SOA. Crosscheck’s Mamoon Yunus discusses the trend.

• SQL Server

  • Configuring SSRS the easy way

    Demystify the SQL Server Reporting Services (SSRS) configuration process. Get an overview of this tool and guidelines for how to set up each screen in SSRS from industry professional Roman Rehak.

  • SQL Server Upgrade Advisor, Upgrade Assistant can ease transition pains

    You probably think you’re ready to upgrade to the new release, but you might not be as prepared as you think. Before you upgrade, there are some tools to become familiar with, says Bob Sheldon.

  • ODBC drivers replacing OLE DB? Say what?

    After years of telling SQL Server users to avoid ODBC in favor of OLE DB, Microsoft has suddenly reversed its position and advised going back to ODBC. Why? And what should you do about it?

• About us
• Contact us
• Site index
• Privacy policy
• Advertisers
• Business partners
• Events
• Media kit
• TechTarget corporate site
• Reprints
• Site map