Inxight Software, Inc. announced that it has completed its purchase of the federated search and alert technology product line, formerly called Enterprise Discovery Suite, from Intelliseek, Inc. The product line has been renamed Inxight SmartDiscovery Awareness Server. Inxight SmartDiscovery Awareness Server helps users derive insight and intelligence from hundreds of information sources through a single interface. Alerts automatically inform users of new and updated information. SmartDiscovery Awareness Server is preconfigured out-of-the-box to search and track relevant data from hundreds of online sources, including deep web sources such as patent databases and SEC filings and public web sources such as CNET and MSN Search. Enterprises can also create brokers to new information sources rapidly through a point-and-click interface, extending the searching and alerting capabilities to a wide-range of subscription and enterprise sources. Inxight SmartDiscovery Awareness Server is generally available now.
Today marks the official release of the public draft of the governance, risk management, and compliance (GRC) paper that I have worked on over the past couple months with Ted Frank, of The Compliance Consortium, and others. The writing of the paper was driven by three convictions:
- GRC stands apart: Governance, risk management, and compliance are all of a piece–and they are related to a coherent set of objectives and practices that are fundamentally different from the other things going on in an organization.
- GRC needs high level attention: Governance, risk management, and compliance comprise a set of concerns and objectives that must be dealt with at the board of directors and senior management level.
- GRC is manageable: Even though governance, risk management, and compliance touch thousands of processes and objectives throughout an organization, there really is a small, manageable set of concerns that should inform board and management decision-making.
This last point relates to the “both forest and trees” view that I wrote about in my recent post on XBRL and Compliance. To make GRC manageable we need ways to zoom into the details and zoom back out to the big picture. Said more formally, we need ways to deal with the concept at different levels of abstraction, from fine-grained to chunky. XBRL looks promising in this regard.
One of the key ideas expressed in the paper is that the United States Sentencing Commission guidelines regarding compliance and ethics can serve as a good starting point for identifying the important, board and senior management level GRC objectives. This idea is practically appealing, since following the guidelines can result in a 95% reduction in penalties in the event that, despite a company’s best efforts to prevent it, fraudulent activity takes place. The intent of the paper is to also make this idea appealing at an operational and functional level — we believe that we make the case that concentrating on just seven objectives can get management and board members focused on the right concerns and questions.
If this interests you, take a look at the paper. If you have comments, you can of course add them here — but if you want your comments to get more in the way official consideration, you should also express your views on the Compliance Consortium website.
For Immediate Release:
Document Serves as Foundation for Managing Sarbanes-Oxley and Other Regulatory Mandates
Bluebill Advisors, Inc.
617.497.9443 ext 212
Cambridge, MA, May 16, 2005. The Gilbane Report and The Compliance Consortium, an international membership organization to promote effective governance, risk and compliance management (GRC), has published its operational approach for managing GRC requirements within the enterprise. Applicable to both public and private companies, the framework is designed to assist senior management and boards of directors in setting objectives for managing a wide range of compliance-related activities and instituting the programs needed to attain those objectives. This initial version is a “public draft” and is intended to invite constructive criticism and ultimately to build a broad consensus within the hundreds of companies that have registered as part of The Compliance Consortium Community over the past year. Interested parties may access “Governance, Risk Management, and Compliance: An Operational Approach” at https://gilbane.com/publications/GRC_Operational_Approach_PD1_0_050512.pdf or at www.thecomplianceconsortium.org.
About Bluebill Advisors, The Gilbane Report
Bluebill Advisors, Inc. serves the content management community with publications, conferences and consulting services. The Gilbane Report administers the Content Technology Works program disseminating best practices with partners Software AG (TECdax:SOW), Sun Microsystems (NASDAQ:SUNW), Artesia, Atomz, Astoria, ClearStory (OTCBB:INCC), Context Media, Convera (NASDAQ:CNVR), IBM (NYSE:IBM ), Idiom, Mark Logic, Open Text (NASDAQ:OTEX), Trados, Vasont, and Vignette (NASDAQ:VIGN). www.gilbane.com
About the Compliance Consortium
The Compliance Consortium is an international membership organization designed to promote effective and efficient enterprise governance, risk and compliance management (GRC). Areas of interest include GRC best practices and reference architectures, influencing and contributing to GRC-related industry and computing standards and establishing conferences and other professional events focused on GRC-centric topics. Founding Consortium Members include Axentis, Approva, Corpedia, Hyland Software, Inc., Hyperion, Intuition, Jefferson Wells, Navigant Consulting and The Network. www.thecomplianceconsortium.org
About the Open Compliance and Ethics Group (OCEG)
OCEG is a not-for-profit organization that provides a framework (the OCEG Framework) for integrating governance, compliance, risk management, and integrity into the tangible practice of everyday business, drives adoption of the Framework through a multi-industry, multidisciplinary coalition and provides a community of practice for the exchange of information, tools, benchmarking and feedback for continual improvement of the Framework. www.oceg.org.