MetricStream Tackles Compliance

by Sohini Bagchi    Jan 05, 2006

With the number of compliance regulations increasing annually, Indian CTOs/ CIOs and IT Managers are increasingly looking for compliance solutions to conform with rigorous and stringent compliance norms.

In a revealing chat, Shellye Archambeau, CEO of MetricStream and Shankar Bhaskaran, Head - marketing services, MetricStream India, spoke to CXOtoday about the company’ s new product release and the need for enterprises to seek effective solutions to the recent compliance yardsticks.

“With IT applications automating most business processes in today’s environment, they enable a vast majority of the internal controls within the organization. Hence, it is essential to integrate process-level controls for all key processes into a single environment to enable risk-based internal control assessment,” explained Bhaskaran.

Realizing that companies are moving towards standardizing their compliance solution on an enterprise-class platform rather than multiple point solution, MetricStream has recently come up with its new product release for Sarbanes-Oxley 404 compliance.

“This will provide complete support for definition, assessment and monitoring of IT controls, as well as automation of application level controls,” he said.

With this product launch, MetricStream becomes the first compliance vendor to provide a comprehensive solution that fully integrates IT systems into internal control assessment framework to its customers, informed Archambeau.

He felt that from a CIO’s perspective, the problem was dealing with new regulations and keeping track of the same - using systems to manage them. “Working with the Fortune 1000 companies, we have increasingly realized that most pure play Sox 404 vendors stopped short of addressing process-level IT controls and overall IT controls within their solution set,” he said.

Talking about the benefit of this product to the CTOs, he informed, “MetricStream decided to incorporate full support of definition and testing of process-level application controls, process-level general IT controls, overall IT controls, COBIT framework, as well as automated testing of process-level application controls in its current release. As a result, in one swoop we are addressing the criterion for most Sox 404 solutions in the marketplace.”

In addition, with the new product release, MetricStream will also enable companies to significantly reduce their cost of compliance by providing a framework that defines process-level manual and application controls within a single test, automates the testing of process level application controls and reports the results for the entire test - including manual and application controls, in an integrated manner,” informed Bhaskaran.

Verticalwise, he pointed out BFSI, manufacturing, pharma, biotech, telecom and ITeS as having a greater need for compliance solutions, since they face more regulations that demand compliance and are also part of a global organization that requires adherence to standards to ensure quality products.

As part of a new product initiative, the company is now shipping a library containing over 1500 tests for automating the testing of application level controls within popular ERP systems in key financial processes, he informed.

On the company’s roadmap, Bhaskaran said, “our partnership strategy has helped us bring experience of the Indian market to offer complete solutions. The tie-up with TCS is another step up.”