This week there is OpenText’s announcement that Metastorm BPM has been given some very serious security certifcation, EMC buys Syncplicity and offers cloud governance, Iron Mountain outlines the problems created by SharePoint and Social Media in records management and BWise moves on from acquisition.

OpenText BPM

The OpenText Process Solutions announced this week that OpenText MBPM 9 (formerly Metastorm BPM) has attained the Common Criteria Certification at Evaluation Assurance Level 4+.

The Common Criteria Certification is an internationally recognized standard defined by the United States National Security Agency (NSA) and other international government agencies for ensuring IT products conform to stringent security requirements.

OpenText MBPM 9 is the first business process management solution to achieve the Common Criteria Certification at this level.

This represents a substantial increase in technology product security and assurance from EAL2 requiring more rigorous testing of the products security functionality and development practices. OpenText MBPM version 7.5 had previously achieved the Common Criteria Certification at EAL2 in October 2008.

The independent certification of OpenText MBPM was conducted by Science Applications International Corp.'s (SAIC) accredited Common Criteria testing lab.

OpenText's business architecture and BPM solutions are already deployed by U.S. government organizations including the U.S. Air Force, Army, Navy, Department of Homeland Security and General Services Administration.

EMC Buys Syncplicity

Also this week, Virginia Backaitis, who is currently at EMCWorld, poses the question, in light of the Syncplicity acquisition, whether an enterprise CMS promises to delight end users and keep the company CEO out of jail at the same time?

It seems like a ridiculous question to ask until you consider the requirements for information governance and compliance that many companies have to adhere to. Once you take all of that in, you’re more likely to walk away with a headache than an answer.

For well over a decade, users of document management systems in regulated environments have been complaining that technology gets in their way while they try to do their jobs.

Those days will soon be over (at least for Documentum users), according to Rick Devenuti, President of EMC’s Information Intelligence Group (IIG). 

Iron Mountain’s RM Compliance Report

Meanwhile, new research from Iron Mountain shows that, despite greater investments in their information management programs, most organizations still struggle with properly implementing those programs and getting employees to comply with them, putting them at risk for information loss, regulatory non-compliance and litigation.

And while an increasing number of companies have one policy for handling paper documents and electronic files, the pervasive growth of new record sources such as Twitter, wikis and collaborative software applications such as Microsoft SharePoint threatens their ability to keep those policies current and compliant.

These are two of the principal findings of the new Compliance Benchmark Report, which examines the information management practices of more than 3,000 organizations -- public, private, government and nonprofit -- providing a state-of-the-industry assessment of how well information is being protected, made available and destroyed.

Last issued in 2010, this recent version of the report shows companies making strides when it comes to adopting one policy for storing and handling both electronic and physical records. We will be looking at it in detail early next week. There will also be a webinar hosted by Iron Mountain on this. 

BWise Collaborates With Moody’s Analytics

Finally, this week, GRC vendor BWise, which was recently acquired by NASDAQ, has announced that it will collaborate with Moody's Analytics to offer the BWise GRC platform in combination with Moody's Analytics' Solvency II Capital Requirement offering.

The collaboration will help insurers seeking a streamlined, comprehensive risk management and governance solution meet new solvency regulations.

This integrated approach offered by Moody's Analytics and BWise will help insurance firms of all sizes take a robust and process-led approach to the management of regulatory compliance and the associated risk exposures within a dedicated and integrated enterprise risk management (ERM) and governance framework.

BWise has optimized its Solvency II offering by enabling insurers to more easily embed a company-wide GRC system. This enables them to document, streamline and monitor GRC processes, a key requirement of Solvency II's Pillar 2. A little bit specific maybe, but it demonstrates what to expect from BWise in the wake of its acquisition.