There have been a number of new releases recently in the GRC space, with SAS upgrading its GRC suite, QUMAS offering document and records compliance in SharePoint, GRC monitoring for social media from SocialLogix, while Symantec adds to its SaaS offering. New research for Bloomberg also shows that enterprises are moving to hosted email for compliance reasons.

SAS Upgrades GRC Suite

SAS (news, site) has upgraded its GRC suite with a number of new features, including one corporate policy repository, a faster one-stop audit system and an updated GRC program view.

The revised policy management capability includes configurable workflows, helping users create and maintain one corporate policy repository. Updated on changes to laws and regulations, the repository saves time previously spent researching regulatory changes and their impact.

The one system for planning and reporting on audits also cuts the time spent on consolidating multiple files and sources. Continuous auditing capabilities enables efficient testing of disparate data.

Auditors can create projects together online to address issues and plans using streamlining capabilities such as task notifications and real-time responses.

The other major upgrade is the 360-degree view of an enteprise's GRC program variables, such as risk, business objectives, controls, issues, loss events, action plans, contracts and policies, with one mouse click. The upgrade was launched at the SAS Global Forum in Las Vegas.

QUMAS Offers SharePoint Compliance

There is also some new compliance monitoring this week from QUMAS, which has launched QUMAS ComplianceSP on SharePoint 2010.

QUMAS ComplianceSP is a document and quality management solution that extends document collaboration capabilities to ensure compliance with FDA CFR 21 Part 11 regulatory requirements.

FDA CFR 21 Part 11 is the Food and Drug Administration (FDA) guidelines on electronic records and electronic signatures in the United States. Part 11 defines the criteria under which electronic records and electronic signatures are considered to be trustworthy.

The results will make SharePoint more attractive to drug companies by providing preconfigured solutions for managing document, processes, people and tasks for regulatory requirements.

With ComplianceSP on SharePoint 2010, QUMAS gives life sciences companies a solution that's easier to manage and use, with compliance management capabilities through a familiar Microsoft interface.

It will also allow QUMAS to offer users the ability to manage documents and records on one platform as well as reduce risk through features such as enforced retention schedules and tagged content.

SocialLogix’s GRC Monitoring for Social Media

For companies that are or want to use social media, this week SocialLogix, which provides GRC in the social media space, has announced the availability of SocialSentry 2.0, enabling companies to monitor employee activity on social networks such as Twitter, LinkedIn and Facebook.

This is not just about making sure that employees are behaving, but also about eliminating corporate risks related to compliance, leakage of sensitive information, HR issues, legal exposure, productivity and brand damage.

Through a new set of analysis and visualization features, SocialSentry 2.0 now enables companies to move beyond monitoring of social media communication for known threats and discover, analyze and gain new insight into the unique risk the conversational nature of social media presents.

The initial release of SocialSentry was designed to address known threats related to compliance, governance and risk as well as protect against the viral nature of social networking threats.

SocialSentry 2.0 adds to this the capability to help organizations identify emerging threats by analyzing the content and context of social media communication.

It also provides the ability to monitor select users or the entire employee base and archive all social media communication for future analysis or e-Discovery. The best part is that SocialSentry 2.0 is a SaaS solution, so well within the budgets of even small companies, while it can also be scaled to larger enterprises.

Enterprises Moving to Hosted Email Compliance

From hosted social media to hosted email, it sems that financial institutions are moving to hosted email compliance and storage services to deal with increasing costs, risks and regulations, according to a study conducted by Forrester (news, site) and commissioned by Bloomberg Vault.

The poll of 187 executives with responsibility for compliance, messaging and legal risk mitigation shows that financial services firms that once relied on in-house software are now moving to hosted solutions.

The cost of meeting new regulatory mandates is a major issue, the study says. More than 60% of the respondents polled say that their shift to cloud-based solutions is driven by the promise of lower total cost of ownership (TCO), faster deployments and easier management than on-site deployments. Half of the financial services firms polled say they plan to use hosted compliance solutions by 2012.

It also shows that financial services companies are struggling with e-Discovery and data privacy -- 55% of respondents describe complying with data privacy laws as challenging, with 75% of the financial services concerned about reputation damage in conjunction with regulatory oversight and investigations. If you want more on this, you can register here

Symantec Expands SaaS Services

Finally, data backup and security provider Symantec (news, site) has announced it has upgraded its portfolio of SaaS services, bringing more of Symantec's technologies to the cloud -- which is already doing well with 42% of Symantec cloud clients deploying four or more of these cloud services.

Symantec clearly intends to keep up the momentum with the new enhancements that include:

  • Automatic Backup: Symantec Backup Exec.cloud will gives simple, online backup and recovery.
  • Simplified Archiving: Symantec will introduce future enhancements to Symantec.cloud email archiving services under the name Symantec Enterprise Vault.cloud in June 2011.
  • Virtualization Backup: Backup Exec 2010 R3 delivers improved backup and deduplication performance in virtualized environments.
  • Archiving for Data Management and Recovery: This will help companies identify what to store, what to delete and when to move older data to secondary systems.

Some of the new services are available now, but there are more that will be coming online in the coming months. Watch this space.