In addition to CA's release of GRC Manager 2.5, the world of GRC is chock-full of partnerships and inquiries.

FCC Wants Answers From Google

Last week, Google received an inquiry from the U.S. Federal Communications Commission about the company's Voice Internet calling service, following calls for an investigation into whether it violates a prohibition on so-called call-blocking.

The FCC claims that Google is restricting some calls made through the Voice service to rural areas, in an effort to reduce its operating expenses. Obviously, call-blocking is prohibited, the FCC wants Google to answer questions, including how it chooses which calls to restrict, and whether its service should be classified as a "telecommunications service."

Google argues that though they may have blocked some calls made through Voice, the "open Internet" principles espoused by the FCC apply to traditional services provided by telecommunications carriers, but not to Internet-based software applications.

Of course, tell that to the telecommunication carriers, like AT&T, who complained recently to the FCC that Voice is merely a "creatively packaged" traditional telecommunications service, and that Google's call-blocking through Voice violates the principle of network neutrality (oh snap!) -- something that both Google and the FCC have supported.

Novell+SAP=Single Integrated System for GRC

Novell and SAP have announced a partnership to integrate, certify and support their respective security and identity technology and governance, risk and compliance software.

Having partnered since last year, Novell has integrated and certified many of its products to work with SAP, including Novell Compliance Management Platform extension, Novell Identity Manager and Novell Sentinel, which can work with SAP's Business Objects GRC Access Control. By mid-November, Novell hopes to expand the certification to the other two applications in SAP's Business Objects governance, risk and compliance (GRC) suite -- Process Control and Risk Management.

The partnership is one part user provisioning, access control and security event monitoring (Novell), and one part risk and access management, data monitoring, compliance management and reporting (SAP). Together, the two vendors aim to help IT reduce costs and infrastructure by combining access controls and business process controls in a single integrated system.

A New Resource for Enterprise Security

Vircom has announced the launch of a new blog called emailsecuritymatters. Written by in-house security, it offers users to browse through 4 different categories:

  • E-mail Security
  • Best Practices
  • Spam of the Week
  • Industry News

Upcoming posts address e-mail security gateway deployment, social-cyber issues and cloud computing, among others. The blog is just one of the ways Vircom is reaching out to the masses. It already has quite a presence in social media -- with Twitter, Facebook and LinkedIn feeds -- and can be a great resource for those seeking guidance about GRC issues in the enterprise.