Xybion provides the industry’s most comprehensive GRC platform for cloud- and premise-based deployments
Xybion provides a complete IT Governance software solution as part of its eQCM® XD Quality Management software suite. In today’s challenging technology and business environment, many compliance processes are driven or highly-influenced by IT systems. Such systems, whether QMS, ERP or otherwise, are integral to initiating, recording, approving, and reporting crucial compliance information in accordance to internal and external mandates. The Sarbanes Oxley Act (SOX), mandates that an internal control framework over financial reporting is established and monitored.
IT systems are highly integrated into the various financial reporting processes targeted by this regulation. The SEC’s June 2007 Final Rule for the Commission Guidance Regarding Management’s Report on Internal Control over Financial Reporting, underscored the importance of the influence of IT controls and governance stating “while IT general controls alone ordinarily do not adequately address financial reporting risks, the proper and consistent operation of automated controls or IT functionality often depends upon effective IT general controls. The identification of risks and controls within IT should not be a separate evaluation. Instead, it should be an integral part of management’s top-down, risk-based approach to identifying risks and controls and in determining evidential matter necessary to support the (control) assessment”.
In response to these regulations, various organizations and bodies have released guidance such as ITGI’s IT Control Objectives for Sarbanes-Oxley, and Control Objectives for Information and related Technology (COBIT). In addition, the IT Infrastructure Library (ITIL) provides a framework to allow organizations to meet corporate governance obligations, monitor and reduce IT spending, and manage assets more effectively.