Press Release

For Immediate Release


Product Offering Eliminates Costly Data Collection Efforts for Compliance Reporting

Learn How to Ensure Your Company Doesn't Fall Victim

Portsmouth, NH and Austin, TX – March 31, 2008 – Ecora, a leader in configuration auditing and compliance reporting solutions, and Compliance Spectrum, an innovator in governance, risk-management and compliance (GRC) solutions that lower the cost of IT compliance while reducing business risk and ensuring the integrity and accuracy of compliance information, today announced a partnership to combine comprehensive GRC and compliance risk management with comprehensive configuration auditing and automated evidentiary reporting. Through this integration, customers create a true compliance system of record where objectives and controls are backed up by detailed configuration reports that reflect actual configuration of the complete IT infrastructure from network and OS through applications.

"With this partnership, our customers are one step closer to automating the GRC lifecycle," says Chrisan Herrod, VP of Business Development of Compliance Spectrum. "Our compliance management solution, Spectra, automates the tasks of collecting and mapping to compliance controls the evidence required to prove IT compliance. Our customers save time and money required to achieve compliance -- and reduce the risk of non-compliance. Integrating with Ecora lets our customers automate the process associated with auditing the configuration of their in-place servers and generating the evidentiary data necessary to prove IT compliance to their auditors."

The combined solution enables customers to coordinate their compliance management processes from a customized Compliance Map™ within Spectra™ that links all applicable compliance objectives and controls against best practices frameworks. Customers can easily retrieve, store, and link to compliance regulations the wealth of IT configuration auditing evidence provided by Ecora's Auditor Professional.

"Customers look to us for the most comprehensive configuration auditing and compliance reporting solutions on the market", says John Walsh, SVP Engineering of Ecora. "Automating the process of evidentiary reporting within the GRC space was a natural fit for us and Compliance Spectrum provides customers with a compelling solution for streamlining the compliance process and reducing risk. By eliminating the complexity of configuration auditing and evidentiary reporting, customers shift the burden of compliance reporting away from skilled staff, enabling them to focus on higher value tasks, and empowering compliance officers with timely configuration data in an automated fashion."

"The business requires that technology bring sustainability, consistency, transparency, and efficiency to business GRC functions," wrote Marc Othersen, Senior Analyst with Forrester Research along with Principal Analyst Khalid Kark and Analyst Chris McClean in the December 2007 report Enterprise GRC Versus IT GRC. "As a functional area itself, IT has to manage a complex web of GRC demands. IT has to stay aligned with business objectives and strategy, synchronize with enterprise GRC, and maintain its compliance obligations. While the business is demanding that IT help it achieve its goals, IT also needs to manage its own aspects of GRC, including IT controls, privacy, information security, records management, and business continuity."

The report continued, "As technology becomes a ubiquitous part of business today, many organizations are looking to their CIOs to not only lead the IT GRC strategy but be an integral part of the enterprise GRC activities by providing the infrastructure and application support to automate their GRC programs."

Both companies will be previewing the solution at RSA Conference 2008 in San Francisco, April 7-11.

The solution will be generally available with the release of Spectra 3.0 scheduled for the second quarter of 2008. Customers can deploy Auditor Professional or Spectra today and all frameworks, data and reports will integrate seamlessly when the full solution launches.

About Ecora Software

Ecora Software is the market-proven leader for Configuration Auditing and Compliance Reporting solutions that allow a proactive view of the IT infrastructure and deliver actionable evidence ensuring critical business services remain operationally effective, secure, and compliant with internal standards and external regulations. Auditor Professional™ offers immediate value with its agentless architecture matched with rich report templates and pre-defined policies providing the foundation for effective change and configuration management. Please visit us at

About Compliance Spectrum

Compliance Spectrum offers commercial IT governance, risk and compliance software solutions that empower highly regulated and complex organizations to address the complete lifecycle of compliance. Compliance Spectrum's flagship product, Spectra, provides an automation framework that streamlines the compliance process, lowering the cost of compliance while reducing the business risk of noncompliance. Compliance Spectrum has won numerous industry awards for its first generation product, Command Center. The company is headquartered in Austin Texas with offices in Houston, San Diego, Fairfax Va., and London England. For more information, visit

The terms Compliance Spectrum, Spectra and Compliance Map are trademarks of Compliance Spectrum