Compassoft.

Compassoft, a provider of enterprise spreadsheet governance, risk and compliance (GRC) controls, has announced the rollout of Compassoft Enterprise 4.0. The company calls it "the first spreadsheet GRC management solution to offer an extensible and open architecture for sharing distributed risk information in spreadsheets with enterprise risk and performance management systems, including GRC platforms, business intelligence (Bl) tools and enterprise resource planning (ERP) systems."

With this release, Compassoft includes a customizable and highly graphical GRC spreadsheet dashboard that leverages the Scotts Valley, Calif.-based company's business policy-based control framework. For companies that are already using other management systems as part of their GRC strategy, Compassoft's information is also readily available for use in their existing dashboards and portals, and can be directly incorporated into their workflow systems. This quickly exposes control-policy violations within the thousands of spreadsheets and PC databases in the enterprise.

Through Enterprise 4.0, Compassoft provides an unprecedented open spreadsheet control data structure and Web services that allow spreadsheet risk management information to be incorporated into existing management systems dashboards, portals and workflows to support an integrated enterprise risk strategy.

"Spreadsheet risk management is an essential component for any successful enterprise GRC strategy," says Robert Kugel, research director for Financial Performance Management at Ventana Research. "We find that spreadsheets are a blind spot in almost all enterprise GRC efforts. Companies need to ensure that their management systems take into account the information contained in the vast numbers of spreadsheets and PC databases that are on their network, including ones on desktops and laptops."

"Spreadsheet monitoring has been conducted in a separate silo from the rest of the GRC auditing process, and in many cases it is not conducted at all," says Michael Rasmussen, president of Corporate Integrity LLC. "Effective governance, risk and control must be a collaborative process that involves all corporate departments--whether financial, legal, risk or IT--because spreadsheets represent a major area of risk for them all."

Building on Compassoft's "policy-based" spreadsheet control framework, Compassoft Enterprise 4.0 adds policy enforcement to determine if new or changed spreadsheets are being managed effectively. Control violations are flagged and a notification and a review workflow process are initiated to remediate the problem.

Compassoft Enterprise includes out-of-the-box control policies based on real-world deployments. Alternatively, companies can create their own rules to suit their specific business needs.

Web: www.compassoft.com