Released on: March 13, 2008, 12:46 am

Press Release Author: Claudiu Popa

Industry: Software

Press Release Summary: Security experts estimate that compliance pressures will
force over 90% of companies to adopt a unified solution to manage information risk
across the enterprise and reduce costs associated with standards and legislation.

Press Release Body: Toronto, March 13 2008 -- Toronto-based Informatica Research has
announced that the vast majority of organizations currently adopting information
risk management, security management, privacy fair information practices and
business continuity planning are implementing overlapping and redundant controls.

Informatica's president, Claudiu Popa is an authority on information risk management
and sees the issue as a problem directly related to de-centralized IT governance and
wrongsourcing: "The security and privacy controls behind many companies' efforts to
comply with standards and legislation are overlapping. We are seeing this only a
third of the time now, but this number will grow to 75% or 80% over the next 12
months. We are seeing a lot of wasted effort in up to 90% of cases, multiple
initiatives implementing similar controls, mounting costs related to monitoring,
testing and remediation. Generally speaking, when executives delegate compliance
responsibilities and in-source complex information risk initiatives, you're going to
have a problem".

Overlapping controls, such as those implemented to support legislative requirements
for PCI DSS, GLBA, Sarbanes-Oxley/Bill 198 and diverse privacy requirements can put
an unbearable burden on IT and operational resources - in over 60% of cases - to the
point where at least one of two situations occurs: productivity and profitability
are impacted at the enterprise level or the effectiveness of the company's security
and privacy activities is reduced because such intense effort is not sustainable.
Many companies compound the problem by wrongsourcing: outsourcing their core
competencies and in-sourcing complex, specialized projects involving information
security and privacy compliance.

Mr. Popa believes that over the next 12 to 18 months, enterprises will turn to
unified compliance solutions for efficiency, effectiveness and cost savings: "We are
seeing a lot of interest and a few groundbreaking projects involving unified
compliance. This makes sense, because we have already done the work of mapping
controls to aggregated compliance requirements, so the incremental cost savings are
phenomenal while the costs of monitoring and enforcement have dropped
proportionally." Informatica offers a Unified Compliance Framework and a Unified
Privacy Framework to streamline information security and information risk management
efforts. This solution looks directly at the underlying key controls that satisfy
compliance requirements and matches them with those that need to be in place for
other structured frameworks, standards and best practices.

Informatica's management consultants, IT experts, information risk professionals are
certified and experienced in the delivery of flawless compliance solutions whose
applicability ensures immediate cost savings along with a scalable framework that
spans the enterprise. Informatica's exceptional Unified Compliance solutions for
information security and privacy are the most advanced solution of its kind and
deliver between 25% and as high as 82% in cost savings over traditional risk
management approaches. The FlexProtect 365T security management framework is the
overarching solution that centralizes efforts, consolidates communications and
risk-related operations while keeping costs low to maximize value delivery through
optimized information risk management.

The core of the unified compliance solution is the process by which business
objectives are derived from the strategic direction that is driven by compliance
requirements. Once key controls are derived, they are matched to Informatica's
proprietary database of policies, procedures and processes to ensure that each one
is acceptable by professional auditors and evidence collection is both sufficient
and adequate to support monitoring requirements. Complete information risk solutions
are available to any organization or government entity but are absolutely critical
for companies that collect and use sensitive client data. Informatica Research shows
that organizations that even partially implement unified compliance, whether for
security or privacy purposes are seeing efficiency gains and cost savings of 25%
within the first 3 months and approaching 50% after 7 months.

FlexProtect 365T Security Management Framework

Informatica Security's FlexProtect 365T is a the evolution of the company's proven
security management suite that encompasses all aspects of information risk, security
and privacy practices, legislative compliance and staff education. Companies regard
FlexProtect 365T as the path of least resistance to traditionally lengthy and
costly efforts towards compliance with such diverse standards as PCI DSS, HIPAA,
PIPEDA, Sarbanes-Oxley and GLBA. IT and security governance, decision support,
incident management, business continuity and disaster recovery, physical and logical
security are all addressed under the FlexProtect 365T umbrella. This cohesive set of
enterprise activities calculated to maximize compliance effort effectiveness,
budgetary efficiency, technical capability and human resource allocation.
FlexProtect 365T is the only solution that combines enterprise capabilities with
Informatica's domain leadership to reliably deliver complete, on-going protection
across the enterprise.

About Informatica Security Corporation

Informatica Security and Privacy is a leading information risk management consulting
firm focused on providing unmatched expertise to enable client organizations to
control and mitigate information security risks, meet compliance challenges,
alleviate the effects of wrongsourcing and adopt proven standards and best practices
for exceptional governance. The firm's FlexSecureT risk assessments and professional
audits, FlexProtectT security management, STORMT (Scalable Techniques for
Operational Risk Management) and WorkLifeT Enterprise Risk Education solutions are
proven best-of-breed solutions that scale to meet the business and compliance
requirements of diverse industries.

For additional information, please contact Informatica at 416-431-9012 or visit
www.SecurityandPrivacy.com and www.InformationSecurityCanada.com.

For Unified Compliance solutions visit:
http://www.informaticasecurity.com/solutions/unified_compliance.html

Informatica Security and Privacy, Informatica Education, Informatica Research, the
Informatica logo, FlexSecureT, FlexProtectT and WorkLifeT, VirtualCSOT and
VirtualCPOT are trademarks or service marks of Informatica Corporation. All
Informatica white papers, proprietary research, Web site content, presentations,
communications, policies and Informatica-branded documentation are Copyright ©
Informatica Corporation and permission must be specifically granted for use by any
party. All other brands or product names are trademarks of their respective
companies, organizations or standards bodies.

For media enquiries and solution requests contact:

Claudiu Popa, CISSP, PMP, CISA
President & CSO, Informatica Corporation
416-431-9012 Info@InformaticaSecurity.com

CO: Informatica Corporation Information Security/Risk Management
ST: Ontario
IN: HTS


Contact:

Claudiu Popa
President & CSO,
Informatica Corporation
Toronto, Ontario,
Canada
416-431-9012
Info@InformaticaSecurity.com
http://www.informaticasecurity.com





Web Site: http://www.informaticasecurity.com

Contact Details: Claudiu Popa
President & CSO,
Informatica Corporation
Toronto, Ontario,
Canada
416-431-9012
Info@InformaticaSecurity.com
http://www.informaticasecurity.com