Press Release

Brabeion Software's Chief Compliance Strategist to Present at ISACA's 2008 North American CACS Conference

RESTON, VA — April 29, 2008 — Brabeion Software, the leading software provider in IT Governance, Risk and Compliance (IT GRC), today announced that Steve Schlarman, CISM, CISSP and Brabeion's Chief Compliance Strategist, has been selected to speak at the 2008 North America CACS Conference. Schlarman will present "Controls-Based Risk Management: From Auditable Policy to Understanding Risk" on Tuesday, April 29th at 8:30 a.m. (Session #217) in Las Vegas, Nevada at the Rio Suites Resort. This session will outline a unique approach for risk calculation utilizing a component-based method leveraging three unique pieces of information that are missing in many of today's traditional equations – Requirement, Standard and Control. The result is a unique understanding of risks from a compliance and controls perspective, enabling fuller visibility into business impacts and decision-making.

"IT risks come in many shapes and forms. Linking business requirements to internal standards, and ultimately to actionable controls, is one of the proven ways to build an effective IT risk management program. Measuring the risks within the organization then focuses on ensuring prudent controls coverage and proper controls implementations. IT GRC programs that can add quantitative risk measurement along with the traditional qualitative models can go beyond simple compliance testing to provide important data points to help management make difficult business risk decisions," add Schlarman.

Presented by ISACA®, North America CACSSM is well known as the leading conference for IT audit, control, security and governance professionals. Each year it is developed by industry leaders to address the issues and problems faced by today's professional and provides practical solutions. To learn more about the conference go to: www.isaca.org.

About Brabeion Software

Brabeion, the leading software provider in IT Governance, Risk and Compliance (IT GRC), helps organizations demonstrate governance, dramatically reduce risk and improve compliance while lowering costs. Brabeion's Polaris Suite is the first IT GRC solution to trace the full lifecycle of risk and compliance impacts from business and legislative requirements through to policy, implementation procedures and controls with automated audits and assessments. It is powered by comprehensive information risk and audit content developed and maintained by our team of domain experts, through strategic alliances with organizations including PricewaterhouseCoopers LLP, IT Governance Institute and others. Brabeion Polaris puts you in control of your governance, risk and compliance profile at every level and stage of your business process

Brabeion is a member of the Open Compliance and Ethics Group Technology Council, Information Security Forum (ISF), PCI Vendors' Alliance and Oracle's GRC Vendor Alliance. For more information, visit www.brabeion.com.

Press inquiries:
Melanie Elliott, Brabeion Software, tel: +01 703 752 9300; email: melanie.elliott@brabeion.com or Leslie Kesselring, Kesselring Communications, LLC tel: +01 503 358 1012; email leslie@kesselring.net