Brabeion Software Announces Availability of IT Governance, Risk & Compliance Management Solution for Microsoft System Center Configuration Manager 2007

Microsoft System Center Configuration Manager 2007 Delivers Brabeion "Out of the Box" to Pinpoint Compliance Posture with Major Regulations and IT Control Frameworks

Reston, VA — November 12, 2007 — Brabeion Software, a leader in IT Governance, Risk and Compliance (IT GRC) Management, today announced the availability of its ITGRC solution for Microsoft System Center Configuration Manager 2007. Microsoft System Center Configuration Manager 2007 delivers Brabeion compliance relevant content "out of the box" to give Microsoft customers the ability to pinpoint both where and how they are in or out of compliance with major regulations and IT control frameworks. Brabeion's rich knowledgebase of audit-ready risk and compliance content includes recommended baseline technical controls for the most popular Microsoft enterprise products, mapped to key IT control frameworks (COBIT and ISO 17799) and regulations (EUPDP, FISMA, HIPPA, GLBA and SOX), and integrated within Microsoft System Center Configuration Manager 2007 to provide continuous controls monitoring. Today's announcement is the result of an agreement between the two companies in which Microsoft Corp. is licensing Brabeion's content - and the first deliverable in a strategic relationship in which Brabeion is working closely with Microsoft as an early adopter program participant to create solutions that enhance the regulatory capabilities of future Microsoft System Center offerings.

"Governance, compliance and security risk programs can all be compromised by insufficient controls, exposing companies to audit failures as well as to damage and loss of critical assets. Industry analysts and experts agree that the key to an effective IT GRC management program is adopting a disciplined system for defining, measuring and monitoring IT controls. Brabeion is helping enterprises achieve dramatic returns on their risk and compliance programs, and together with Microsoft we are extending the same efficiencies to Microsoft customers by overcoming the complexities in aligning controls to compliance objectives and ensuring audit readiness," said Julian Waitts, president and chief executive officer for Brabeion. "This announcement is another example of our commitment to become the authoritative leader in IT governance, risk and compliance."

Available starting today, Microsoft customers will receive Brabeion best practice configuration content integrated and viewed within Microsoft System Center Configuration Manager 2007 reporting dashboard to get reports on actual baseline results and to know where and how configurations are mapped to primary regulations. This joint solution improves configuration definition and maintenance; helps ensure systems comply with a defined desired state; and enhances availability, security and performance while streamlining systems compliance efforts. Brabeion content supports Windows XP, Windows 2000 and Windows Vista client operating systems; Windows Server operating systems; SQL Server; Internet Information Services (IIS); and Exchange Server. When used with Barbeion's complete IT Risk and Compliance Management Platform, this solution enables customers to achieve closed loop policy, procedure and controls lifecycle management and to eliminate critical exposures with role-based dashboards, automated risk and compliance assessments, risk scores on assets and comprehensive reporting.

"The desired configuration management capability and knowledge of Microsoft operating systems and applications that we are delivering with System Center Configuration Manager 2007 provide a powerful platform with which customers can better manage configurations across their IT systems," said Eric Berg, director of product management for System Center at Microsoft. "We are excited to be working with Brabeion to both deliver core IT control framework knowledge out of the box with Configuration Manager and enable its IT GRC solution to help our joint customers more effectively monitor compliance to key industry regulations."

About Brabeion Software

Brabeion helps organizations achieve and sustain compliance and optimally manage risks through full policy, procedure and controls lifecycle management powered by comprehensive information risk and audit content developed and maintained by our team of domain experts, in collaboration with strategic partners including PricewaterhouseCoopers LLP, IT Governance Institute, Microsoft Corp, Oracle Corp and others. Brabeion's IT Risk and Compliance Management platform dramatically reduces risk and improves compliance while lowering assessment costs by leveraging the reuse of tests across all audit requirements through integration with assessment technology and manual surveys. Brabeion is a member of the Information Security Forum (ISF). Brabeion solutions are successfully deployed across a wide range of vertical markets including Financial Services, Retail, Energy, Healthcare, and Government. Customers include Chevron, CIT Group, DirecTV and Guardian Life Insurance. For more information, visit  www.brabeion.com.

Press inquiries:
Yo Delmar, Brabeion Software, tel: 866 710 8118; email: yo.delmar@brabeion.com or Leslie Kesselring, Kesselring Communications, LLC tel: 503 358 1012; email leslie@kesselring.net