For immediate release

Active Compliance Integration Now ca smart Certified

IT risk and compliance solution from Active Compliance is now interoperable with CA GRC Manager

ATLANTA, Oct. 28, 2009 — Active Compliance, a leading provider of technology-based solutions for IT risk and compliance, today announced that its Active Compliance Automated Data Acquisition and Management (ADAM) solution has been ca smart certified with CA Governance, Risk and Compliance Manager (CA GRC Manager) from CA, Inc.

ADAM provides automated data collection of information related to the current IT environment components, such as networks, operating systems, routers, firewalls, and applications. This information is based on a set of configurable rules, and is used to help detect if the controls are working properly, and that the IT environment conforms to corporate policy and specific regulatory guidelines.

CA GRC Manager is a unified platform for the management of risk and compliance activities across the enterprise. It helps organizations simplify and automate compliance programs with robust policy management, IT risk management, and control management capabilities. CA GRC Manager uses ADAM’s operational test results to help identify failing controls that impact regulatory and policy compliance. It provides compliance managers and executives (through role-based dashboards) with the information they need to identify areas of risk and non-compliance, so that remediation projects can be initiated quickly. The unified view of IT risk and compliance provided by CA GRC Manager enables managers and executives to have more accurate and timely information relating to IT risk and compliance, resulting in improved business decisions.

Active Compliance ADAM integration has received ca smart certification, which is awarded to products that have been proven to integrate seamlessly with CA’s industry-leading technologies, providing customers with substantial and immediate business benefits.

“The rapidly changing regulatory environment has made what is mostly a manual risk and compliance management testing process extremely costly,” said Tom McHale, VP of product management for CA GRC Manager. “By automating the data collection process and providing the ability to manage compliance centrally, the integrated CA and Active Compliance solution helps control costs and increase the efficiency of managing controls, control testing, issue remediation and compliance reporting.”

“CA GRC Manager is a robust solution for centrally managing and storing corporate policies, improving compliance with those policies and managing the risks associated with non-compliance,” said Dennis Ehle, CEO of Active Compliance. “We are pleased to be able to offer our technology to help CA customers aggressively manage the costs of IT controls monitoring and testing, further extending the value of their CA GRC Manager investment.”

For more information about this integrated CA and Active Compliance solution, visit www.ActiveCompliance.com/ca.

About Active Compliance

Active Compliance provides IT risk and compliance management applications for large IT organizations in highly regulated industries. Our flexible solutions provide the processes and technology to reduce the cost, time and complexity of complying with a wide array of regulatory mandates. By translating today’s multiple regulatory requirements into measurable and testable policies and controls that are specifically relevant to IT, Active Compliance enables IT organizations to increase their compliance rates while reducing the costs and resources needed for compliance measurement, testing, reporting and remediation. To learn more about Active Compliance, visit www.ActiveCompliance.com.

For immediate release

Active Compliance ADAM v4.0 Released

ATLANTA, June 15, 2009 — Active Compliance, a leading provider of technology-based solutions for IT risk and compliance, is pleased to announce the release of version 4.0 of Active Compliance Automated Data Acquisition and Management (ADAM).

ADAM provides automated data collection of information related to the current IT environment components, such as networks, operating systems, routers, firewalls, and applications. This information is based on a set of configurable rules, and is used to help detect if the controls are working properly, and that the IT environment conforms to corporate policy and specific regulatory guidelines.

The 4.0 release of ADAM streamlines the ability for security engineers and developers to customize automated compliance tests and data collection routines through a simple to use drag-and-drop interface. The centralized Data Library coupled with the agent-less Data Collection Module makes deployment of tests and routines quick and cost effective. Automation routines can be scheduled in advance or run continuously at near real time. An open API allows for connectivity to third party applications such as GRC systems or reporting / dash-boarding toolsets.

“Our specialty at Active Compliance is streamlining automation and connectivity,” said Dennis Ehle, CEO of Active Compliance. “With our latest release of ADAM we really took a look at what we could do to make the user experience better. Utilizing some of the latest ajax and web controls we improved the user interface and made it easier to build and deploy automated testing procedures. We are really excited about this new release.”

For more information about Active Compliance solutions, visit www.ActiveCompliance.com

About Active Compliance

Active Compliance provides IT risk and compliance management applications for large IT organizations in highly regulated industries. Our flexible solutions provide the processes and technology to reduce the cost, time and complexity of complying with a wide array of regulatory mandates. By translating today’s multiple regulatory requirements into measurable and testable policies and controls that are specifically relevant to IT, Active Compliance enables IT organizations to increase their compliance rates while reducing the costs and resources needed for compliance measurement, testing, reporting and remediation. To learn more about Active Compliance, visit www.ActiveCompliance.com.