New Resources Address Risks of Ineffective IT Change Management

Tripwire offers workshop, Webinar, guides, and checklists

PORTLAND, Ore., November 20, 2006 -- Risk, like beauty, is in the eye of the beholder. Yet, as organizations make thousands of IT changes, many are coming to the same conclusion: they need to manage the inherent risks associated with poorly managed IT changes that can impact performance, undermine security and create higher compliance costs. Consequently, management is increasingly looking to put controls in place to detect and correct unauthorized or unintended change in the production environment and develop an efficient, automated audit process to ensure the controls are working as defined and are being enforced. To facilitate auditors and IT working hand in hand to mitigate operational risk caused through IT changes, Tripwire, Inc.® today announced several new resources:

  • IT Change Control Audit Program Guide and Checklist: Developed in collaboration with experienced IT and audit practitioners, this guide offers a comprehensive and practical checklist of how and what to look for when auditing for independent change detection and verification. It provides useful insights for each change control objective and associated risks.

  • Beyond Checklists: A Change Controls Auditing Workshop: This workshop provides attendees with a working knowledge of effective and ineffective change management processes, the means to determine by interviews which classification an IT organization falls into and provides the tools to proactively address any unearthed issues.

  • Building a Business Case for IT Controls Web Seminar: This seminar provides IT and audit with the tools to make a strong business case for IT controls -- not just because they are required to comply with various regulations that impact IT, but because they have also shown return on investment for all IT projects. This web seminar specifically explains which IT controls are necessary to become a high performing IT and security organization.

"IT controls are responsible for an estimated 27 percent of Sarbanes-Oxley material weaknesses -- more than revenue and tax. Lack of change control is one of the top three most-frequent offenders,” said Gene Kim, Tripwire CTO. "As a result, a wide variety of IT and audit professionals are looking for guidance on how to effectively implement change control to help deliver continuous compliance while simultaneously addressing operational risk. In response, Tripwire has developed this series of detailed resources all designed to specifically guide effective change management.”

About Tripwire, Inc.

Tripwire is a leading provider of change auditing software and services. Tripwire solutions enable enterprises to prove that their IT change management controls are effective and their infrastructure is safe. Tripwire software provides proof of regulatory compliance, instills accountability for change, ensures the security of business-critical systems, and increases the overall availability of IT services. For more information visit: