Today, enterprises are facing a growing number of compliance regulations that require controls to be in place to mitigate risk across many processes within an organization. Areas that are gaining significant interest today are email and records management. Email is recognized as the de facto mission-critical application driving financial institutions today, where any loss or mismanagement is a potential serious issue.

With government regulations, audit requirements, and potential legal disputes, enterprises need their email systems to be properly archived and searchable so as not to hinder business continuity. Email messages need to be accessible 24/7.

To address these challenges, Microsoft and CA have aligned resources and core technologies to develop a strategy that goes beyond today’s backup and recovery systems to a more robust risk mitigation and compliance solution for today’s enterprise email platforms. According to Greg Haislip, managing director for the banking industry in Microsoft’s Financial Services Group, “Risk management and compliance is a focus area for Microsoft. CA’s solutions demonstrate its ability to integrate on our platforms and address compliance to meet the critical needs of the financial services industry.”

We asked Margaret Brooks, CA’s vice president of Strategic Solutions, to walk us through this collaboration and explain what it means for financial firms.

Margaret, what is the big picture here? What are the biggest challenges financial firms face in coming up with an effective risk management program?

A successful risk management program requires coordination throughout the entire organization. New accountability and transparency goals have spurred corporate management to define corporate policy on risk tolerance, execute risk business practices throughout the enterprise, and improve inefficiencies. But that is not enough. Institutions need to holistically manage risk, which requires them to identify risks, prioritize them, and ensure that there are mitigating controls in place to address potential risk areas. Financial institutions must address compliance risks and controls, but also need to focus increased attention on what is needed to run their business effectively, which requires addressing the following:

• Understanding business risk and mitigating controls;
• Optimizing controls across regulations;
• Automating controls to improve operational efficiency;
• Ensuring continuous monitoring and reporting; and
• Enabling visibility to manage your business.

Fill us in on the strategy. How does CA work with Exchange 2007 to address these risk mitigation needs?

In today’s electronic world, email and electronic records exceed the volume of the paper world (which also needs to be managed properly). Email today is more than just a communication vehicle; it is considered a business record that needs protection and continuity just like the paper records. With new regulations and consumer awareness, electronic records are now in the forefront of protection and need to be managed in consistent, specific ways. There are many regulations as well as business policies and procedures that require controls for email and records so that they are available and readily searchable to respond to audit requests and litigation. CA has solutions to address the risk and controls management as well as the automation of controls for mitigating risk and regulatory action related to email and records management. Working with Microsoft, CA can deliver solutions to address information management, recovery management, and resource management.

What are the specific solutions provided by Microsoft and CA?

The CA Clarity™ Risk and Controls Manager solution provides visibility to enterprise risk and controls to enable more efficient and effective management of risk and compliance. Many CA solutions enable automation of controls. Specifically for email and records management, CA and Microsoft have aligned to deliver solutions that address the controls needed to mitigate these risks. Microsoft platforms such as Windows Storage Server add functionality and robustness to industry-leading Exchange Server while core Microsoft technologies such as Volume Shadow Copy Services, Active Directory, Cluster Services, and One Button Disaster Recovery facilitate delivery of advanced risk mitigation and compliance management. They are optimized for Windows interoperability to help meet broad risk mitigation and compliance goals without expanding the institution’s vendor roster.

MDY FileSurf® delivers enterprise-wide compliance and discovery through advanced records management technology. CA Message Manager is a powerful message archive, discovery, and compliance solution. CA XOsoft™ WANSync™ Suite allows for continuous availability of critical business applications and data. Exchange Server 2007 gives employees anywhere access to communication regardless of the type of device they are using. BrightStor® ARCserve® Backup delivers industry-leading insurance for data. BrightStor® Storage Resource Manager enhances storage effi ciency through centralized monitoring, management, and analysis of storage resources, capacity, allocation, and usage. Windows Storage Server 2003 R2 delivers simple, dependable backup and replication of stored data everywhere from the branch office to the data center.

Finally, in just a few words, sum up the win for financial firms.

Financial services organizations win when they take control of their business by managing risk, improving efficiency, reducing cost, dealing with regulations proactively, and managing critical resources such as email and records properly to ensure compliance as well as continued business operations.