PHEONIX, AZ – May 7, 2008 – Technology solution providers have joined together for the first time to focus on the next generation architecture for Governance, Risk and Compliance (GRC) Technology – and to agree on a common language to describe architectural components. At an open meeting of the OCEG Technology Council in San Francisco last week, representatives from more than 30 companies and key organizations including Microsoft, SAP, ISACA and Deloitte Consulting met to advance the development of an integrated GRC Blueprintâ„¢ that will define the categories and hierarchy of technologies that support GRC.

“I am thrilled that OCEG is undertaking this difficult but critical work,” says Paul Liebman, Assistant General Counsel and Director of Compliance at Temple Inland. “I have vendors calling me all of the time to pitch GRC solutions and without a standard taxonomy to describe what I’m looking at, it has been difficult to compare and contrast solutions. This blueprint will help us to figure out what we need, what we can do without, and how to optimize the use of what we already have.”

“I’ve been covering the GRC technology marketplace as an analyst for over 5 years,” said Michael Rasmussen, former head of Forrester’s GRC research unit and the current President of Corporate Integrity and special advisor to the OCEG Technology Council. “The progress made by this group in one day leap-frogged prior efforts and discussions to agree on common terms.”

The GRC Blueprintâ„¢ is a comprehensive enterprise software information and services architecture that is a core program of the OCEG Technology Council. The Blueprint helps GRC executives and managers understand the core functionality and applications that comprise a GRC technology backbone. It also assists solution providers by improving their GRC product descriptions and designs for the market.

The OCEG Technology Council is also defining the GRC-XML specifications which will allow GRC technology components to exchange information and integrate with existing business applications.

“Many of our members have expressed confusion when researching solutions to enable their governance, risk management, compliance and internal control programs,” said Scott Mitchell, CEO and Chairman of OCEG. “OCEG is delighted with the level of engagement and the resulting insight on the GRC technology market driven by today’s participants. We look forward to continuing this level of interaction with our members in mapping the GRC Technology realm and identifying critical components for the user community. We welcome all interested representatives from the software, services, information content, and end-user communities to participate in our Technology Council and join us as we expand the market’s understanding of the value of technology in the GRC process.”

About the OCEG Technology Council and how to participate

OCEG’s Technology Council was formed to address the strategic, operational and technical issues that professionals face when applying information technology (IT) to governance, risk, compliance (GRC) and ethics management and when applying GRC to IT Participation in the OCEG Technology Council program is available to all OCEG enterprise members from both the end-user and the GRC solution provider communities. For more information on how to get involved in the GRC Technology Blueprint and XML projects and other work of the Technology Council, contact Lane Leskela, OCEG’s Vice President of Technology Programs.

About OCEG

OCEG is the only nonprofit organization that offers comprehensive guidance, standards, benchmarks and tools for integrating governance, risk and compliance (GRC) processes. With over 13,000 members in more than 40 countries, OCEG’s unique structure allows members in our online community to share information about aligning overall company performance with GRC objectives. For more information on how to join OCEG visit www.oceg.org or contact Avi Fichman, OCEG’s EVP of Development and Operations.

OCEG Technology Council Members

ACL Services Ltd.

Aon Inc.

Approva Corporation

Archer Daniels Midland (NYSE: ADM)

Axentis, Inc.

Baker Hughes Inc.

BPS, Inc.

Brabeion Software Corporation

BWise B.V.

CA (NASDAQ: CA)

Compliance Spectrum

Corporate Integrity LLC

Dell Inc. (NASDAQ: DELL)

Deloitte

Ernst & Young LLP

EthicsPoint, Inc.

Gevity HR, Inc. (NASDAQ: GVHR)

Global Compliance Services, Inc.

Grant Thornton LLP

LRN

MENTISoftware

MetricStream Inc.

Microsoft Corporation (NASDAQ: MSFT)

Mitratech Holdings, Inc.

Open Applications Group

OpenPages, Inc.

Oracle Corporation (NASDAQ: ORCL)

Paisley

PETCO Animal Supplies, Inc.

PriceWaterhouseCoopers LLP

Ramco Systems

SAP AG (NASDAQ: SAP)

Sun Microsystems, Inc. (NASDAQ: JAVA)

Unified Compliance

OCEG Leadership Council

Aon Inc.

Approva Corporation

Archer Daniels Midland (NYSE: ADM)

Axentis, Inc.

Baker Hughes Inc.

Brightline Compliance, LLC

CA (NASDAQ: CA)

Cisco Systems Inc. (NASDAQ: CSCO)

Compliance Initiatives LLC

Corporate Integrity LLC

Dell Inc. (NASDAQ: DELL)

Deloitte

Dow Chemical Company (NYSE: DOW)

Ernst & Young LLP

EthicsPoint, Inc.

Freddie Mac

Gevity HR, Inc. (NASDAQ: GVHR)

Global Compliance Services, Inc.

Grant Thornton LLP

Interactive Alchemy

Kraft Foods Inc. (NYSE: KFT)

Levick Strategic Communications

Littler Mendelson P.C.

LRN

Marsh & McLennan Companies (NYSE: MMC)

MetricStream Inc.

Microsoft Corporation (NASDAQ: MSFT)

OpenPages, Inc.

Oracle Corporation (NASDAQ: ORCL)

Paisley

PETCO Animal Supplies, Inc.

PriceWaterhouseCoopers LLP

Qwest Communications International Inc. (NYSE: Q)

SAP AG (NASDAQ: SAP)

Staples, Inc. (NASDAQ: SPLS)

Sun Microsystems, Inc. (NASDAQ: JAVA)

Temple-Inland Inc. (NYSE: TIN)

Toyota Motor Corporation (NYSE: TM)

UHY Advisors, Inc.

Unilever N.V. (NYSE: UL)

Ventura Foods, LLC

Wal-Mart Stores, Inc. (NYSE: WMT)

Xplane Corporation