A recurring need today for customers is how EPM can address compliance standards such as Sarbanes-Oxley (SOX). EPM 2007 has strong features that can assist companies meeting such standards. Please note that compliance is typically company specific and one should work with consultant that specialize in such area to figure out what can be used out of the box versus what needs to be customized to meet the requirements.
First I highly recommend reading the following paper published recently: Compliance Features in the 2007 Microsoft Office System
This white paper describes compliance-related features and extensibility opportunities within the 2007 Microsoft Office system that can assist you to meet the demands of regulatory compliance.
Beside all the Office and SharePoint features mentioned in the white paper above that can assist you achieving your compliance requirements, EPM’s can help with the following:
· Budget tracking, helps establish a project budget and it can be controlled using EPM security settings, and it won’t be impacted as actual progress is reported using timesheets.
· Reporting can generate financial reports that will address the financial compliance requirements.
· If the customer uses the Timesheet functionalities, there is an option to audit all changes (Server Settings -> Time and Task Management -> Settings and Defaults -> Auditing)
· Using a combination of the Event Model, the Project Server Interface (PSI), and Windows Workflow Foundation a customer could further customize their EPM deployment to address their specific compliance needs. This feature will require programming skills.