Accenture, Symantec Join Forces to Assist Customers Worldwide With IT Risk Management

NEW YORK; Oct. 10, 2006 – Accenture and Symantec Corp. today announced the establishment of Accenture and Symantec Security Transformation Services, an organization that will build and implement data security solutions for companies grappling with the increasing complexity of managing risk in their IT environment.

Security Transformation Services is a global organization comprised of consultants from Symantec and Accenture dedicated to mitigating security risks in three key areas: compliance, security monitoring and management, and application security.

“We built Security Transformation Services to combine each company’s strengths,” said Greg Hughes, executive vice president, Global Services, Symantec. “We’ll be able to provide customers with a unique mix of talent, knowledge, custom solutions and services to improve their security risk and save them time and money in the process.”

Each company will bring its core capabilities to the new organization. Accenture has broad experience designing and implementing business processes and security solutions for companies around the world. Symantec brings a comprehensive understanding of security technologies, seasoned security advisory services, and a global intelligence network.

“The joint organization brings together the proven capabilities of Accenture and Symantec to provide new solutions that can transform the way our clients manage security and risk in their enterprise,” said Alastair MacWillson, global managing director, Security Services, Accenture. “While today’s announcement is a key part of Accenture’s broader security business strategy, the solutions provided by the joint organization are a critical aspect of that strategy, and will help our clients improve security while at the same time significantly reducing complexity and cost.”

“Enterprises today face a tremendous number of risks that jeopardize their IT environment, compliance, and overall business,” said Chris Christiansen, program vice president, Security Products and Services Group, IDC. “This joint Accenture-Symantec organization addresses these critical areas and includes the knowledge, people, processes, and technology to help customers strengthen their overall risk posture.”

The three key risk areas that this organization plans to address are detailed below.

Compliance Transformation
Accenture and Symantec Compliance Transformation will provide compliance transformation services intended to help clients fulfill internal compliance policies and compliance requirements stemming from regulations such as Sarbanes-Oxley (SOX) and the Health Insurance Portability and Accountability Act (HIPAA). Today many companies collect the data needed to fulfill those requirements manually – a costly, labor-intensive process. The compliance transformation offering will combine the two companies’ understanding of business processes to create an automated system that is sustainable and scalable. A 2006 Global Information Security Survey published by InformationWeek and Accenture showed that compliance regulations drive security policies and practices. Improvements to infrastructure were noted to be brought about by SOX, the EU Protection Directive, and the Bank Secrecy Act.

Security Monitoring and Management
Accenture and Symantec Security Monitoring and Management will offer clients a comprehensive, proven, and repeatable monitored and managed security solution that combines Symantec’s technology, prior experience, and tools, anchored by Accenture’s transformation and program management capabilities.

Comprehensive management and monitoring is critical due to the complexity of today’s IT environment. A typical environment contains numerous, frequently inconsistent, sources of security information that need to be synthesized to develop an overall risk posture. With the security monitoring and management service, the joint organization will help customers conduct baseline operational security assessments and then design and build a security monitoring and management program with the appropriate security controls, staffing, program management, and operational management. Demand for this type of service is increasing due to a number of factors, including the wave of rigorous compliance mandates, ongoing threats to business continuity from disasters and other incidents, and concerns around protecting brand reputation.

Secure Application Development
Accenture and Symantec Application Security Services will help developers build secure applications. Market pressures, increasing complexity, and a lack of generally accepted practices are resulting in applications going to market with inadequate security. Accenture and Symantec Application Security Services plans to provide a complete suite of services that drive the ability to reuse secure code, provide scalability, and enable the development of secure and complete business applications.

The secure application development services are intended to provide a complete software development lifecycle service to help organizations meet regulatory requirements for protecting data and corporate reputation as well as to reduce potential business disruptions caused by exploitation of applications. As the industry witnesses a rise in software-related vulnerabilities, securing business applications has become a priority component in a company’s IT risk management program. In fact, a June 2006 survey conducted by Symantec found that 93 percent of software developers named security as a higher priority than it was just three years ago.

Services from the joint organization will initially be available in North America and Europe. Its services will be made available globally during the coming months.

About Accenture
Accenture is a global management consulting, technology services and outsourcing company. Committed to delivering innovation, Accenture collaborates with its clients to help them become high-performance businesses and governments. With deep industry and business process expertise, broad global resources and a proven track record, Accenture can mobilize the right people, skills, and technologies to help clients improve their performance. With approximately 140,000 people in 48 countries, the company generated net revenues of US$16.65 billion for the fiscal year ended Aug. 31, 2006. Its home page is

About Symantec
Symantec is the world leader in providing solutions to help individuals and enterprises assure the security, availability, and integrity of their information. Headquartered in Cupertino, Calif., Symantec has operations in 40 countries. More information is available at


Ed Trapasso

+1 (917) 452 3555