This document discusses the evolving landscape of enterprise compliance solutions. It notes that compliance has become a top priority for companies due to the large number of regulations they must address. While many vendors offer point solutions that focus on specific compliance areas, the document argues that companies need integrated platforms that can manage compliance across the entire enterprise in a consistent manner. It outlines key components that should be included in comprehensive compliance solutions and governance, risk, and compliance programs. Finally, it presents models for how compliance solutions can take a holistic "top-down/bottom-up" approach to better meet enterprises' evolving needs.
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
TripleTree Compliance
1. NEXT GENERATION
COMPLIANCE
BUILDING A PLATFORM APPROACH TO ENTERPRISE
COMPLIANCE AND RISK MANAGEMENT
A TripleTree Industry Analysis
SPOTLIGHT REPORT
WWW.TRIPLE-TREE.COM 952.253.5300
2. TABLE OF CONTENTS
INTRODUCTION 2
THE COMPLIANCE LANDSCAPE –
DEFINING A SECTOR AMID RAPID GROWTH 4
ASSESSING AND MANAGING ENTERPRISE RISK 5
MATURING PLATFORMS 9
CONCLUSION 11
THE TRIPLETREE TEAM 12
TripleTree, LLC
7601 France Avenue South
Suite 150
Minneapolis, MN 55435
t 952.253.5300
f 952.253.5301
www.triple-tree.com
MINNEAPOLIS 952.253.5300 WWW.TRIPLE-TREE.COM Q1 2008 COMPLIANCE PAGE 1
3. INTRODUCTION
Compliance is undoubtedly one of hottest, but perhaps one of the most
misunderstood sectors within enterprise software. The complexity of corporate
governance and a stricter regulatory environment are driving the market for
solutions that help enterprises manage risk, satisfy compliance mandates, and
meet government initiatives.
Though the scope of the term compliance varies from vendor to vendor, TripleTree
views compliance as the broader set of business practices and technologies that
seek to find solutions in the areas of enterprise risk management, corporate
governance, IT governance, and compliance controls management. The vendor
landscape is rapidly expanding as both emerging vendors and global technology
leaders roll out solutions and product road maps for an expanding market.
These solutions are engineered to address a flood of regulatory requirements in
establishing good governance practices and industry standards which are now at
the forefront in the highest levels within most organizations.
This Executive Digest is the first in a series from TripleTree addressing the
evolution of governance, risk and compliance market. At a high level, it assesses
why compliance and risk management needs are top-of-mind for enterprises and
where vendors are creating automated solutions to serve these evolving set of
needs. It will conclude with a viewpoint of how an enterprise-wide compliance
platform and ecosystem will evolve in what is currently a highly fragmented
market.
Looking ahead to future Executive Digest reports, TripleTree’s compliance
research agenda will cover:
• An expanded view on compliance, risk management, and governance
platforms with perspectives on platform approaches to managing compliance
initiatives;
• A review of the various delivery models and deployment scenarios for
compliance solutions ranging from licensed software to SaaS, and hybrid
models to outsourcing; and
• A viewpoint for emerging company CEOs on compliance solutions that will
assess how this sector may mature including areas for cooperation, likely
vendor consolidation and ideas for value maximization.
PAGE 2 Q1 2008 COMPLIANCE WWW.TRIPLE-TREE.COM MINNEAPOLIS 952.253.5300
4. COMPLIANCE MANAGEMENT
Compliance Management is Top-of-Mind for C-Level Executives
Enterprises of all sizes are scrambling to establish compliance solutions to address
the tens of thousands of federal, state, local, and international regulations
ranging from well known mandates such as Sarbanes-Oxley (SOX), Patriot Act,
HIPAA, and NERC in the U.S., to J/SOX in Japan and Basel II in Europe, plus a
number of lesser known compliance arenas like FISMA, PCI and alpha-numeric
combinations like ISO 15489 and SEC 17a-4.
There are simply too many regulations affecting every aspect of an organization’s
business processes and systems to manage them effectively ad-hoc. With billions
of dollars of potentially business-wrecking fines, it is becoming increasingly
clear that compliance initiatives must be addressed through automation and a
comprehensive, repeatable process rather than as a one-off project. A range of
functionality can be included in a comprehensive compliance solution. Based on
TripleTree’s ranking of compliance vendors, a basic list of tech-enabled functions
must minimally include:
• Business Process Modeling
• Controls Automation (both IT & Business/Financial)
• Dashboards
• Document Management
• Financial Reporting Integration
• Policy Management
• Risk Management
• Audit Support
Given the cross functional application and infrastructure technologies that are
impacted by compliance mandates, today’s compliance solutions must link or
collaborate with enterprise content management, business intelligence, business
performance management, and various reporting and analytical applications.
MINNEAPOLIS 952.253.5300 WWW.TRIPLE-TREE.COM Q1 2008 COMPLIANCE PAGE 3
5. THE COMPLIANCE LANDSCAPE
Defining a Sector Amid Rapid Growth
An entire sector of software vendors have emerged to offer solutions engineered
to automate compliance processes and features as previously listed. TripleTree
tracks over 300 such vendors and has only scratched the surface. A few vendors
have designed a platform approach to broad-based compliance issues within the
enterprise, but the majority are best classified as point solution vendors addressing
only particular compliance control areas. Many others have largely stumbled
into the compliance category from adjacent markets such as security, business
intelligence, or content management.
The rise of the point solution vendors began in the late 1990s as enterprises
began to realize that manually addressing regulations through audits and ad-hoc
home-grown tracking applications was simply not cost effective. Largely, many of
these firms have specialized in one or a few regulatory mandates such as Sarbanes-
Oxley and have worked to broaden their solution into other regulatory and
control areas. In addition to these specialists, ‘compliance’ has become a magic
descriptor finding its way into almost every enterprise software vendor’s solution
vernacular and product road map, making it very difficult for enterprises to sort
out an ever growing landscape of providers.
Though no clear consensus exists on the current size of the compliance market,
some analysts peg the sector as a greater than $50 billion opportunity and others see
it as much smaller. The wide range in sizing is indicative of how varied the market
definitions of the space are. Based on scores of TripleTree vendor briefings and end-
user feedback, what is clear is that the definitions of compliance are shifting to
meet economic and legislative demands. As such, the more innovative providers
of compliance solutions are being forced to pivot and hone their market awareness,
strategy, messaging and product development.
• Definitions: Common definitions for compliance areas are absent in our
risk-aware business culture. Compliance is a broad reaching concept that
touches a number of business processes and functional domains within an
organization. Vendor solutions need simplification for interest and adoption
to grow.
• Fragmentation: Many organizations are using numerous compliance solutions
particular to the needs of the CFO, general counsel, chief compliance officer,
CIO, and marketing. With these distinct buyers come misconceptions about
how compliance policies should be mandated and managed.
• Incomplete Solutions: A majority of software vendors claim to have a
complete compliance solution but only address a narrow set of requirements
around specific control points or a handful of regulations.
• Emerging Vendor Leadership: Enterprise platform players and a select group of
innovative ISVs are driving solution definition in the compliance sector. During
the next few quarters, awareness, acceptance and a resulting consolidation in the
sector will occur as global firms fill gaps in their solutions.
PAGE 4 Q1 2008 COMPLIANCE WWW.TRIPLE-TREE.COM MINNEAPOLIS 952.253.5300
6. ASSESSING AND MANAGING ENTERPRISE RISK
Approaching compliance management with consistency across an organization is
challenging. In most organizations, compliance control is not a holistic process
and most issues are addressed at the business unit or product level. The following
is a simplified view of a typical enterprise:
• Human capital management teams must adhere to labor laws
• Finance departments manage various regulations and disclosures as
well as provide means for transparency and independent verification
• Manufacturing teams address product safety and quality requirements
• Legal dictates internal policies while collaborating with external
counsel on litigation issues, discovery, and IP protection
• IT departments focus on security and data privacy
• Marketing departments are managing key customer and billing
information with sales teams, channel partners and customer service.
As a by-product of this fragmentation, information and process silos have
emerged across these departments and the resulting compliance investments will
remain ad-hoc for the foreseeable future. However, compliance solutions that
remain narrowly focused around discreet issues will struggle to become a relevant
compliance platform.
Regulatory Compliance
Regulatory compliance remains a critically important function and a component
of most broad risk management and governance platforms. To properly understand
and manage risk, meet regulatory and corporate requirements, and execute on
governance initiatives, enterprises need a robust and comprehensive application
suite and these suites are beginning to materialize as Governance, Risk and
Compliance (GRC) solutions.
For many compliance vendors, GRC and their component terms (governance,
risk and compliance) are often used interchangeably. However, TripleTree
believes clear distinctions should and must be drawn between the scope and
functionality for solutions that address compliance risk management and
governance automation.
GRC
Compliance management is the label used to describe a holistic compliance
framework which can span an enterprise through transparent and efficient processes.
We narrowly classify GRC as a subsegment of technology solutions within the
broader compliance management framework. Though this naming convention
may seem counterintuitive given that ‘C’ in GRC stands for ‘compliance’, this
nomenclature is used by a majority of leading vendors and industry analyst groups.
While several GRC solutions exist, TripleTree defines a complete GRC program as
one which takes a federated approach integrating compliance control points into
broader, collaborative enterprise-wide schemas. End-users can be easily confused
as vendors use GRC as an umbrella term to describe point based solutions that
treat individual compliance and risk initiatives as compartmentalized silos within
an organization, as opposed to taking a more top-down approach.
MINNEAPOLIS 952.253.5300 WWW.TRIPLE-TREE.COM Q1 2008 COMPLIANCE PAGE 5
7. IT Governance
Through our proprietary research, TripleTree has discovered patterns where IT
Governance (ITG) is transcending pre-defined boundaries into a broader IT
governance, risk and compliance management (IT-GRC) definition. Broadly
speaking, traditional ITG is a framework by which organizations leverage internal
.
IT assets to support and manage governance, risk and compliance initiatives
Understanding the across the enterprise. Inherent in these ITG strategies are how the procedures
Components of GRC and responsibilities which govern risk and compliance integrate with work flows.
While GRC vendors cater to the CEO and CFO, IT Governance solutions have
been deployed as controls designed to resolve pain points of the CIO such as
Governance is the framework data management, portfolio management, performance management and disaster
that defines how corporations are recovery. Vendors are finding that the most effective ITG platforms integrate
managed to achieve corporate technologies which extract value from the IT infrastructure by integrating
previously isolated IT control points into a top-down decision making process.
goals.
Early IT Governance solutions were limited to best-of-breed applications that
helped facilitate Project Portfolio Management (PPM) initiatives and decision
Risk Management is the process making processes surrounding IT investments. By providing tools that helped
of identifying and assessing analyze, prioritize, and make decisions, these solutions created a framework and
enterprise risk within a developed process by which organizational IT goals could be measured and initiatives for
framework to address those risks. value creation discovered.
Though risk management is a
discipline practiced throughout Corporate leaders are now taking a top-down approach for compliance control
across the enterprise and are looking to IT as a critical support for GRC and all
enterprise, it has historically been
enterprise compliance initiatives.
implemented on an ad-hoc basis
to address isolated risk silos.
An Enterprise-Wide View on Compliance Management
Though many vendors currently offer tools that address many compliance control
Compliance Management points, a platform has not yet evolved to adequately address all key elements of
defines how corporations conform enterprise compliance management.
to guideline laws set forth by
governmental agencies or industry An enterprise-wide compliance solution must address both the management
needs that span business and IT. Information management, analytics, financial
standards. It also defines internal
controls, internal audits, eLearning, labor laws and traditional IT governance
policies and best practices.
areas like asset management, security, and content management are inclusive
Compliance technologies have of these needs. A holistic enterprise compliance platform must address both
traditionally been control point the “top-down” business-facing processes and systems and the “bottom-up” IT
solutions which help users conform controls of the organization.
to a set of parameters for a specific
risk or regulation (i.e. Sarbanes- Only by creating an enterprise-wide ecosystem that unifies the decision making
Oxley). These technologies process between GRC, ITG, ERP, BI, and CPM systems can an organization fully
typically implement transparency realize the value of its compliance programs.
measures to assure outsiders that
an organization is compliant.
PAGE 6 Q1 2008 COMPLIANCE WWW.TRIPLE-TREE.COM MINNEAPOLIS 952.253.5300
8. Figure 1: TripleTree’s Compliance Market Map Q-Diagram
Business Risk and Compliance E nvironmental Indus try Specific F inancial
Health & S afety R egulations C ontrols Internal Audit
E thics P rograms
F raud As s es s ment/AMC Strategic
Storage C orporate F ilings
Consulting
Marketing C ompliance Framework
Operational R is k
C ontract Management S hared S ervices
• Auditing / R eporting / Dashboards
R is k Analytics
Archival & IP /Knowledge
Records • Analytics Enterprise
Management
Management • P olicy / P roces s Management
IT Risk
Apps
• W orkflow
Human R es ources
• B est P ractices IT Compliance
t • Legislative / Regulatory
Training C ertification C apacity P lanning
- S ox, B as el II, HIP AA, C OB IT
ERP • Document Management P erformance Management Content
eDis covery • Incident Management
Security Management
• C onsulting / Services
IT S tandards / S OA Us er Activity Monitoring
Data Management/ IL M ID Management &
Database S egregation of Duty
Partners
Dis as ter R ecovery/ C ontinuity S ervic e Management
P roject P ortfolio
P roject P ortfolio R es ource C hange & C onfiguration
As s et R es ource
Management Management
Management Management IT Risk and Compliance
Source: TripleTree
TripleTree has outlined a list of 30 representative control points within an
enterprise risk and compliance management platform.
Control points on the top half of the diagram are functions typically
associated with business risk and compliance management. The bottom
half of the diagram shows IT risk and compliance management control
points.
The Shared Services box in the center tie together compliance within the
business units and the IT elements throughout an organization. These
services help to better integrate governance, risk and compliance decision
processes with other business goals.
MINNEAPOLIS 952.253.5300 WWW.TRIPLE-TREE.COM Q1 2008 COMPLIANCE PAGE 7
9. Figure 2: A “Top-Down/Bottom-Up” Approach to Compliance
Business Risk and Compliance
Foundation Common
Based Engine
Analytics
Frameworks Extensible
(SOA)
IT Risk and Compliance
Source: TripleTree
This “top-down/bottom-up” model is considered a goal for many of today’s
compliance providers as organizations ultimately will want a comprehensive
solution from a trusted vendor. Engineered solutions designed to help an
organization understand and manage its broad compliance initiatives efficiently
will include automated control points for both the business units and IT.
Because enterprise compliance suites are early in their evolution, organizations
must work toward adopting a federated framework by integrating several point
based controls into a unified system. Organizations that apply this federated
approach should seek a pre-integrated multi-vendor solution based on a common
data repository. This will help to maintain a holistic view of business risk and
compliance initiatives that are in line with business processes. Moreover, the
unified data repository will allow organizations to leverage common shared
services and enable executives to make decisions based on a single, consistent
data source as opposed to deciphering multiple disconnected data streams.
PAGE 8 Q1 2008 COMPLIANCE WWW.TRIPLE-TREE.COM MINNEAPOLIS 952.253.5300
10. MATURING PLATFORMS
As stated, the fragmented market for compliance solutions has been comprised of
a narrow set of control points, a limited set of regulations and some foundations
in IT governance. Recent sector consolidation point toward a maturation of
thinking by leading vendors. We predict the evolution of compliance solutions
will be driven by leading enterprise software vendors and specialized compliance
management vendors racing to fulfill enterprise compliance needs as represented
in both halves of our Q-Diagram on page 7. Today’s compliance specialists are
represented by a list of vendors offering both licensed software and SaaS-based
solutions.
• CA • Oracle • Resolver
• Compliance 360 • OpenPages • SAP
• HP • Paisley • Others
• IBM • Protiviti
Vendor comparisons are difficult since sector definitions and actual capabilities
within the compliance stack do not match up. From the list above, each firm
represents some functionality for financial controls, audit automation or regulatory
control. Solution maturity is varied.
Risk Management capabilities also vary widely among vendors. For instance,
one vendor may have strong dashboard and reporting capabilities alerting users
to compliance deficiencies, while another may take a more process-centric
approach focused on deficiency remediation. Yet another vendor may have
engineered strong ties into a business intelligence-centric, corporate performance
management suite for complex analytics.
A few vendors are messaging and delivering around a “top-down/bottom-up”
approach by touching on several areas of business risk and compliance as well
as IT risk and compliance. However, no single vendor (or ecosystem of ISVs)
provides the comprehensive enterprise-wide compliance solution like the one
outlined in our Q-Diagram.
Consolidation - Further Defining the Sector
Not surprisingly, global technology platform vendors like Oracle and SAP are
beginning to push their GRC/compliance message and assemble their respective
platforms. In terms of capability, market reach, and ability to execute, we consider
the global vendors as the group most capable of assembling the functionally for a
holistic enterprise compliance platform.
Oracle’s strategy includes leading with its financial applications, middleware,
content management (Stellent), and recently acquired compliance assets such
as LogicalApps. Ecosystem partners (ISVs and service providers) will become
increasingly important to Oracle as it broadens its compliance definition within
its GRC strategy.
SAP’s GRC strategy is based on the strength of its financial application platform,
MINNEAPOLIS 952.253.5300 WWW.TRIPLE-TREE.COM Q1 2008 COMPLIANCE PAGE 9
11. HCM, and supply chain assets. Newly acquired capabilities from the likes of Versa
also play a significant role. SAP’s pending Business Objects acquisition foretells
of an increasing focus on analytics and intelligence as a broader risk management
strategy.
Figure 3: Representative Compliance Market Activity Consolidation
D ate B uyer Target D escription
Business Risk and Compliance
O ct-07 Wolters Kluwer PwC (TeamMate Software) Audit management & risk assessment
O ct-07 O racle LogicalApps ERP compliance & monitoring software
Sep-07 X erox Advectis Document management & collaboration SaaS
Jun-07 Iron Mountain Accutrac Software Records management & compliance software
Nov-06 Oracle Stellent Content management software
Apr-06 SAP Virsa Systems, Inc. Segregation of duties; SOX compliance
Feb-06 Fujitsu Consulting GIM Risk Management SOX compliance sysetms integration
IT Risk and Compliance
Sep-07 O racle Bridgestream Identity and access management
Dec-06 IBM Consul Risk Management IT & compliance management software
Jul-06 HP Mercury Business Technology Optimization (BTO) software
Jun-05 CA Niku IT management and governance software
As we foreshadow a consolidation trend, a range of potential consolidators come
to mind. In addition to the obvious global enterprise software vendors, firms
in the integrated information management, publishing, and document services
sectors make interesting acquirers. Certain industry-focused vendors and offshore
BPO vendors are also of consideration.
Key Drivers:
• Compliance is a top-of-mind category;
• Global technology leaders in applications and infrastructure are
racing to be seen as having the most extensive compliance
management platform and by extension want to shape the category
and its components;
• While no single vendor can organically build a holistic platform today,
(the “top-down/bottom-up approach”) compliance ecosystems
(e.g. SAP’s recent linkage with Cisco Systems) will begin to emerge and
consolidate in order to address multiple compliance requirements;
• Disruptive delivery models like SaaS and hybrid solutions (SaaS-
enabled BPO) will become more prevalent, just as they have in other
software categories;
• Since no clear sector leader exists, time-to-market is critical. Most
of the global players know that a “buy” strategy is a more definitive
path to market than “build/partner”; and
• Non-traditional players view compliance as a necessary competence
for up-sell and cross-sell revenue growth. 2008 will be a pivotal year
for M&A in the sector.
PAGE 10 Q1 2008 COMPLIANCE WWW.TRIPLE-TREE.COM MINNEAPOLIS 952.253.5300
12. CONCLUSION
The compliance automation category includes many components, such as
compliance control point automation, GRC, IT Governance/IT-GRC, risk
management, and risk analytics. Today, this category is one of the top areas of
enterprise spend.
Though the market is still somewhat undefined, the leading enterprise software
vendors, pure-play ISVs, and several non-traditional players are working to
redefine the category and establish a leadership position.
This leadership position will be defined on a range of capabilities and compliance
solution CEOs must therefore remain constantly aware of the criterion with
which they are being evaluated in the market. Because of its importance to the
C-Suite and the significant addressable market, TripleTree predicts that a host of
players will aggressively pursue a leadership position through internal investment
and acquisition. For these CEOs considering liquidity options, below are a few
key points:
• Market definitions are solidifying now, and over the next six
quarters consolidation will conclude.
• Depending on a number of factors, valuation guidelines for
licensed software or services-centric compliance businesses will be
in the 1-3x revenue range (TTM) with opportunities for premium
value creation.
• For pure-play SaaS businesses, recurring revenue growth will be
a key metric for garnering a premium well in excess of licensed
software businesses.
• Once the initial wave of consolidation has concluded and
enterprise vendors establish their platform strategies, additional
tuck-under deals will occur, but likely at lower valuations.
As an investment bank and strategic advisor, TripleTree is committed to helping
emerging companies understand how to take advantage of trends like those
outlined in this report. Over the next few quarters, our compliance research
agenda and webcasts will further assess the evolving market, where disruption is
likely, and review vendors delivering on their vision. We welcome the opportunity
to learn more about your business and how we can help your team climb to the
next plateau of market leadership.
MINNEAPOLIS 952.253.5300 WWW.TRIPLE-TREE.COM Q1 2008 COMPLIANCE PAGE 11
13. THE TEAM
Kevin Green, Managing Partner
• Co-founded TripleTree, LLC
• 25+ years building and advising IT companies
• Senior executive roles in public and private IT companies; two as CEO
• Active with numerous industry associations, and Board of
Directors, including SIIA and Connextions
• BA and MBA, University of San Diego
David Henderson, Managing Partner
• Co-founded TripleTree, LLC
• 22+ years in venture capital, business development and as a
senior operating executive
• Seven years of public accounting experience at Arthur Andersen
• CEO of a $400 million asset bank holding company
• Active Board of Director on several public and private companies
• BA, Moorhead State University; Certified Public Accountant
Scott Tudor, Managing Partner
• Joined TripleTree in 1998
• Specializes in IT Outsourcing & Managed Services and Healthcare IT
• Worked on more than 30 transactions with leading global companies
such as UnitedHealth Group and Hewlett Packard
• Served as TripleTree’s research chairman
• BA and JD, University of Illinois; MBA, Carlson School
of Management, University of Minnesota
Chris Hoffmann, Senior Principal/Research Director, Technology
• Joined TripleTree in 2005
• 19+ years of experience an operating executive, consultant, and analyst in
the technology industry
• Transaction activity focus in the areas of software and technology
• Former President of Tier1 Research; executive positions at Gartner,
GE Capital Consulting and IBM Global Services
• BA, University of Minnesota-Duluth; advanced studies through
the University of Minnesota and Michigan State University
Brian Klemenhagen, Senior Principal
• Joined TripleTree in 1999 with over ten years of combined investment
banking and Wall Street equity research experience
• Primary engagement manager across technology, software and
outsourcing sectors
• Principal contributor to TripleTree’s SaaS research
• Prior to joining TripleTree was with RBC Dain Rauscher
• BA, Gustavus Adolphus College; MBA, Carlson School of Management,
University of Minnesota
PAGE 12 Q1 2008 COMPLIANCE WWW.TRIPLE-TREE.COM MINNEAPOLIS 952.253.5300
14. THE TEAM
Scott Donahue, Principal
• 15+ years financial strategy analysis and business development consultation
including marketing, operations support, and technical product development
• Expertise in IT operations and services delivery approaches
• Wall Street experience
• Served in management roles at leading IT firms
• BA, University of California - Santa Barbara; MBA, University of Michigan
Scott Prentice, Associate
• Focus on M&A and private placement activity in the technology sector
• Previously worked on M&A activity at Ingenix, a division of
UnitedHealth Group
• Prior experience included technology capital investment at Target
Corporation and as an IT consultant with Computer Science Corporation
• BA, Bethel College; MBA, Carlson School of Management, University
of Minnesota
Michael Boardman, Senior Analyst
• Specializes in research and analysis of industry trends and investment
opportunities within Software and IT Services
• Prior experience includes an internship with Merrill Lynch
• Held a Cisco Certified Networking Associate Degree (CCNA)
• BA, University of Minnesota; BSB, Carlson School of Management,
University of Minnesota
Matthew Flores, Senior Analyst
• Dedicated to research and analysis within Enterprise Software, Telco,
and Wireless
• Research and transaction experience with TripleTree’s Healthcare and
Mobile Wireless Teams
• BA, Bates College
Jeff Kaplan, Senior Advisor
• Advises TripleTree’s technology team
• Founder and Managing Director of THINKstrategies
• Founder of the Software as a Service (SaaS) Showplace® and Managed
Service Showplace®
• Founding member of the SIIA SaaS Executive Council
• Frequent speaker at industry events and contributing columnist for
BusinessWeek, Mass High Tech Journal, Financial Times of London, and
Network World, among many other industry leading publications
MINNEAPOLIS 952.253.5300 WWW.TRIPLE-TREE.COM Q! 2008 COMPLIANCE PAGE 13