Four vendors this week plan to unveil products that do double duty: help companies monitor operational and system risks, and facilitate compliance with industry mandates such as the Sarbanes-Oxley Act.

Large companies are expected to dole out more money this year than last on IT products to automate key compliance tasks. PricewaterhouseCoopers surveyed executives at 131 U.S.-based multinationals and found most want to improve how they use technology to remain in compliance. In particular, respondents want technical assistance with SOX Section 404, which requires companies to attest to the effectiveness of the internal controls put in place to safeguard systems and processes related to financial reporting.

In the PricewaterhouseCoopers survey, 47% of executives said their company's use of technology in support of Section 404 compliance was "satisfactory - with lots of room for improvement." Just 38% said their company did a "great" or "effective" job with technology, and 10% said their technology efforts require major improvements.

Among all respondents, 75% expected to make significant technology changes in the second year of their SOX Section 404 compliance. Standing by are a slew of vendors with compliance software, including the four that are due to unveil products this week: ArcSight, Axentis, LogicalApps and OpenPages.

ArcSight is unique among these four vendors in that its focus is on security information management. Its flagship ArcSight Enterprise Security Manager (ESM) software collects and analyzes security data from devices such as intrusion-detection systems, firewalls, routers, switches and servers.

The tie-in to SOX compliance is that companies use ArcSight ESM to discover risks, correlate relevant security information and assess vulnerabilities - which are key parts of providing adequate internal controls.

To capitalize on compliance-related IT spending intends, the vendor this week plans to unveil ArcSight Compliance Insight Packages, a new family of products that bundle preconfigured report templates, rules and dashboards to help companies collect and review compliance-related data from log files.

The bigger risk picture

While ArcSight specializes in security log analysis, Axentis, LogicalApps and OpenPages operate in the broader compliance-management market, and each aims to help companies satisfy multiple mandates with a single framework.