NEOHAPSIS, INC. ACQUIRES SECURAC®, CERTUS™ PRODUCTS
Companies combine core competencies to offer integrated GRC solutions and consulting services April 2008	Contact: Maida Kelly Director, Marketing Communications Neohapsis, Inc. (773) 394-8310 MKelly@neohapsis.com

Chicago, IL – April 1, 2008 -- Neohapsis, Inc. today announced the acquisition of Certus™ an industry
leading line of enterprise governance, risk and compliance (GRC) management software for Global 2000
companies.

The acquisition positions Neohapsis at the vanguard of IT GRC—an evolving discipline that unifies an
organization’s critical GRC processes across an integrated technology platform to achieve greater
efficiency, clearer accountability, and greater visibility throughout the enterprise.

By combining the Certus software line with its trusted information security and operations consulting
expertise—as well as the renowned research capabilities of Neohapsis Labs—Neohapsis now offers a
holistic IT GRC approach that’s both tactical and strategic. The result is an unparalleled combination of
technology and consulting expertise that yields measurable business value to organizations.

“In order to effectively exploit IT GRC, organizations must first identify the full range of information and
processes across IT risk domains—security, disaster recovery, etc.—and then map this intelligence into a
unified IT platform,” said Michael Rasmussen, President of Corporate Integrity. LLC. “The end result is a
holistic view of the IT risk landscape that enables sustainability, consistency, transparency and efficiency
through best-practice, replicable processes.

“Vendors who offer expertise in identifying and managing IT risk and security concerns—as well a
central platform from which to manage them—will be increasingly valuable as organizations grapple with
the strategic and operational challenges of implementing a holistic IT GRC program.”

James Mobley, Neohapsis CEO, agrees. “More and more, during our consulting engagements, we are
witnessing clients struggling with the practical aspects of governance, risk management and compliance.
This struggle is magnified as enterprises become more distributed and their risk profiles become
increasingly complex. Too often, they implement technologies and processes in reaction to specific
regulations or security concerns—which results in fragmented ‘solutions’ that ultimately drain enterprise
resources and don’t take advantage of efficiencies.

“With the acquisition of the Certus products, we can now combine our core competencies in IT risk
management consulting with an integrated GRC management platform. This enables our customers to
move beyond discrete protection and compliance solutions to a comprehensive management framework
where risk can be assessed and effectively managed to improve operational resiliency and business
performance.”

“Neohapsis is a leader in IT security research and intelligence,” says Terry Allen, VP of the new
Neohapsis Certus’ Division. “The resonance between Neohapsis’ intellectual and consulting expertise,
and the Certus market-leading enterprise risk management software, translates to remarkable benefit for
our respective customers. Together, we are poised to offer advanced GRC solutions that identify diverse
organizational risks; define best-practice methodologies for governing those risks; and unify this
governance across a single, powerful technology platform that enables greater visibility, and greater
efficiency.”

About Neohapsis, Inc.
Founded in 1997, Neohapsis is a leader in delivering information risk management services and
consulting. At Neohapsis we work with organizations to expertly align their unique risk profiles with a
new breed of managed and professional services and technology designed to manage operational and
technology risks. This holistic approach to information risk management blends security, information
technology, and operations management with an innovative set of services to support availability,
compliance and business agility. To learn more, visit Neohapsis at: http://www.neohapsis.com.

About Certus
The Certus product line provides enterprise Governance, Risk and Compliance (GRC) management
software for such notable industries as: financial services, insurance, technology, energy and consumer
retail throughout North America and the United Kingdom. Certus software provides risk management and
compliance solutions that enable organizations to identify, measure and manage information and physical
risks, as well as to assess compliance with expanding regulatory requirements. It offers solutions that
allow our Fortune 1000 customers to lead the pack by setting best practice standards and solutions.

All products or services referenced herein are the trademarks or service marks of their respective companies or organizations.