Archive for the ‘Approva Events’ Category
Posted on March 11th, 2008 by Priya Ramesh »Permalink
We at Approva just wrapped up our first-ever user group meeting for our Houston-Dallas customers, and I’m pleased to report that it was, by all accounts, both informative and useful for our customers. We gathered at the Houston headquarters of Reliant Energy and kicked things off with a discussion of experiences, lessons learned, challenges and successes with Approva BizRights. The majority of the user group companies run on SAP, so a good bit of the discussion focused on monitoring SAP controls. Some key themes emerged out of the morning session, including how to overcome organizational challenges such as executive buy-in, ownership between IT Security and business users and planning for budgetary and resource allocations as a part of the compliance mandate.
One of the most significant themes I kept hearing at the user’s group – as I have in discussions with customers throughout the past year – is the how crucial executive buy-in is to the ultimate success of compliance efforts. Securing executive support in deploying a company-wide compliance initiative can be quite a challenge, but as several of our customers discussed in their presentations, it’s crucial to accomplishing true ROI from compliance solutions.
One key strategy that seems to have worked well with our customers in winning management support is forming a core group of key stakeholders that regularly communicates to the leadership team about compliance goals/issues (if any) and eventually gets management to become champions of good governance. For example, one of our customer companies has formed an Approva Governance Team comprising management, IT and Internal Audit members that meet regularly to ensure compliance objectives are met across the company. This formal setup — along with executive support — has given the company’s compliance mission a new level of commitment. After all, there is nothing like your C-level members becoming ambassadors of good corporate governance.
We had a wonderful time in Houston, and we’re looking forward to our next trip – and to our upcoming user group events in the Midwest and the west coast.
Tags: Approva Users Group, compliance mandate, BizRights
Posted on February 19th, 2008 by Priya Ramesh »Permalink
Last week, AMR Research vice president and research fellow John Hagerty, along with Dana Hamerschlag, Sr. Director, Product Marketing from Approva presented a webcast on, “What’s your Controls Monitoring IQ?”
John began the Webcast with a discussion of just how far GRC has evolved out of the focus in recent years on increased compliance requirements – and the outlook for 2008 as GRC continues to evolve.
By John’s estimates, companies will be spending upwards of $30 billion on compliance in 2008, a sign that compliance spending continues to grow. As a part of this growth, technology has become a much larger part of how companies are working to address compliance needs, with more than $10 billion expected to be spent on tech-based support for compliance efforts this year.
John has seen a shift in focus from compliance as a standalone to a broader emphasis on risk in the business, and he sees the growth in GRC spending as evidence that organizations have realized that GRC is going to be part of their everyday life. With this realization, companies are looking to automate as much as they possibly can, in order to reduce costs and make GRC efforts repeatable, sustainable and cost-effective.
John’s discussion was followed by Dana Hamerschlag, who spoke about the ways that automation can boost both the efficiency and effectiveness of controls, drilling down into nitty-gritty questions like whether it’s advisable to have weaker SOD rules and more liberal access with strict monitoring, or very buttoned-down access from the beginning.
You’ll have to tune in for her answer, but we’ll go ahead and give away one big takeaway – integrating controls into core business processes is critical to sustaining those business processes.
The entire Webcast is archived here, and we highly recommend it – particularly Dana’s discussion on just how easy it can be to define user access rules and John’s take on the long-term benefits of compliance efforts: streamlined processes, improved quality and security, and improved process management and enforcement.
Tags: controls monitoring, GRC, governance, risk and compliance, John Hagerty,
Posted on October 30th, 2007 by Audit Trail »Permalink
In case you missed it, AMR Research vice president and research fellow John Hagerty, along with Brian Groves, Sr. Director, Product Marketing, and John Martin del Campo, Sr. Project Manager, Audit and Control from Approva recently presented a webcast on addressing the top five audit challenges in Oracle E-Business Suite.
During the webcast, John Hagerty explained that this year’s technology spending on Governance, Risk and Compliance (GRC) related activities is up 12.5% from 2006 – showing that companies are using applied technology to solve Governance, Risk and Compliance (GRC) concerns, while addressing compliance issues. With these technology spends, Hagerty explains that many companies are replacing their current audit-driven compliance projects with automated continuous audit processes that perform comprehensive assessments of their internal controls – and he gave a nice download on how one company is saving $5 million dollars per year through the use of continuous controls monitoring and Governance, Risk and Compliance (GRC) software.
John Hagerty’s discussion on Governance, Risk and Compliance (GRC) market trends was followed by Approva’s Brian Groves and John Martin del Campo identifying the top five audit challenges in Oracle E-Business Suite. Over 90% of our webcast participants said they were interested in improving the quality of their internal controls. This is a clear indication that the demand for independent continuous controls monitoring software is only going to increase in the near horizon. If you missed sharing the Oracle Love Story, you can view the archived webcast here.
Once you watch, we’re interested to hear how you compare to the webcast’s attendees, the vast majority of whom have automated only a small percentage of their internal controls, with a large number of companies still spending between $500,000 and $3 million per year on compliance.
Tags: Governance, Risk & Compliance, Oracle, AMR Research, Approva
Posted on September 21st, 2007 by Audit Trail »Permalink
In need of some love? Then join Approva and John Hagerty, Vice President and Research Fellow at AMR Research next Tuesday, September 25th for a webcast where you will learn how you can reduce compliance costs by implementing an automated controls monitoring program that lowers audit preparation costs and prevents corporate fraud. The webcast will also include: (1) a detailed overview of the top five audit and control challenges that are unique to Oracle E-Business Suite, (2) a demonstration of how Approva’s continuous controls monitoring software can address these challenges and (3) detailed case studies which illustrate the benefits of automating controls monitoring.
Register online today, because everyone could use a little love.
Posted on July 26th, 2007 by Audit Trail »Permalink
In case you didn’t hear, the Center for Audit Quality (CAQ) will be hosting an event at the National Press Club on July 30th to mark the fifth anniversary of SOX. As you well know, we here at Audit Trail are suckers for a good birthday party, so we’ll be there taking in the scenery along with Approva advisory board member Harvey Pitt who is participating in the panel discussion side-by-side with our two favorite guys, Paul Sarbanes and Michael Oxley. It’s sure to be a good time, so we’ll give you all the juicy details as the event unfolds next week.
SOX, Sarbanes and Oxley, birthday, anniversary, Center for Audit Quality, Approva, Harvey Pitt
Posted on July 23rd, 2007 by Audit Trail »Permalink
For those of you who have some spare time on your hands, register for Compliance Week’s latest webcast on Thursday, July 26 at 2:00 p.m. EDT, and join Approva’s own Phil Livingston as he moderates a session providing practical advice on baselining controls for Audit Standard 5.
And for additional pearls of wisdom from Phil, check out Audit Trail’s latest Q&A post where we ask his thoughts on SOX legislation and its effects over the past 5 years.
Tags: Compliance Week, Baselining, Phil Livingston
Posted on July 2nd, 2007 by Ian Glazer »Permalink
Every year Burton Group’s Catalyst Conference is the place to see and be seen if you have anything to do with identity management. This year was no different. Approva was camped out in the Sun Microsystems hospitality suite showing off our integration with Sun Identity Manager. If you missed it, there’s still plenty of time to sign up for our webcast on July 12th that we are putting on in conjunction with Burton and Sun.
Like every Catalyst, the conversations that started in the sessions continued long into the night. Two of these conversations were of particular interest to me. First, I heard from both analyst and end users that user provisioning is really hitting its stride. Companies have deployed the easy stuff, reaped the efficiency gains, seen cost reduction through automation, and now they are hungry for the next thing, the next phase of their user provisioning deployments. The common theme among these companies is wrapping user provisioning and identity management services in business-consumable language. There is a growing movement to stop thinking of identity services, like provisioning, as an IT service and to start thinking of them as business services. Compliant provisioning is at the heart of this. Using business controls not only for auditing but also to guide user provisioning policies represent the next phase of user provisioning. As Trent Henry stressed in his presentation on controls and relationships, companies need to explore ways of reusing their controls systems as the regulatory environment and business changes.
The second conversation of note was around application-centric identity. Lori Rowland has been writing about the convergence of ERP applications and identity services. This starts with HR as the source of truth and moves through ERP systems as the orchestrator of business processes. Having heard Microsoft, Oracle, and SAP talk about their plans and visions on uniting GRC, identity management (IdM), and core business services, I have to wonder: is application identity really the end of the enterprises identity journey? I don’t think it is. Yes, the ERP platform is a major aspect of the business but in the end I don’t believe it will be the major identity service provider in and of itself. As companies outsource more and more of their non-core competencies we are going to see those strategic outsourcing vendors as the real masters of identity. We’ll see a rise of outsourcing companies providing a variety of identity services. Some of those will be driven and offering by the core ERP platform. Some of those services will be woven together by the outsourcer and used as a point of competitive differentiation.
I have to admit that I am little sad that Catalyst is over. Yes, I can definitely use the sleep, but there are few other places where you can go from a panel discussion on identity services to a hallway conversation on camera lenses to a hospitality suite chat on airport “cuisine”, role engineering, and conference giveaways.
I nearly forgot, there was a third “major” conversation this week at Catalyst – the iPhone. My unscientific survey has 15 to 25% of the conference attendees getting iPhones. As for me, I am sorely tempted to get one…
- Ian Glazer
Tags: burtongroupcatalyst07
Posted on June 11th, 2007 by Audit Trail »Permalink
It’s not often that you get a solid cross-functional group together to talk about governance, risk & compliance. Usually conferences are targeted at a single profession like audit, IT or finance. But the annual Compliance Week 2007 Conference, which took place in Washington, DC last week, brings all of these groups together. And while these folks may not be talking your ear off at every backyard BBQ they go to this summer, they sure had a lot to say on the stage and in the hallways last week at the Mayflower Hotel.
If you’ve never been, this event is a “must attend” for C-level execs and Directors focused on compliance and enterprise risk. This year was no exception. We already gave you a peek at what everyone was up to Thursday evening. But the serious business took place across the street in the sessions where attendees were trying to read the tea leaves from the SEC’s John White and Mark Olson, chairman of the PCAOB.
If you’re a Compliance Week subscriber you can read in-depth coverage of all of the sessions over on their website. If not, no worries, the GRC blogs had the event covered. You can get an uncensored view from Francine McKenna over at her blog, re: The Auditors. She has a few gems from some of the major speeches. As well as a nugget or two of what went on outside of the sessions. Meanwhile, over at GRC – The Real World David Schneier worries that the conference gave short shrift to two of the letters that comprise G-R-C.
Finally, Jack Ciesielski at the AAO Weblog takes a more skeptical “I’ll believe it when I see it” approach as to whether AS5 is going to make a dent in audit fees. But he found some unexpected tidbits in PCAOB Chairman Olson’s speech when it comes to Fair Value Accounting.
If you were at the event, we’d be curious what your key takeaways were. Drop us a line or, better yet, leave a comment below.
– Michael Evans, Vice President of Marketing at Approva
Tags: Compliance Week, PCAOB, SEC, GRC, Accounting
Posted on June 8th, 2007 by Audit Trail »Permalink
Last night Approva hosted a cocktail party following the day’s events at the Compliance Week 2007 conference. We were on the deck at Morton’s, in the middle of the District just a few blocks down the road from the White House.
It was the type of night event planners long for — warm (but not too warm), crowded (but not like a keg party), energetic (but not frenetic). The food was delicious and drinks were readily supplied. This “reporter,” had to cover her glass a couple of times because nothing says REGRET like getting drunk in front of Harvey Pitt. Yes, he was there. Mingling with the people, talking some shop and generally just enjoying the night.
I bet you are sorry you missed it, and yes, we missed you. Expect a report on the Compliance Week event next week, and in the meantime, stay cool. (Meteorologists in the DC area are beside themselves with glee— the heat index is above the 100 degree mark. Woo Hoo…summer is here…)
Tags: Approva, Compliance Week, Harvey Pitt
Posted on June 4th, 2007 by Audit Trail »Permalink
For any of you waiting for better reasons to visit DC than historic sights, fine dining, and top-notch museums, we’ve got JUST the thing to bring you here. That’s right, ladies and gents – this week is Compliance Week’s annual conference, here in D.C., and we’d love to see you there. Now you can vacation AND get work done while you do it! Talk about best of both worlds!
You can check out the agenda here – our very own Harvey Pitt is going to be delivering a keynote on ways that boards and management help keep bad things from happening to their good companies.
Tags: Approva, Compliance Week, Harvey Pitt
