Archive for the ‘Approva News’ Category
Posted on September 30th, 2008 by Steve Elliott »Permalink
We are very proud to be officially launching Certification Manager, which automates the end-to-end process for reviewing existing controls across ERP systems and other sensitive applications. We designed Certification Manager to make periodic reviews of controls a straightforward exercise by automating the review and approval process for all key controls and providing an audit trail that serves as evidence for external auditors.
Certification Manager leverages Microsoft technology to make the product truly extensible and generic – unlike other products in the marketplace – so that it can be used for everything from identifying and managing user access roles to evaluating access to network drives, no matter the ERP system or business function. Because Certification Manager’s embedded Windows Workflow foundation provides a great variety of configurable options for customers, enabling them to customize their own sophisticated routings and scenarios simply by building on an existing foundation – no coding is required. Because of this extensibility, customers will not only be able to certify role assignments, rule book ownership, exclusions, connections, active directory assignments and the like, but they can certify any business process they desire using the process wizard.
On the database side, we’ve incorporated SQL Server Integration Services that enable users to easily extract data, providing robust data-control and data-handling. This too is highly extensible, so that it can be scaled and customized within the User Interface, without the need to write code or hire consultants.
And then there’s the feature that’s got our beta customers giving rave reviews – Certification Manager’s full integration with Approva BizRights. Where other certification products provide only basic information about which user has which access, Certification Manager provides data that helps users make decisions on roles from within the system, based on the information it extracts from our controls and risk systems. So instead of static data on who has access to what, Certification Manger provides visibility about user access along with information on when and how specific individuals have used their access in the past and what other risks exist in the environment. With this additional information, users can manage role assignments during the certification process, something no one else is able to offer.
So far, the reactions from customers have been very positive – even more than we’d anticipated, in fact. The time savings that Certification Manager users are enjoying now that they’re spared manual certifications are real and impressive – and the ROI in terms of saved bandwidth and other resources is clear. One of our beta customers projects that they will save weeks of valuable personnel time by implementing Certification Manager and be able to perform their periodic audits more frequently and for more systems than before.
The release of Certification Manager is also a significant milestone in Approva’s software development lifecycle. Thanks to earlier investments in a reusable platform that works across our products, we were able to keep the development cycle on this project to less than 4 months – a testament not only to the platform, but to our remarkable team.
But that’s enough from me. You’ll be hearing more this week about the pain points that Certification Manager can help solve, and in the meantime, you can read the official announcement on Approva’s Certification Manager here. You’re also invited to join this afternoon’s webcast on Certification Manager, taking place at 1 PM EST.
Tags: Certification Manager, Approva, user access
Posted on March 4th, 2008 by Steve Elliott »Permalink
We couldn’t be more excited about the new release of 4.0. Everyone is able to see the new features and to experience the significant performance improvements, but even more exciting to me is what customers may not see at first glance. The 4.0 release involved key changes to the core BizRights architecture that paved the way for a more extensible platform for all types of controls monitoring. The further development of a service oriented architecture and the expansion of our studios enable customers to reduce their time to value significantly.
Our goal is to make the automation of controls monitoring easier and easier with each release. Each iteration of BizRights adds depth to our ability to test across multiple applications, multiple controls and multiple regulations. Approva provided the ability to seamlessly extend to any system using wizard based studios (no coding required) in our 3.5 release, which is something our competitors are still unable to do. With 4.0, we have made the whole experience more intuitive, and our competitors have nothing even in the same area code.
BizRights 4.0 is also the first release to feature our newly embedded patent-pending PredictX™ technology, which enables companies to independently and intelligently validate and monitor the effectiveness of their controls.
PredictX technology advances Approva’s ability to detect fraud and to correlate events to a whole new level. Imagine a situation where the BizRights controls intelligence platform detects a change in application configuration settings such as a three-way match flag that ensures purchase orders, invoices and goods receipt records are consistent. PredictX technology alerts relevant business stakeholders while monitoring all of the impacted transactions to ensure that no control violations occur. The BizRights Platform correlates this chain of events and notifies the controller that this operational control has been compromised and that there is now a heightened risk of fraud. Finally true controls intelligence is tangible and real.
But don’t take my word for it. Borrowing from the press release on 4.0, here’s what some of our customers had to say about their experience as beta testers:
· “As a beta customer for BizRights version 4.0, we had first-hand experience with the huge improvements Approva has made in terms of scaling up the analysis engine. We have seen significant reductions in the time required to extract and analyze our controls information,” said Bob Delbango, commercial business analyst, Siemens Power Generation.
· “Approva BizRights version 4.0 has allowed us to extract and analyze our ERP controls in significantly less time,” said Brian Bosak, senior SAP security consultant with one of the world’s largest telecommunications solutions provider and a Global Fortune 500 company. “We should be able to easily implement the new version to monitor our enterprise-wide SAP deployment. Approva continues to deliver controls solutions that not only help us meet our compliance requirements but also enable us to better manage risk and optimize controls across the company.”
The roadmap for 2008 is quite aggressive and introduces not only multiple new insights but also will introduce a new user experience across all products. Think iPhone elegance and simplicity for compliance with the most robust algorithms in the space under the hood, and you will be well on your way to visualizing our 5.0 release. Not only will 5.0 introduce elements of web 3.0 but the level of personalization and information channeling for end users will reach new and exciting crescendos. In addition, we are increasing our development velocity in 2008 and we have several off road map surprises that we plan to keep secret until they are ready to release.
This year is truly shaping up to be a game changer on the product side of the house. I would hate to be the other guy.
Tags: BizRights, controls intelligence, PredictX
Posted on January 21st, 2008 by Steve Elliott »Permalink
I’m extremely pleased to report that Approva concluded another successful year. Over the past two quarters, the company has doubled its revenue, while increasing its market share and adding new customers – including marquee names like Comcast, First Advantage, Komatsu and AECOM among others.
We accomplished these goals while facing tremendous direct competitive pressure and fast changing market dynamics. I would like to thank my team for all of its hard work. They have enabled us to run a profitable, sustainable business – reinforcing our leadership position in the high-growth GRC market place. We’re proud of the success we had last year and our ability to demonstrate immense value to our customers, partners and shareholders.
This past year saw many important developments at Approva, from expanding our use among Big 4 audit firms to expanding into the federal compliance space to increased investment in new products and a good deal of flattering industry awards and recognitions. (Please read the detailed press release for more on Approva’s accomplishments in 2007).
Reflecting on what 2007 meant for our industry, one thing that of course stands out is the strong consolidation trend that we’ve witnessed. The industry’s larger players continue acquiring businesses with more specialized offerings. 2007 also witnessed tremendous innovation from the smaller, more agile players in the market, and I’m equally sure that that trend will continue as well. We have had – and will continue to have – a good bit to say about all of this, frequently via our award-winning blog, Audit Trail. For our take on it, I’ll refer you to our own Ian Glazer, along with Lori Rowland of the Burton Group.
I am struck by the energy and resources that so many companies spent in re-evaluating, re-thinking and re-prioritizing their compliance mandate in 2007. From the SEC’s revisions of SOX Section 404 to the PCAOB’s release of AS5 guidelines, 2007 saw important shifts in the way businesses approach compliance specifically and GRC more broadly. I feel confident that 2008 will be a continuation of this trend – and that companies without a clear GRC strategy are going to spend money without a tangible return on their investments.
As we look toward the future, my management team and I couldn’t be more excited about the year ahead and the opportunity to shape the industry.
Happy New Year.
— PV Boccasam, CEO, Approva
Tags: PV Boccasam, Approva, Governance, Risk and Compliance, GRC
Posted on July 12th, 2007 by Michael Evans »Permalink
A week into our SOX 5th Anniversary Celebration, we thought we would take a break from the celebrations and focus on more serious matters – namely, the opinions of over 245 public company executives who responded to Approva’s Compliance Survey: Sarbanes-Oxley Five Years Later.
Despite widespread media coverage that public companies are begging for a reprieve from SOX, Approva’s survey found that 83 percent believe the Sarbanes-Oxley Act has had an overall positive impact on their companies. And 63 percent believe SOX has been successful in preventing corporate fraud. Seventy percent of respondents believe that investments in SOX compliance will provide benefits beyond compliance alone. Now, that is some serious ROI.
What other interesting statistics emerged from the survey? Check out the complete survey findings.
Don’t forget to post your comments on the survey findings, as we’d love to hear what you think.
Tags: Approva, SOX Survey, Sarbanes-Oxley, ROI
