-- 56% have a GRC strategy in place, with 84% believing that governance, risk and compliance should be viewed holistically -- Nearly half are using or plan to use a commercial software solution to automate compliance efforts -- 59% of respondents believe no single point of ownership and accountability to be the biggest challenge to implementing a GRC plan within their company -- 82% of respondents believe that ease of use is a key factor in evaluating GRC software. -- The top five benefits from IT controls and compliance investments, according to survey respondents, are: - successful audit results - overall business process improvements - reduced risk of fraud and mistakes - reduced time spend monitoring and testing IT controls - reduced time spent preparing for and supporting IT audit"There needs to be a paradigm shift in how companies transform the benefits realized from their Sarbanes-Oxley investments to a more long term risk-based approach to governance and compliance," said Scott Mitchell, CEO, Open Compliance and Ethics Group (OCEG). "The first step towards employing a GRC strategy to drive business performance is to get the right people in the room to speak the same language, and that's the challenge most companies are currently dealing with." "With more than five years of Sarbanes-Oxley compliance under our belts, public company CFOs have now learned how to effectively address regulatory requirements, obtain executive sponsorship for major initiatives and realize business benefits from controls," said Michael P. Cangemi, CEO of Financial Executives International (FEI), the professional association of choice for senior financial management and reporting best practices. "The next level in corporate governance is to align the CFO, CIO and CSO organizations to join hands as partners in GRC." "The landscape is too complicated with too many silos," said Paul van Kessel, partner of Ernst & Young (E&Y). "Over the last five years, companies made huge progress in managing their financial and related IT risks. The focus is now on two related topics. First: decrease the cost of compliance by elimination, simplification, standardization and automation of controls and second: integration of the financial risk management frameworks and approaches with enterprise risk management and business improvement initiatives." Available Experts The following experts can discuss Approva's governance, risk and compliance survey, as well as provide commentary on the corporate environment surrounding GRC programs and initiatives: -- Michael P. Cangemi, CEO of FEI, Approva Advisory Board Member, and Former Editor-In-Chief of the ISACA IS Control Journal As president and CEO of FEI, the professional association of choice for senior-level corporate financial executives, Michael P. Cangemi oversees the organization's efforts to advance ethical and responsible financial management practices within corporations. As a noted author, speaker and business consultant in the areas of internal audit, audit management, information systems and accounting, Cangemi is an expert in the latest trends of concern for executives. -- Scott Mitchell, President and CEO, Open Compliance and Ethics Group (OCEG) As CEO of OCEG, Scott Mitchell is responsible for promoting OCEG's mission to help corporations implement and align their governance, risk and compliance management activities to drive business performance and promote integrity across the organization. As one of the foremost experts on governance, risk and compliance, Mitchell is helping to drive GRC program innovation. -- Prashanth "PV" Boccasam, CEO of Approva PV has an unrivaled appreciation for spotting the convergence of business and IT trends and conceiving how new technologies can be applied to address problems that are top priorities for C-Level executives, including governance, risk and compliance. With public company executives continuing to share their concerns and experiences, PV has proprietary insight into the future of the governance, risk and compliance space. For more on PV's point of view on GRC, visit Audit Trail. -- Paul van Kessel, Partner and Global Leader for Ernst & Young's IT Risk and Advisory Services As a Global Leader for Ernst & Young, Paul van Kessel is responsible for the delivery of a wide range of risk and advisory services designed to help enhance IT governance/risk management activities and improve IT processes of organizations. By working on Continuous Control Monitoring for almost 15 years, Van Kessel drives continuous innovation into the GRC solutions that Ernst & Young is providing to clients. About Approva Approva® Corporation is the industry-leading provider of governance, risk and compliance (GRC) software for continuous controls monitoring and audit automation. We enable business, finance, IT and audit professionals to automate controls across SAP, Oracle, JD Edwards, PeopleSoft and other legacy applications. Our products are a controls monitoring standard for a majority of the Big-4 audit firms. Global companies such as Bayer, DirecTV, Discovery Communications, First Advantage, Honeywell, P&G, Pratt & Whitney, Siemens and T-Mobile rely on Approva to reduce compliance risk, increase operational efficiency and flag exceptions to their business controls. Approva has certified integrations with Microsoft, Sun Microsystems, IBM and SAP to provide a holistic GRC solution. For more information, visit www.approva.net. Editors Note: For company news and other information, please log onto to Approva's press room at www.approva.net/news.
Contact Information: For More Information: Matthew Langan DBC Public Relations for Approva 202.298.7600 x.219 matthew@dbcpr.com Priya Ramesh Approva 703.956.8409 priya.ramesh@approva.net