Controls Monitoring in Government Agencies
Approva’s Approach
Approva One helps agencies increase accountability, drive performance improvements, and manage change by providing a comprehensive, independent platform to automate key controls across all major systems commonly used in government agencies, including PeopleSoft, SAP, Oracle, CGI AMS/Advantage, and a variety of legacy systems. Approva’s out-of-the-box controls are based on best practices for segregation of duties, transaction monitoring, master data and IT system configuration. Dashboards, analytics, alerts, extensive reporting and case management features offer unprecedented visibility and management of your agency’s internal controls environment.
Key Benefits
Automate Internal Controls Testing Across Multiple Systems & Control Types
Automating your agency's control environment extends coverage more broadly and deeply than sample-based manual controls implementation and testing allow. A comprehensive library of best-practice controls - validated by the "Big 4" audit firms - are simple to configure and designed to address every control "layer", including user access, system configuration, master data, and financial transactions. A variety of analytics and case management tools remove the time-intensive effort of detecting and correcting control violations, allowing Finance, Audit and IT personnel to focus on implementing operational process improvements that reduce future compliance issues.
Gain Visibility Into Control Breakdowns With Fine-Grained Analysis
Approva One uniquely delivers visibility into complex security schemas across multiple systems. With Approva One, agencies can monitor access to sensitive data, analyze segregation of duties and properly document exclusions or compensating controls, provision users and conduct “what-if” simulations, and monitor configuration changes indicative of fraud.
Identify and Eliminate the Source of Process Control Weaknesses and Inefficiencies
Agencies are increasingly being held to higher standards of efficiency, transparency, and accountability. With Approva One's financial transaction controls, agencies can monitor and analyze invoices, purchase orders, shipping receipts, payments, vendors, expense reports, and other key process documents involved in agency public service processes. Analyze spending trends, identify waste, fraud, or other mismanagement of public funds, and ensure compliance with P-Card program policies and regulations such as FCPA and OFAC.
Continuous monitoring is an important activity in assessing the security impacts on an information system resulting from planned and unplanned changes to the hardware, software, firmware, or environment of operation.
– NIST Special Publication 800‐37
Approva One helps agencies achieve compliance with legislation, guidelines, and executive orders with internal control requirements:
- American Recovery and Reinvestment Act
- Executive Order 13520 to Reduce Improper Payments and Eliminate Waste in Federal Programs
- OMB Circular A-123 Internal Control Guidelines
- OMB Circular A-130 Information Management
- OMB Circular A-133 Single Audit Compliance and Internal Controls Report
- Federal Financial Management Improvement Act (FFMIA)
- Federal Information Security Management Act (FISMA NIST 800-37 and NIST-800-53)