The most reliable risk management platform as a service


We remain committed to delivering the most reliable risk management platform-as-a-service built from the ground up. We continue to make substantial investments in cloud computing architecture to ensure total fault-tolerance, continuously monitored Intrusion Detection and Prevention (IDS/IPS), advanced data protection controls, Comprehensive DDoS Protection and IT General Controls (ITGC) to maintain effective system and organization controls (SOC)

Last year we released over 300 updates to enhance risk management capabilities, improve user experience and data integration services as we continued to expand our product development and services teams in the USA, Latin America, and India. Now, our customers can extend application access and monitoring controls to any datasource that supports REST, SOAP, or JDBC API services, for example, Oracle Cloud ERP, Workday, Microsoft Dynamics, NetSuite, Salesforce, Coupa, Hyperion, etc.

Our 2021 platform roadmap includes enhancements that will enable our customers to deploy: (a) Access Governance and Administration service with API services for Identity Management (IDM) and IT Service Management (ITSM); (b) Application Monitoring to control processing risks and improve operational resilience in Cloud ERP, CRM, HCM and SCM applications; (c) Data integration services to ensure secure data exchange across any combination of cloud-resident and on-premises datasources, including APIs, mobile devices and the Internet of Things (IoT); and, (d) Process automation with non-invasive RPA integration technology to automate routine, repetitive and predictable tasks through orchestrated UI interactions that emulate human actions.

SafePaaS Trust - The most reliable risk management platform-as-a-service

Nothing is more important to us than ensuring our customers' continued trust. Our platform provides customers with:

  • Leading Cloud platforms including Amazon AWS, Oracle Cloud Infrastructure (OCI) , Microsoft Azure and Databank Certified TIER III
  • Total fault-tolerant cloud infrastructure to ensure > 99.97% uptime.
  • Continuously monitored Intrusion Detection and Prevention (IDS/IPS)
  • Comprehensive DDoS mitigation with security controls for web services, and networks ensuring the performance of legitimate traffic is not compromised.
  • Advanced data protection controls to comply with the highest industry standards. 
  • IT General Controls (ITGC) to maintain effective system and organizations controls (SOC)
  • Scalable infrastructure that can scale up to meet increased workloads with load balancing architecture.
  • Business Continuity Management with Recovery time objective (RTO) and recovery point objective (RPO) support options

For more information, please read here

Top Ten Most Popular Features

10 Incident Report for Monitored Control (MonitorPaaS™)

The Incident Report provides a closed-loop audit trail of all risk incident workflows initiated by automated control monitors and actioned by one or more control owners.

9 Change Tracker Object (DataProbeETL™)

Change Tracker objects detect all changes to critical system configurations such as three-way-match, journal sources; master data such as supplier bank accounts, customer credit limits; and, application security model such as new roles, profiles etc…

8 Transaction Monitors (DataProbeETL™)

Transaction Monitors help you discover suspicious or erroneous transactions and look back at materialized risks. For example, you can discover cash leaks in business processes by identifying inappropriate transactions such as duplicate supplier payments, inventory margin losses, customer orders over credit, unauthorized employee compensation, benefits or expense reimbursements.

7 Spreadsheet Controls (DataProbeETL™)

ExcelGuard™ is our newest data protection functionality that allows you to simply cut and paste or upload data from a spreadsheet into SafePaaS, creating an auditable snapshot of the spreadsheet with data access controls.

6 Segregation of Duties Rules Import from legacy application access control tools (AccessPaaS™/Policy Manager™)

You can easily upgrade to SafePaaS application access Policy Manager to detect and prevent SoD risks from legacy or unsupported applications such as Oracle GRC Application Access Control Governor (AACG) and Approva by simply selecting import rules. Once the rules are mapped, a rules template file can be uploaded into SafePaaS.

5 Access Violation Dashboard (AccessPaaS™/Policy Manager™)

Modern, drill-down dashboards show the top Segregation of Duties rules with violations. You can drill down-down into detailed reports in an easy-to-read way from where the risks can be effectively managed.

4 Violation Summary by User (AccessPaaS™/Policy Manager™)

SafePaaS provides a report that lists all the risk violations for selected users. Self-documented reporting with risk responses such as corrective actions to remediate the risks, and acceptance where exceptions (waivers) are applied with compensating controls.

3 Mass Update Exceptions (AccessPaaS™/Policy Manager™)

Organizations often require SoD policy “waivers” for certain users such as IT support staff, service accounts for API integration, Robots, and remote business units with limited users. The mass update feature enables users to close the violations for such users and roles for all or some SoD policies by selecting the rules and applying to users and roles. This capability minimizes the effort to maintain exceptions by using the mass update exceptions feature.

2 SAML – Single sign-on (Administration Company)

Our customers are enabling thousands of users to access SafePaaS self-service security and control monitoring services using SAML enabled single sign-on (SSO) from multiple devices using a single ID.

1 Self- Service Access Request (iAccess™)

iAccess™ became the most popular SafePaaS application service in 2020 as our customers adopted work-from-anywhere policies and required assurance that users are granted access in compliance with company security and access governance policies to business applications and sensitive data no matter where they may be accessing the systems. In iAccess™ users can request access to the user self-provisioning tool by submitting a request that goes through a workflow to either be approved or rejected. Automating self-service access requests helps mitigate human error as well as create an audit trail for compliance.

API Services extend data integration to control risks across any datasource


Data integration has always been at the core of the entire SafePaaS platform that enables our customers to discover hidden risks and deploy automated controls to monitor and prevent access policy violations, suspicious transactions, unauthorized data changes, and system misconfigurations.

SafePaaS enhanced API Services can help customers unite data integration and governance to deliver trusted data. Customers can now use DataProbeETL™ self-service data source configuration and meta-object management capabilities to easily retrieve data snapshots from almost any source, and integrated mapping functionality ensures that your data is usable from day one.

From the rapid snapshot of data to a cloud data warehouse to the most complex multi-cloud projects, SafePaaS API services can help to control risks to data processing.

DataprobeETL™ supports many popular APIs standards to integrate with the multiple datasources including JDBC, SOAP web services, REST Services, as well as local data upload.

Platform Roadmap 2021
Roadmap 2021

First Quarter Release - Configurable API Services for access and monitoring controls

Configurable API Services enable SafePaaS customers to define meta-objects such as security model, application configurations, transaction and master data for any application datasource using no-code “touchless” integration to snapshot a full sample from the datasource for risk discovery and control automation. This enhancement will significantly decrease control deployment time without introducing costly technical integration and custom code. Once the user-defined meta-objects are deployed, the data snapshots can be streamed to controls management applications such as Enterprise Access Monitor ™ and MonitorPaaS™ to continuously monitor the applications to detect and prevent risk events based on pre-defined rules. 

Second Quarter Release - Risk Discovery across multi-stream datasources

Enhanced analytics capabilities will enable SafePaaS customers to create a consolidated data, modeling, and reporting platform to discover hidden risks across multiple data sources. You will be able to integrate existing risk models and data hierarchies in SafePaaS into a streamlined, unified data infrastructure for measuring and reporting enterprise risk. For example, you will be able to effectively screen your suppliers through sanctions and watchlists, special interest persons, and adverse media entities. This capability will enable you to scan supplier data against third party data services such as Dow Jones to receive ongoing notifications of suppliers’ instability before your supply chain is disrupted with real-time updates.

Third Quarter Release - iPaaS services for B2B Cloud Application Integration

We will continue to broaden our data integration services to cover an increasing range of enterprise use-cases. We will release advanced “iPaaS” capabilities to enable our customers to implement integration projects involving any combination of cloud-resident and on-premises endpoints, including APIs, mobile devices, and the Internet of Things (IoT). You will be able to use the iPaaS service by developing, deploying, executing, managing, and monitoring integration processes and flows that connect multiple endpoints so that they can work together.

Fourth Quarter Release - RPA Service Integration for Process Automation

We are excited to see RPA on our 2021 roadmap. Robotic Process Automation can help our customers streamline compliance costs, improve the audit and compliance process, and scale operations. RPA excels in repetitive, manual processes where error rates are high.

SafePaaS customers will be able to use RPA to help protect their organization against security risk. For example, take away unauthorized privileged access, review access violations in almost real-time, and decrease the cost to detect data breaches.

Our customers will also be able to use RPA for financial management such as procure-to-pay and automating the financial process to improve efficiencies.

Oracle GRC Summit
Last fall saw the successful launch of our Oracle GRC summit. With Oracle GRC support ending, customers have some important decisions to make in terms of next steps. Our 4-part event took GRC customers on a journey starting with the evolution of GRC software 20 years ago and ended with what can be accomplished by implementing next-generation digital risk management platforms such as SafePaaS.

This event brought onboard many new customers that we are delighted to have join the growing SafePaaS community and look forward to welcoming onboard many more in the near future.

For more information on how SafePaaS can help you with an Oracle GRC alternative,  you can schedule a one-on -one call with one of the SafePaaS Oracle GRC  team for a complementary chat and see how easy it is to switch to the SafePaaS platform.