HowHow to implement andto implement andalignalign Technology withinTechnology withinyouryour GRC FrameworkGRC Frameworkyou...
85.6%14.4%Would you benefit fromWould you benefit fromintegrating and streamliningintegrating and streamliningtechnology f...
What? When? How? Who? Where?What? When? How? Who? Where?3Parag Deodhar26 April 2013
39.6%31.6% 26.0%16.6%Greatest Barriers to an IntegratedGreatest Barriers to an IntegratedGRC approachGRC approachNo establ...
IT is not just CORE anymore..IT is not just CORE anymore..5Parag Deodhar26 April 2013
BYOD,Mobilecomputingrisks,PartneraccessInformationoverload,Data co-relation,consistencyIT is transforming the business…IT ...
Technology• It is not only aboutimplementing an ITsolution• GIGO• Cross enterprisevisibility andProcess• Controls should n...
Suggested StandardsSuggested Standards8Parag Deodhar26 April 2013
Choose a standards based approach that addressesboth business and IT processes.GRC software will help – however it is only...
No silver bullet!!Each organization has its owndynamics and the solutionneeds to be evaluated basedYour thoughts please!Yo...
Upcoming SlideShare
Loading in...5
×

How to implement and align Technology within your GRC Framework

320

Published on

My presentation at The GRC Forum, Mumbai on 26th April 2013

Published in: Business, Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
320
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

How to implement and align Technology within your GRC Framework

  1. 1. HowHow to implement andto implement andalignalign Technology withinTechnology withinyouryour GRC FrameworkGRC Frameworkyouryour GRC FrameworkGRC FrameworkParag DeodharChief Risk OfficerBharti AXA General Insurance
  2. 2. 85.6%14.4%Would you benefit fromWould you benefit fromintegrating and streamliningintegrating and streamliningtechnology for GRCtechnology for GRCYES NOSource: OCEG survey 20122Parag Deodhar26 April 2013
  3. 3. What? When? How? Who? Where?What? When? How? Who? Where?3Parag Deodhar26 April 2013
  4. 4. 39.6%31.6% 26.0%16.6%Greatest Barriers to an IntegratedGreatest Barriers to an IntegratedGRC approachGRC approachNo establishedstrategy forintegrationeffortsBelief it is toocomplex toundertakeintegrationIT not alignedwith GRCNot knowinghow to startSource: OCEG survey 20124Parag Deodhar26 April 2013
  5. 5. IT is not just CORE anymore..IT is not just CORE anymore..5Parag Deodhar26 April 2013
  6. 6. BYOD,Mobilecomputingrisks,PartneraccessInformationoverload,Data co-relation,consistencyIT is transforming the business…IT is transforming the business…SAAS – ITis no longertheprovider,complianceEmployeebehavior,Customerfeedback,reputationrisks6Parag Deodhar26 April 2013
  7. 7. Technology• It is not only aboutimplementing an ITsolution• GIGO• Cross enterprisevisibility andProcess• Controls should notbe an overhead – itshould be embeddedwithout beingburdensome.• Loss Data CollectionPeople• Integration is likely toinvolve a majortransformationprogram - resistanceto change isconsidered the singlebiggest obstacle• Employee TurnoverChallengesChallenges7Parag Deodharvisibility andintelligence• Most organizationsalso have multiple GRCtools, SIEMapplications – do theseintegrate with eachother?• Loss Data Collection• Duplication ofcontrols, reporting –leading to higherresourcerequirement, time &cost• Employee Turnover• Training• Governance model &team structures• Roles andResponsibilities – ITrole26 April 2013
  8. 8. Suggested StandardsSuggested Standards8Parag Deodhar26 April 2013
  9. 9. Choose a standards based approach that addressesboth business and IT processes.GRC software will help – however it is only a meansand not an end in itself.◦ Integrating applications / infrastructure / security◦ Survival of the most informed◦ Integration of controls within the organization◦ Integration of IT systems with vendors / suppliers /business partners – don’t forget the regulator &government departments!Options / Solutions to considerOptions / Solutions to considergovernment departments!◦ Electronic payments, mobile, social & cloud◦ Loss data collectionEnsure that qualified people, including internal andexternal consultants with risk &controls, audit, business process, and relevant ITknowledge, play a key role in the initiative.Secure buy-in from all stakeholders9Parag Deodhar26 April 2013
  10. 10. No silver bullet!!Each organization has its owndynamics and the solutionneeds to be evaluated basedYour thoughts please!Your thoughts please!needs to be evaluated basedon detailed requirementsanalysis.10Parag Deodhar26 April 2013

×