Riskpro Iso 31000 Services


Published on

With growing risk complexities in business environment and volatile markets, there is an imperative need for attaining quality standards in critical functions, processes & framework. Fortunately with the advent of a new International Standard, ISO 31000:2009, Risk Management – Principles and guidelines, will help organizations of all types and sizes to manage risk effectively. ISO 31000 provides principles, framework and a process for managing any form of risk in a transparent, systematic and credible manner within any scope or context.
In continuation of our fast growing presence and business trajectory, we’re pleased to commence our ISO 31000 Risk Management Training Services in addition to our existing bouquet of Risk advisory , Consulting, Training & Human Capital Services to corporates across India currently being serviced through our multi location delivery centres in major metros with total presence in 11 Indian cities network already.

  • Be the first to comment

Riskpro Iso 31000 Services

  1. 1. Risk Consulting & Advisory ServicesISO 31000:2009 Risk Management StandardsRiskPro India Ventures (P) Limited New Delhi, Mumbai, Bangalore 1
  2. 2. Who is Riskpro… Why us? ABOUT US MISSION Riskpro is an organisation of member firms around India devoted to client service  Provide integrated risk management excellence. Member firms offer wide range consulting services to mid-large sized of services in the field of risk management. corporate /financial institutions in India Currently it has offices in three major cities  Be the preferred service provider for Mumbai, Delhi and Bangalore and alliances complete Governance, Risk and Compliance in other cities. (GRC) solutions. Managed by experienced professionals with experiences spanning various industries. VALUE PROPOSITION DIFFERENTIATORS You get quality advisory, normally delivered by large consulting firms, at fee levels  Risk Management is our main focus charged by independent & small firms  Over 200 years of cumulative experience High quality deliverables  Hybrid Delivery model Multi-skilled & multi-disciplined organisation.  Ability to take on large and complex projects Timely completion of any task due to delivery capabilities Affordable alternative to large firms  We Hold hands, not shake hands. 2
  3. 3. Risk Management Advisory Services Basel II/III Advisory Corporate Risks Information Security  Market Risk  Enterprise Risk Assessment  IS Audit  Credit Risk  Fraud Risk  Information Security  Operational Risk  Risk based Internal Audit  IT Assurance  ICAAP  Operations Risk  IT Governance  Forensic servicesSERVICES Operational Risk Governance Other Risks  Process reviews  Corporate Governance  Business/Strategic Risk  Policy/ Process Review  Business Strategic risk  Reputation Risk  Process Improvement  Fraud Risk  Outsourcing Risk  Compliance Risk  Forensic Accounting  Contractual Risk  Insurance Risk Training Recruitment  Banking – E Learning  Corporate Training  Virtual Risk Managers  Regular Risk Management Training  Full Time Risk Professionals  Online Training material  Part time Risk Professionals  Workshops / Events  Risk Managers on call – free  ISO Standards 3
  4. 4. ISO 31000:Future standard on Risk Management  Every organization has objectives to achieve, and in order to achieve them, any uncertainty that could interfere with their realization must be effectively managed.  ISO 31000 is clearly different from existing guidelines in that the emphasis is shifted from something happening – the Tackling event – to the effect on objectives. hazards  It sets out principles, a framework, and a process for the management of all forms of risk, including safety and environment, in all organizations, regardless of size.  Key principles which includes- Communication and Consultation, Establishing the context, Risk assessment steps- Identification, Analysis, Evaluation.  Risk treatment, Monitoring and review. 4
  5. 5. ISO 31000: 2009 Risk Management Standards Insight… RISK MANAGEMENT INTERNATIONAL STANDARD ISO 31000:2009 ISO Guide 73 ISO 31000 Risk Management - Risk Management – Vocabulary Principles and guidelines IEC 31010 Standard Risk Management Risk Vocabulary Assessment Techniques Principles/Guidelines Assessment 5 5
  6. 6. Evolution of ISO 31000 Journey… 1995 1999 2002 2004 2004 + Standards Guidelines Australia/New review on Standards Zealand and released for Review 2 implementation Risk Management Vocabulary AS/NZS 4360 Guideline 2001 ISO/IEC Standards Guide 73 Standards Version- Australia/New Japan Standards Zealand Australia/New Review 1 Zealand AS/NZS 4360 AS/NZS 4360 6
  7. 7. Understand ISO 31000...Future of Risk !  Historical glance - When the Standards Australia/Standards New Zealand Joint Technical Committee developed AS/NZS 4360 – Risk Management, which was first published in November 1995, revised in 1999 and most recently revised in 2004. Standards organizations in Canada (1997) and Japan (2001) followed with their own versions and then in 2002, ISO and the International Electro technical Commission (IEC) published ISO/ IEC Guide 73, Risk management – Vocabulary – Guidelines for use in standards.  Every organization has objectives to achieve, and in order to achieve them, any uncertainty that could interfere with their realization must be effectively managed.  ISO 31000 is clearly different from existing guidelines in that the emphasis is shifted from something happening – the event – to the effect on objectives.  It sets out principles, a framework, and a process for the management of all forms of risk, including safety and environment, in all organizations, regardless of size.  Key principles which includes- Communication and Consultation, Establishing the context, Risk assessment steps- Identification, Analysis, and evaluation Risk treatment, Monitoring and review. 7
  8. 8. ISO 31000 Elements Overview… Key Elements 8
  9. 9. ISO 31000 Elements Demystified*This presentation and its contents in part or whole should not be copied or distributed to anyone. 9
  10. 10. Risk Management Overview : ISO 31000 Outlook Overview•Without risk, there is no reward or progress. Unless risk is managed effectively, organizationscannot maximize opportunities and minimize threats.• Applicable and Adaptable with emphasizes on tailoring the principles and guidelines to thespecific needs and structure of the organization.• Commitment of senior top management with the overarching component of the framework isthe mandate and commitment of the organization’s board and top management to theimplementation, review and continual improvement of how risk is managed. Ultimately toensure risk is fully focused on the achievement of objectives.• Organizations with a commitment to managing risk know that implementing standards canenable them to do so more effectively and therefore maximize opportunities and minimizelosses in the course of achieving corporate objectives.• Risk is “effect of uncertainty on objectives” – positive and negative consequences, safety,compliance, strategy.• Risk management process a systematic application of management policies, procedures andpractices to the tasks of communication, consultation, establishing the context, identifying,analyzing, evaluating, treating, monitoring and reviewing risk. 10
  11. 11. ISO 31000 Concept & Organizational Alignment How we Do• ISO (International Organization for Standardardization) 31000 standard sets out principles, a framework and a process for the management of risk that are applicable to any type of organization in public or private sector.• Every organization is unique, yours might be a regulator, a deliverer of services, a policy analysis shop, an enforcer of laws, a facilitator of industry and commerce, support for education or literacy or rights, etc.• So implementation of risk management in every organization is different but instantaneously recognized as 31000 risk management framework, process, terminology, and other best practices.• So your organization’s risk management could be reviewed and evaluated by any other risk management literate person from any organization to mutual advantage. 11
  12. 12. Key Principles- Clauses How we DoClause – 3o Create valueo An integral part of organizational processeso Part of decision makingo Explicitly address uncertaintyo Be systematic and structuredo Be based on the best available informationo Be tailoredo Take into account human factorso Be transparent and inclusiveo Be dynamic, iterative and responsive to changeo Be capable of continual improvement and enhancement 12
  13. 13. Key Principles- Clauses How we DoClause – 4 (Mandate & Commitment)4.3 Design of framework o Understanding the organization and its context o Risk management policy o Integration into organizational processes o Accountability o Resources o Establishing internal communication and reporting mechanisms o Establishing external communication and reporting mechanisms4.4 Implementing risk management 4.4.1 Implementing the framework 4.4.2 Implementing the risk management process4.5 Monitoring and review of the framework4.6 Continual improvement of the framework 13
  14. 14. Key Principles- Clauses How we DoClause – 5 (Risk Management Process)o Should be an integral part of managemento Be embedded in culture and practices ando Tailored to the business processes of the organization.o Communication and consultationo Establishing the contexto Risk assessmento Risk treatmento Monitoring and review. 14
  15. 15. Risk Components and Framework…1/3 How we Do 15
  16. 16. Risk Components and Framework…2/3 How we Do• Setting of performance based standards that link risk management to change management and decision making.• Focus on risks that change and why.• Integration of risk management with strategic and performance management.• Risk management plans for organization/divisions & departments.• Implementation of a training strategy to build skills and knowledge.• Appointing embedded practitioner’s.• Allocation of risks , controls, and action based owner’s.• Clear focus on control assurance as a line management role.• Learning through the application of RCA (root cause analysis) for wins/losses.• Risk governance, treatment and reporting on RM maturity within BU’s. 16
  17. 17. Risk Management Process…3/3 How we Do Establishing the context (5.3) Risk assessment (5.4 ) Risk identification (5.4.2) Communication Monitoring and and Consultation Risk analysis (5.4.3) Review (5.2) (5.6) Risk evaluation (5.4.4) Risk treatment (5.5) 17
  18. 18. Relationship- Principles, Framework and Process How we Do Mandate and commitment Framework design for managing risk Continual Risk framework Principles management improvement implementation Process Framework monitoring and review 18
  19. 19. Components- Principles, Framework and Process How we Do Principles for Managing Risk Framework for Managing Risk Process for Managing Risk • Embedding of RM throughout the • Identify and acknowledge• Risk management creates value organisation stakeholder perceptions –internal • Should ensure effective reporting and external and use for decision making • Establish basis for decision• RM is an integral part of making organisational processes • Drive policy and define performance • Optimise use of expertise • Ensure alignment with strategy • Ensure effective change• RM is part of decision making and objectives management • Assign accountabilities; ensure • Defining parameters – external resources and internal• RM explicitly addresses uncertainty • Communicate benefits to • Alignment with objectives stakeholders • Alignment with stakeholder • Understanding the organisation expectations• RM is systematic, structured and and its context timely • Developing risk criteria • Risk management policy • Risk identification, Analysis, • Integration into organisational Evaluation• RM is tailored/aligned to internal processes (embedding) and external context • Selection of risk treatment • Accountability (for process as options well as risks)• RM is dynamic, iterative, • Preparing and implementing risk • Resources (people, skills, treatment plans responsive to change information, documentation) • Recording the risk management • Establishing internal process• RM is capable of continual communication and reporting improvement • Monitoring and Review • Establishing external communication and reporting: 19
  20. 20. Risk Implementation Approach… How we Do1. Achieve an unequivocal Executive and Board mandate with a full appreciation of the changes required at all levels of the organization.2. Undertake a gap analysis and maturity evaluation.3. Develop a carefully tailored framework, based on ISO 31000 risk management framework, principles, and process as well as the organizations context and structure necessary for ERM to be implemented and sustained.4. Workshop and develop a strategic risk management plan to implement the framework utilizing practical tools and best practice methods.5. Develop and gain senior management agreement on a set of performance base standards to codify the framework and its implementation plan.6. Create a tailored risk management information system, that enforces accountability for risks, controls and tasks, supports control assurance and enables risk management performance management and reporting.7. Cause Champions to be appointed within the organization and trained to create the confidence, skills and local management support needed for roll-out.8. Help Champions engage local management and implement the framework and risk management plan, generating risk registers, etc.9. Establish a process and structure for RM performance management and reporting, including committees and review groups, and performance measures.10. Periodically, review, benchmark, and revise the framework. 20
  21. 21. Risk Integration – Strategic ERM How we Do Risk Management Framework and Process Change Management & Opportunities Performance Management (KPI) Establish the RM Plan context Lessons learn’t Risk assessment to Draft Plan Strategic Plan from last year stress test plan Risk Strategic treatment Objective plan 21
  22. 22. ISO 31000 Standards FAQ’s- We Answer for you ! How we Do How to allocate What is your ownership to organizational Risk Practical Challenges management Appetite How to ensure How to use your critical assessment is current success factors with How to create value and risk treatment is related measures of appropriate success What is CEN/ IEC How to spot emerging Guide 73 guideline How to integrate and changing risks relevance to ISO 31000 & more… ? 22
  23. 23. Riskpro Clients Our Clients*Any trademarks or logos used throughout this presentation are the property of theirrespective owners 23
  24. 24. Team Experiences Our Experiences Our team members have worked at world class Companies *Any trademarks or logos used throughout this presentation are the property of their respective owners 24
  25. 25. RESUMES – Our Team Credentials  Co-Founder - Riskpro  CA, CPA, MBA-Finance (USA), FRM (GARP) Manoj Jain  Over 10 years international experience – 6 years in Bahrain and 4 years USA  15 years exp in risk management consulting and internal audits, Specialization in Operational Risk, Basel II, Sox and Control design  Worked for Ernst & Young (Bahrain), Arab Investment Company (Bahrain), Navigant Consulting(USA), Kotak Mahindra Bank (India) and Credit Suisse(India)  Sox Compliance project for Fannie Mae, USA ( $900+ Billion Mortgage Company)  Co- Founder - Riskpro  CA (India), MBA (Netherlands), CIA (USA) Rahul Bhan  Over 15 years of extensive internal and external audit experience in India and abroad.  Worked with KPMG United Arab Emirates, PKF South Africa, Ernst and Young Kuwait, Deloitte Netherlands and KPMG India.  Worked with clients in a wide variety of industries and countries including trading, retail and consumer goods, NGO, manufacturing and banking and finance. Major clients include banks, investment companies, manufacturing organizations, aviation etc. 25
  26. 26. RESUMES - Our team Credentials  Co-Founder - Riskpro Casper Abraham  PGD (Electrical & Electronics & Computer Programming)  30 years of experience in Information & Communications Technology (ICT) Solutions for Retail, Garments, Manufacturing, Services Industries.  Has created Companies, Divisions, Products, Brands, Teams & Markets.  Consulting in Business, Technology, Marketing & Sales & Strategic Planning.  Advisory, Training, Workshops & Implementation in Systems Thinking, Systems Modeling & Balanced Scorecard  Worked with TIFR, Mahindra, Ambience, Communico-Graphique & Ionidea Inc, USA,  Vice President – Risk Management  MBA, PDFM, NSE-NCFM, PMP, CSSGB,Trained ISO 9001:2000 I.A,GARP-FBR, ITIL Hemant Seigell  Professional with 17 years of rich experience into diverse Consumer finance/ Lending operations ,Risk Management,BPMS, Consumer Banking, NBFC, Management Consulting & Housing finance in BFSI industry having successfully led key business strategic engagements across multi-product environment in APAC, Australia and US regions.  Worked with GE, ABN AMRO Bank, Citigroup, Accenture, Deutsche Postbank  Highly skilled and expert Trainer in Risk areas across Fraud, Credit, Operational, Corporate Risk management, GRC.  Specializes in Fraud Control, Compliance QA ,ERM and Regulatory governance. 26
  27. 27. RESUMES - Our team Credentials  Head - Insurance Risk Advisory services  B.sc, Associate of Indian Institute of Insurance Licensed Category A Insurance surveyor R. Gupta   26 years of experience in Insurance advisory services, Loss adjusting for large corporates,Claims management.  Has assessed more than 4500 high value insurance claims across various industry sectors.  Risk management inspection  Valuations of fixed assets for insurance purpose.  Head - Human Capital Management Nilesh Bhatia  Chartered Accountant, Lead Assessor ISO 9000, Six Sigma Trained, Trained on Situational Leadership, Trained on interviewing skills and Whole Message Model.  Over two decades of international, multi-cultural experience in finance and human resources viz. internal audit, accounting operations, accounting process review & re-designing, risk management, business solutioning, six sigma projects, talent acquisition, talent retention, organization design/redesigning, compensation and appraisal processing, employee and customer satisfaction surveys, knowledge management and finance services.  Worked with Citicorp/MGF, India Glycol, Delphi, American Express India, American Express USA, Fidelity International and Macquarie Global Finance Services India. 27
  28. 28. Our team Credentials  Co-founder- Riskpro B.Com, FCA Rajesh Jhalani   Senior Partner with 48 year old Delhi based Chartered Accountant firm, Mehrotra and Mehrotra  Over 19 years of experience in the field of Audit, Taxation, Company law matters.  Major clients served are NTPC, BHEL, Bank of India, PNB, Airport Authority of India etc.  Specialist Risk Consultant – ERP & IT Compliance  SAP Certified, MBA (Finance), SAP Security trained (from SAP India), SAP GRC Access Gourav Ladha Controls trained (from SAP India)  Over 7 years of experience working in the area of ERP/IT Risk advisory, primarily focusing on SAP, for ‘Fortune 500’ clients in around 8 countries including US, UK, UAE, Hong Kong, etc  Specializes in SAP Risk & Controls Advisory, SAP Business Process Controls Audit, SAP Security & Segregation of Duties Control Audit, ERP Trainings,  Strong Industry experiences ranging from Beverages, Insurance, Energy, FMCG, Pharmaceutical, Retail, Telecommunication to IT Services  Worked for risk advisory teams of reputed organizations like Ernst & Young, EXL Services 28
  29. 29. Key Contacts and Locations (India) Corporate Mumbai Delhi Bangalore Riskpro India Manoj Jain Rahul Bhan Casper Abraham Ventures (P) Limited Director Director Director M- 98337 67114 M- 99680 05042 M- 98450 61870 manoj.jain@riskpro.in rahul.bhan@riskpro.in casper.abraham@riskpro.in info@riskpro.in www.riskpro.in Shriram Gokte Hemant Seigell Principal - Information Risk VP – Risk Management C 561, Defence Colony M- 98209 94063 M- 99536 97905 New Delhi 110024 shriram.gokte@riskpro.in hemant.seigell@riskpro.in Ahmedabad Pune Agra Gurgaon Maulik Manakiwala M.L. Jain Alok Kumar Agarwal Nilesh Bhatia Associate Firm Principal – Strategy Risk Associate Firm Head – Human Capital M - 91 98256 40046 M- 98220 11987 M- 99971 65253 M- 98182 93434 mljain@riskpro.in nilesh.bhatia@riskpro.in Gourav Ladha Sap Risk Advisory M- 97129 52955 Salem Ghaziabad Chandrasekaran R Gupta Recruitment Franchisee Head – Insurance Risk M - 91 9443 599132 M- 98101 07387Copyright- © 2012 RiskPro ,India .All rights reserved. 29