Downloaded 47 times
Uploaded byFixNix Inc.,
ISACA session about GRC
For more than 24 months, FixNix has researched compliance for leading Indian e-commerce brands and produced SMB GRC products. They are now presenting five rules for governance, risk, and compliance: 1) Treat your business like a king. 2) Spread ideas and move forward. 3) Help others understand what you can do for them. 4) Practice, not just decoration. 5) Cultivate community support and prioritize actions that will create maximum impact.
ISACA session about GRC
- 1. For more than24 months, FixNix has researched compliance for the India’s leading e-commerce brands, security thought leadership forums, and production of SMB GRC product. Now they bring you… FIVE RULES FOR GOVERNANCE, RI SK & COMPLIANCE
- 2. Mute Your Cellphone FIRST UnlearnWhatever You Know in GRC World & Lend your Ears for next 60 minutes SECOND To Get 200% Benefit of This Presentation
- 10.
- 11.
- 12.
- 14. WHAT CAN DO FOR WHY SHOULDADOPT THE THEY NEED TO TO TAKE WHAT CAN DO FOR WHY SHOULD ADOPT THE THEY NEED TO TO TAKE
- 17.
- 18.
- 41.
- 43.
- 47.
- 48.
- 53.
- 56. Community maximum impact support thepriorities Development • In order to bring lasting change, we must first prioritize the things that will bring about the • Then we must organize schedules and resources that will about that change • Finally, we need to mobilize people to be able to take action and bring
- 57. mobilize mobilize support the priorities •Then we must schedules and resources that will organizeprioritize organize Community maximum impact Development • In order to bring lasting change, we must first the things that will bring about the about that change • Finally, we need to people to be able to take action and bring prioritize
- 58.
- 59.
- 60.
- 65.
- 67.
- 69.
Editor's Notes
- #2 To view this presentation, first, turn up your volume and second, launch the self-running slide show.
- #3 To get 200% benefit of this presentation, first, mute your cellphone and second, unlearn whatever you know in GRC world & lend your ears for next 60 minutes.
- #4 GRC is a powerful compliance program which can move & shake any organization.
- #5 For more than 24 months, FixNix has developed GRC programs…
- #6 …to improve compliance,
- #7 …align all departments,
- #8 …increase company value,
- #9 …and propel
- #10 …GRC program.
- #11 Along the way we’ve discovered…
- #12 …five simple rules for creating Governance, Risk & Compliance programs.
- #13 The first rule is: Treat your business as king.
- #14 Your business groups, management deserves to be treated like royalty. Design a GRC program that meets their needs, not just yours.
- #15 Management want to know what you can do for them, why they should adopt your view, and the steps they need to follow to take action.
- #16 Give them those things in a clear, easily understandable way…
- #17 …and you will undoubtedly find favor with the king.
- #18 The second rule is: Spread ideas and move people.
- #19 Your business didn’t show up to read your 60 page on screen dissertation.
- #20 They’re there to see you. To be inspired by your message…
- #21 …and witness the quality of your thought.
- #22 You are not giving your presentation to have another meeting. You are there to convey meaning.
- #23 So, consider including imagery that powerfully illustrates your point.
- #24 IT roadmap for GRC
- #25 How do we align our GRC initiatives ?
- #26 How do I assess risk ?
- #27 Policies, procedures and controls
- #28 What are the elements of privacy risk management and compliance ?
- #29 How can operational controls add value to a business process ?
- #30 How do I know if my GRC system or overall program is effective ?
- #32 How should we conduct investigation
- #33 Suspicious activity investigation lifecycle
- #34 What controls are needed for the extended enterprise ?
- #35 How do we broaden our awareness of incidents and risks?
- #36 How do we optimize our approach to GRC
- #37 How do we integrate IT to enable GRC ?
- #38 How do we manage the business risk of fraud ?
- #39 How do we measure the performance of GRC ?
- #40 How does a federated GRC approach apply to policy management ?
- #41 How can we use a lean approach for compliance and control ?
- #42 Which GRC product has it all ?
- #43 And a thought-provoking inclusive awareness training moves your business in a way that can change not only minds, but hearts.
- #44 The next rule is: Help them see what you are saying.
- #45 Half of the people in your business are verbal thinkers and the other half are visual.
- #46 Combining minimal text with meaningful visuals means that you’ll reach everyone.
- #47 Brainstorm graphics that will effectively communicate your message…
- #48 …and replace those words with a picture, chart or diagram. Then apply a consistent treatment to your graphics to give your whole GRC solution a unified look so that your business is attracted to, rather than distracted from, your message.
- #49 Rule number 4: Practice design, not decoration.
- #50 As tempting as it is to fill your GRC solution with stuff, often de-decorating is the best policy.
- #51 Any writer or designer will tell you that 90% of the creative process…
- #52 …is destructive.
- #53 Do you have a main point? Consider putting just one dashboard on the GRC solution by itself. Want them to remember a few items? Don’t show everything at once. Instead, show one item at a time. Have a snapshot that expresses your idea? Scale that snapshot so that it fills the overall solution. Have a single metric that says it all? Let’s depict it and remove everything else.
- #54 The last rule is: Cultivate healthy relationships (with your solution and your business )
- #55 Letting go is hard, we know.
- #56 But don’t hide behind your GRCsolution.
- #57 Breaking your dependence on your GRC solution can do a world of good for your relationship with your business.
- #58 Reduce the amount of metrics to a few key ones. Put the rest into your behind the scene pages.
- #59 And practice, practice, practice.
- #60 Thinking of your GRC solution as digital scenery,
- #61 Allows you to connect eye-to-eye with your business in a meaningful way.
- #62 So there are the rules.
- #63 But the question remains—Why go to all this trouble?
- #64 Why not do it the way you are used to?
- #65 The answer is simple. Because everyone else does it that way, too. You need to stand apart and be different.
- #66 When you apply these rules,
- #67 and keep the business’s needs top of mind,
- #68 your GRC solution will not only hold their attention,
- #69 But also change the company world . (Well, at least your part of the world.)
- #70 For more ways to harness the power of GRC, visit www.fixnix.co