SlideShare a Scribd company logo

It risk advisory brochure 2013

Rahul Bhan (CA, CIA, MBA)
Rahul Bhan (CA, CIA, MBA)
1 of 33
Download to read offline
IT Risk Advisory Services Riskpro India Ventures (P) Limited New Delhi, Mumbai, Bangalore 1
Who is Riskpro… Why us? ABOUT US MISSION  Riskpro is an organisation of member firms around India devoted to client service  Provide integrated risk management excellence. Member firms offer wide range consulting services to mid-large sized of services in the field of risk management. corporate /financial institutions in India  Currently it has offices in three major cities  Be the preferred service provider for Mumbai, Delhi and Bangalore and alliances complete Governance, Risk and Compliance in other cities. (GRC) solutions.  Managed by experienced professionals with experiences spanning various industries. VALUE PROPOSITION DIFFERENTIATORS  You get quality advisory, normally delivered by large consulting firms, at fee levels  Risk Management is our main focus charged by independent & small firms  Over 200 years of cumulative experience  High quality deliverables  Hybrid Delivery model  Multi-skilled & multi-disciplined organisation.  Ability to take on large and complex projects  Timely completion of any task due to delivery capabilities  Affordable alternative to large firms  We Hold hands, not shake hands. 2
Riskpro’s Network Presence New Delhi Agra Jaipur Ahmedabad Kolkata Mumbai Pune Hyderabad Bangalore Chennai Salem 3
IT Services Landscape The Backdrop: o Fast changing IT services market o Technological advances o Rising integration of business and technology o Corporate focus on core competencies o Maturation of IT vendor management role Business Need: o Meeting cost, time-to-market o Innovation objectives o Realization by corporates to assemble and integrate services and solutions o Growing demand from best-in-breed suppliers o Acquire the right services at the right prices o Must have deep knowledge of the IT services marketplace o Understanding its future direction o New trends in the application and infrastructure services marketplace 4
Riskpro IT Risk Advisory Service Service Offerings Information Information Information Information Information Technology Security Security Technology Technology Service Management Audit Assurance Governance Management 5
IT Service Management How we Do •Service architecture Scoping •SLA’s Consulting •ITSM Assessment •Control Processes • Service Delivery • Release & Resolution • IT service road mapping • GAP Analysis Standardizing • • • Tollgate review Performance metrics analysis Compliance review • Standard pre-assessment • ISO 20000 Compliances • • • ITIL practices PDCA cycle alignment Training- Basic / Advanced Value Proposition • Efficient business service delivery processes • Reduced risk in using external service providers • Reduced costs • Enhanced ability to manage business complexities in a diverse operational environment 6
Information Security Management How we Do • Risk Assessment & Management • IS security policy framework Consulting • • Internal audit procedures IS controls review • Penetration testing • Compliance- IS policies • IS security implementation review Standardizing • • • GAP analysis Performance metrics analysis Vulnerability assessment • SAS Type II audits & compliance • BS 7799 implementation • ISO 27001/17799 implementation Compliances • • DPA GLBA • HIPAA Value Proposition • Operational resilience • Risk reduction • Secure best practices • Business continuity preventive approach 7
Information Security Audit How we Do • Operating system audits • Database audits Consulting • • Networking/ Firewall audits Application systems – Functionality assessment • Web application/Data centre audit • Institutional risk areas review • General Controls- Physical Standardizing security/BCP/BRP • Change management – Controls & Tracking • Application Controls- System edits/Access • IS policies and procedures Compliances • • • IDS Forensic auditing FERPA Value Proposition • Robust IT governance framework • Strategic & operational value through business-risk focused approach • Pre-emptive risk control capability • Corporate IT compliance adherence for future business initiatives and IT investments 8
IT Assurance How we Do • Business Continuity Planning • Consulting • Cyber crime investigative services IT external & internal audits • IT assessment and benchmarking • Data protection and privacy • Standardizing • IT security & business flexibility IT project assurance reviews • Compliances – IS policies • SAS 70 • ISAE 3402 Compliances • ISO 27002 • PCI DSS Value Proposition • Advanced technologies capabilities advisory • Proactively manage your technology risks • Helping you to use data to fullest potential use • Securing while delivering high performance business results 9
IT Governance How we Do • COBIT and ITIL reviews • Consulting • Identification of IT risks exposure Risk mitigation controls review • Balanced scorecard • Val IT business valuation plan • Standardizing • IT & Business Maturity models IT governance improvement methods • Improving IT skills & resources • ISO 38500/COBIT • Compliances • CMM TOGAF • ISO 22301 (new standard) Value Proposition • Ensuring your organizational structures & business processes are complaint • IT support framework enables to meet business strategic objectives • Useful framework tool for benchmarking the balance and effectiveness of IT governance practices 10
Annexure- IT Advisory Offerings 11
IT Service Management- Detailed Components How we Do - Systematic defining business case - Assessment of current- state gaps Process Excellence - Defining optimum process frameworks - Training & process deployment - Effective change management - Agile readiness- Risk identification & mitigation - Agile maturity assessment Agile Services - Process definition and best fit deployment - Project manager services - Training and mentoring services - Lean assessment for end-to-end processes - Opportunity assessment - Identifying improvements Lean Six Sigma - Project execution - Coaching & mentoring for processes - Training & Certification- GB/BB - Service model assessment & design - Process design , documentation Service Excellence - Maturity evaluation and audits - Outsourcing service model design - Configuration management - Baseline assessment existing vs industry best practice - Design estimation processes and techniques Software Estimation - Deployment and continuous improvement process - Organization performance benchmarking 12
Information Security Mgmt- Detailed Components How we Do - Risk assessment /Developing mitigation strategy - Business critical function>Outage & Recovery time Business Continuity - Developing business/IT disaster recovery plan - BS 25999 implementation support –BCM tools - BCM audits and training - Vulnerability & penetration testing - Static and dynamic analysis (secure code review) Enterprise Application Security - Security configuration review - Compliance assessment ( SOX, PCI, HIPAA) - Remediation plan - IAM Visualization- Feasibility/Roadmap/Business case - IAM solution evaluation- Identity and Access Management - IAM prioritization- TCO & Cost benefit analysis - IAM Execution- Role management/SSO/Access - Audit, reporting, Training - - Compliance assessment – GAP analysis - Vendor/ Third party risk assessments IS Compliance - ISO 27001 advisory (Controls design & Evaluation) - IS Audit- Risk based/IT security/IT operations/ERP - IT GRC : Software's, Strategy , framework & roadmap - 13
Information Security Audit- Detailed Components How we Do - Policy and Procedure Review - Active Social Engineering Security Operations - Third Party Oversight Review - System Inventory & Documentation Threat Mitigation - Physical/Environmental SecurityReview Security Technologies - Personnel / IT Staff Training - Internal Vulnerability assessment Professional Services - Host/ Network Diagnostic Review - Access Control Review 14
IT Assurance - Detailed Components How we Do - Enterprise Test Strategy - Test process definition - Structural code assessment - Test automation strategy: Tools/ Framework - Performance Test strategy: Tools Consulting & Advisory - Security Test strategy: Tools - Test environment & Data management - Specialized test strategy - Tool and product evaluation - Administration and Management - Requirement management - Static Analysis/Structural code evaluation - Unit and integration testing - Functional testing ( system, integration cycle) - Performance testing (Load, volume, Stress , tuning) Functional/ Support Services - Security testing - Non-functional testing ( OAT, Usability) - Regression testing - Test automation - Environment management- Data, Release, UAT 15
IT Governance - Detailed Components How we Do Project Portfolio Management High Availability –Disaster Strategy & Roadmap Recovery Set up Process Re-engineering Dashboards- Predictive Analysis Migrations- Outsourcing Governance Extract > Transport > Load Application Portfolio Rationalization Integrations & Upgrades Production Support- Performance Management Implementation /Maintenance 16
Annexure – Service Sample 17
Compliance related Services Insider Attack Manage your Compliance Needs Non-Compliance Dash Board Your Organization • We will assist you to ensure your information is secure • Compliance checks – ISO27001,ITGC,SOX,PCI-DSS and generic checks • BCP/DRP solutions • Long term/Short term goal setting – efficient mitigation* • Unique reporting – Dashboard based* • Certification is important but not everything rather security is Usually 3-4 Weeks depends on Projects Long Term Your Supplier • Check your IT Suppliers to ensure they follow your standards Short Term • Check current implementation of standards (ISO27001…) • Hand hold mitigation control implementation • Increase security of your suppliers • Dashboard view of all your suppliers and their status • Checks and repeat checks to ensure security controls are maintained • Exit Assessments Usually 1-2 Weeks depends on Projects 18
Security in Software Development Mobile Malware Phishing Services on the applications users use Insider Attack ACH Fraud S (SDLC) – Secure Your Code/Information Phases Do you want a Secure Rollout? Threat model How much security is enough? Requirements Security in Requirements engineering Information Classification Are standards followed? Architecture Security Is encryption is needed? how? Design How to API’s interact HOUSTON methods IT Policy compliant? XSS,SQL Injection, CSRF? Coding Code reviews done? Developers & Security? How to handle buffer overflow Can the code protect itself? Does Testing involve security? Proof of Concept intrusion Testing How to handle buffer overflow Risks mitigated? Do we have a security test plan throughout? Rollout Can you confidently go to Production? is there a Security Quality Gate Pass? 19
Vulnerability Assessment and Penetration Testing DDoS Attacks Your network, servers, computers Fraud Ethical Hack and Fix Services Hackers/Disgruntled Employees/Competition/Insider Attacks Our Services • Focus on critical business systems for your enterprise How Can I get access to • Ethical hacking into your network to find out security issues before a hacker does Your • Routers/Switches/UPS/Videoconference systems/Servers/VOIP systems/Firewalls/ and most connected Network/People/Money? devices on the network, the information can be stolen anywhere if we don’t take proper care • Dashboard view of vulnerabilities v/s the security risks • Vulnerabilities mapped to actual business risks (not just telling you to fix the issue but also why to fix it?, can you live with a risk?) • Training your IT teams to understand vulnerabilities May be I should get in How about, the receptionist, • Year long support in fixing the issues and ensuring your systems stay up to dated with latest security through the WLAN, it seems can I coax her into revealing patches to be unsecure some info? May be it is better I access the router… SNMP? MD 5 Hash 1-2 Weeks onsite & 4 Weeks Offshore Usually Decryption? Looks like their Videoconference has a public That user could be a good IP target for key logger Trojan! I We don’t call it Vulnerability can get credit cards! Hey I have administrator Scanning, We say “hacking” Access locally so, it’s a gold mine! How about launching a attack That webserver is not at all on the government using their patched, lets Deface them! systems? 20
Cloud Specific Security Services Securing the cloud that you operate on DDoS Attacks Insider Attack Fraud Dark Cloud This is a unique service designed to assess the Cloud Service Provider platform from an information security risks/threats point of view. • Cloud Service Operational/Governance Assessment (Onsite Interview based): We will check for your cloud security compliance to well known industry standards including cloud security alliance. • Penetration testing of the Cloud Service Provider: This service would be a intruders perspective on your cloud setup to see if your customers are protected from different security risks like espionage, Information theft, customer privacy exposure, defacements, financial data leakage, Virus/Trojan insertion, DDoS attacks, etc. Apart from this the report would also indicate your compliance to different industry standards like ISO 27001, PCI-DSS, SOX etc. 21
Riskpro Clients Our Clients Banking/ Insurance Corporate MNC Banking Intl Consulting IT / Others *Any trademarks or logos used throughout this presentation are the property of their respective owners 22
Team Experiences Our Experiences Our team members have worked at world class Companies *Any trademarks or logos used throughout this presentation are the property of their respective owners 23
RESUMES – Our team Credentials  Co-Founder - Riskpro  CA, CPA, MBA-Finance (USA), FRM (GARP) Manoj Jain  Over 10 years international experience – 6 years in Bahrain and 4 years USA  15 years exp in risk management consulting and internal audits, Specialization in Operational Risk, Basel II, Sox and Control design  Worked for Ernst & Young (Bahrain), Arab Investment Company (Bahrain), Navigant Consulting(USA), Kotak Mahindra Bank (India) and Credit Suisse(India)  Sox Compliance project for Fannie Mae, USA ( $900+ Billion Mortgage Company)  Co- Founder - Riskpro  CA (India), MBA (Netherlands), CIA (USA) Rahul Bhan  Over 15 years of extensive internal and external audit experience in India and abroad.  Worked with KPMG United Arab Emirates, PKF South Africa, Ernst and Young Kuwait, Deloitte Netherlands and KPMG India.  Worked with clients in a wide variety of industries and countries including trading, retail and consumer goods, NGO, manufacturing and banking and finance. Major clients include banks, investment companies, manufacturing organizations, aviation etc. 24
RESUMES - Our team Credentials  Co-Founder - Riskpro Casper Abraham  PGD (Electrical & Electronics & Computer Programming)  30 years of experience in Information & Communications Technology (ICT) Solutions for Retail, Garments, Manufacturing, Services Industries.  Has created Companies, Divisions, Products, Brands, Teams & Markets.  Consulting in Business, Technology, Marketing & Sales & Strategic Planning.  Advisory, Training, Workshops & Implementation in Systems Thinking, Systems Modeling & Balanced Scorecard  Worked with TIFR, Mahindra, Ambience, Communico-Graphique & Ionidea Inc, USA,  Sr Vice President – Risk Management  MBA, PDFM,NSE-NCFM, PMP, CSSGB,ISO 9001:2000 I.A,GARP-FBR, ITILV3,CPP-BPM Hemant Seigell  Professional with 17 years of rich experience into diverse Consumer finance/ Lending operations ,Risk Management,BPMS, Consumer Banking, NBFC, Management Consulting & Housing finance in BFSI industry having successfully led key business strategic engagements across multi-product environment in APAC, Australia and US regions.  Worked with GE, ABN AMRO Bank, Citigroup, Accenture, Deutsche Postbank  Highly skilled and expert Trainer in Risk areas across Credit, Fraud, Operational, Corporate Risk management.  Specializes in Fraud Control, AML/KYC Compliance ,QA ,ERM and Regulatory governance. 25
RESUMES - Our team Credentials  Head - Insurance Risk Advisory services  B.sc, Associate of Indian Institute of Insurance Licensed Category A Insurance surveyor R. Gupta   26 years of experience in Insurance advisory services, Loss adjusting for large corporates,Claims management.  Has assessed more than 4500 high value insurance claims across various industry sectors.  Risk management inspection  Valuations of fixed assets for insurance purpose.  Head - Human Capital Management Nilesh Bhatia  Chartered Accountant, Lead Assessor ISO 9000, Six Sigma Trained, Trained on Situational Leadership, Trained on interviewing skills and Whole Message Model.  Over two decades of international, multi-cultural experience in finance and human resources viz. internal audit, accounting operations, accounting process review & re-designing, risk management, business solutioning, six sigma projects, talent acquisition, talent retention, organization design/redesigning, compensation and appraisal processing, employee and customer satisfaction surveys, knowledge management and finance services.  Worked with Citicorp/MGF, India Glycol, Delphi, American Express India, American Express USA, Fidelity International and Macquarie Global Finance Services India. 26
RESUMES - Our team Credentials  Head Taxation Risk Advisory Rajesh Jhalani  B.Com, FCA  Senior Partner with 48 year old Delhi based Chartered Accountant firm, Mehrotra and Mehrotra  Over 19 years of experience in the field of Audit, Taxation, Company law matters.  Major clients served are NTPC, BHEL, Bank of India, PNB, Airport Authority of India etc.  Specialist Risk Consultant – ERP & IT Compliance  SAP Certified, MBA (Finance), SAP Security trained (from SAP India), SAP GRC Access Gourav Ladha Controls trained (from SAP India)  Over 7 years of experience working in the area of ERP/IT Risk advisory, primarily focusing on SAP, for ‘Fortune 500’ clients in around 8 countries including US, UK, UAE, Hong Kong, etc  Specializes in SAP Risk & Controls Advisory, SAP Business Process Controls Audit, SAP Security & Segregation of Duties Control Audit, ERP Trainings,  Strong Industry experiences ranging from Beverages, Insurance, Energy, FMCG, Pharmaceutical, Retail, Telecommunication to IT Services  Worked for risk advisory teams of reputed organizations like Ernst & Young, EXL Services 27
RESUMES - Our team Credentials  Vice President – Riskpro India Phanindra Prakash  FCA [India], ACMA [India], CFE [USA], CertIFRS [UK]  Over 16 years of extensive consulting experience which includes financial & systems audit, process transformation, implementation of internal controls, SOX compliance, fraud audits & due diligence, US-India taxation  Engaged in consulting roles as trusted advisor to finance, internal audit and information technology executives of multiple Fortune 1000 companies with project sites in US, Canada, Europe & Asia  Worked with E&Y and Deloitte Consulting in USA  Some of the major clients served internationally are GE Capital, UBS, McKesson, Eaton, Imation, Albertsons,  EVP and Head – Telecom Risk Advisory  M.Tech, IIT Kharagpur, India; IES; Doctoral study, research and teaching in Linkoping University/Sweden; Lead Auditor (BVQI). Asok Sit  Over 30 years on International experience in networks and mobile Handsets from top global companies /institutes like ISRO, Ericsson, Nokia, Nokia Siemens Networks and based mostly in its head quarter locations in India, EU, USA.  Expertise: Setting up capability, behaviour, culture in turning Risk, Quality, Innovation for competitive advantage, customer delight and sustainability; key skill sets are Engagement, Handholding, Coaching, Mentoring and lot of best practices, benchmarking/standards like CMMI, TL9000, Six Sigma, ISO, SAS 70 etc. 28
RESUMES – Our Team  Vice President & Head – IT Risk Advisory Ravikiran Bhandari  Over 14+ Years of Experience in Information Security and Risk Management & CISM certified  Headed the Global Information Security team of Daimler (Mercedes-Benz) Worldwide at Bangalore for 9 years, previously worked at organization like Wipro, Bangalore Labs  Multi-sector experience including Banking, Insurance, Finance, Energy, Manufacturing, Retail, Hi-Tech & Telecom, and Automobile  Well known Ethical hacker: Was featured in BusinessWorld Magazine in an article about leading ethical hackers in India and published several articles in Print and Online Media  Rich experience in Information Security Audits across Corporations, 3rd Party Suppliers, Joint Ventures across several countries in the world including US, UK, China, Germany  Executive Vice President – Riskpro India Siddhartha Ghosh  CPA (USA), ACA, ACS, Grad CWA (India), MBA (USA), Associate ICPAS (Singapore)  Over 25 years of extensive audit and industry experience which includes 19 years with Rolls-Royce India Pvt Ltd at New Delhi and its associate and parent companies of Rolls- Royce in UK, USA and Singapore in all aspects of Finance, Taxation, Audit, Banking, Legal, Company Secretarial, Statutory compliances and due diligence, Internal Control, ESOP, Budgets, Cashflows, Forecasts, MIS Reporting, HR, Expatriate & Office Administration, Payroll, IT, Retirement Funds Administration, Shared Services, Project Accounts, etc.  Worked with Price Waterhouse Coopers for 4 years with reputed MNCs, banks, Indian corporate houses  Worked with McNally Bharat Engineering Company Ltd for 4 years 29
RESUMES - PARTNERSHIPS Credentials Consultant – Information Security & IT Governance  LLB, CA, CISA, CWA, CS, CFE and others Anjay Agarwal  Over 15 years of experience in the field of Audit, Taxation, Investigations.  Specializing in the field of Systems Audit, Cybrex Audit, Computer Crime Investigations, IS Forensics  International Committee Member of Governmental and Regulatory Agencies Board and Academic Relations Committee of ISACA, USA  Consultant – Quality Management Founder of PMG, a TQM Consulting Co in Delhi Piyush Kumar   Mechanical Engineer  20+years experience in TQM concepts.  Strong skill set in various productivity & quality improvement projects including Six Sigma offerings  Past experiences include reputed organizations like Andersen Consulting, Eicher Consulting & Nathan & Nathan consultants 30
RESUMES - PARTNERSHIPS  Specialist Risk Consultant – Business Continuity Andrew Hiles  Founder and 15-year Chairman of Survive, the first international user group for Business Continuity professionals  Founding director and first Fellow of the Business Continuity Institute  Over 25 years international consulting expertise in Risk, Crisis, Emergency, Incident, and Business Continuity and ICT Disaster Recovery Management  Multi-sector experience including Banking, Insurance, Finance, Oil, Gas, Energy, Manufacturing, Retail, Hi-Tech & Telecom  Western Press Award for services to business, 1994; BCI/CIR nomination for lifetime achievement in BC, 1999, London; inducted into BC Hall of Fame by CPM magazine, 2004, Washington DC.  Specialist Risk Consultant – Enterprise Risk Management Chris E. Mandel  Highly skilled risk and insurance professional with 25 years of experience designing, developing and implementing large, global corporate risk management programs for Fortune 500 firms.  Principal Consultant and Founder - Excellence in Risk Management, LLC. (Texas, USA) Co-founder and EVP, Professional Services, rPM3 Solutions, LLC (Maryland, USA).  Past experiences include Head of Global Risk Management for USAA, PepsiCo/Tricon Global and American National Red Cross  Additional risk and insurance experience at Verizon Corp,. Marsh USA and Liberty Mutual Insurance Co.  2004 Risk Manager of the Year – 2007 recipient of the Alexander Hamilton Award for “Excellence in ERM” (at USAA) – former President, Risk and Insurance Management Society, Inc. 31
Strategic Alliance - ‘AssureEasy’ GRC Tool NIIT technologies and RiskPro offer a Unique GRC Management solution on cloud wherein NIIT provides the best in the breed Application platform and RiskPro brings best in class integrated risk management consulting services Platform Differentiators Risk Expertise  Cloud hosting model  High performance business results  No CAPEX, Infrastructure Investment  Improved portfolio optimization  No ongoing application/infrastructure  Enhancing organization’s ability for maintenance cost effective utilization of risk capital  Unique Delivery model  Extremely Fast Implementation  Highly experienced team of risk professionals with  Out of the box implementation in 2-3 weeks time plethora of risk domain knowledge and business  Highly configurable and flexible platform solutions  Customized solutions as per client’s needs  Credibility  Market Differentiators  Platform users include Cognizant , RBS , Fidelity ,  Premier risk consulting firm serving top NIIT Technologies etc. corporates/PSU’s as preferred knowledge  High CSAT ratings from existing Customers partners  Increasing market penetration combined with  System Integration Capabilities unique value proposition in risk consulting space  Services around solution implementation  Risk Management Capability /Application and Infrastructure support  Quick client assessment and delivery proposal  Industry packaged solution using domain across ERM expertise from NIIT’S vertical teams.  Multi industry and functional domain solutions 32
Key Contacts Corporate Mumbai Delhi Bangalore Riskpro India Ventures (P) Manoj Jain Rahul Bhan Casper Abraham Limited Director Director Director M- 98337 67114 M- 99680 05042 M- 98450 61870 info@riskpro.in manoj.jain@riskpro.in rahul.bhan@riskpro.in casper.abraham@riskpro.in www.riskpro.in Shriram Gokte Hemant Seigell Vijayan Govindarajan EVP - Risk Management SVP – Risk Management EVP – Risk Management C 561, Defence colony M- 99536 97905 M- 99166 63652 M- 98209 94063 New Delhi 110024 shriram.gokte@riskpro.in hemant.seigell@riskpro.in vijayan.govindarajan@riskpro.in Sivaramakrishnan Ravikiran Bhandari VP – IT President – Banking & FS Risk Advisory M- 98690 19311 M- 99001 69562 smaran.iyer@riskpro.in ravikiran.bhandari@riskpro.in Ghaziabad / Noida Chennai Kolkata Gurgaon Siddhartha Ghosh R. Muralidharan Kashi Banerjee Nilesh Bhatia EVP - Finance EVP – Risk Management EVP – Risk Management Head – Human Capital Mgt. M- 9810058072 M- 95660 77326 M- 98304 75375 M- 98182 93434 Siddhartha.Ghosh@riskpro.in murali@riskpro.in kashi.banerjee@riskpro.in nilesh.bhatia@riskpro.in R Gupta - Insurance Risk Asok Sit M- 98101 07387 EVP – Telecom Risk Advisory M- 98105 03463 asok.sit@riskpro.in Pune Salem Ahmedabad Hyderabad / Agra M.L. Jain Chandrasekeran Maulik Manakiwala Phanindra Prakash (Hyderabad) Principal – Strategy Risk Recruitment franchisee Member Firm Member Firm M- 98220 11987 M – 94435 99132 M – 98256 40046 M- 95500 61616 mljain@riskpro.in Gourav Ladha Alok Kumar Agarwal (Agra) Sap 33 Risk Advisory Member Firm M- 97129 52955 M- 99971 65253

Recommended

It Risk Advisory Brochure
It Risk Advisory BrochureIt Risk Advisory Brochure
It Risk Advisory BrochureRahul Bhan (CA, CIA, MBA)
 
It Risk Advisory Brochure
It Risk Advisory BrochureIt Risk Advisory Brochure
It Risk Advisory BrochureRahul Bhan (CA, CIA, MBA)
 
It risk advisory brochure 2013
It risk advisory brochure 2013It risk advisory brochure 2013
It risk advisory brochure 2013Rahul Bhan (CA, CIA, MBA)
 
ECATA - Sourcing Strategies of IT Services
ECATA - Sourcing Strategies of IT ServicesECATA - Sourcing Strategies of IT Services
ECATA - Sourcing Strategies of IT ServicesPatrick Nolot
 
Enpower Process Consulting Profile
Enpower Process Consulting ProfileEnpower Process Consulting Profile
Enpower Process Consulting ProfileEnpower Process Consultants
 
Quality and-process-outsourcing
Quality and-process-outsourcingQuality and-process-outsourcing
Quality and-process-outsourcingbhauc
 
Enterprise Directions
Enterprise DirectionsEnterprise Directions
Enterprise DirectionsArnaldo Colombo
 
G2 It Services Overview 09.07.01
G2 It Services Overview 09.07.01G2 It Services Overview 09.07.01
G2 It Services Overview 09.07.01wdgleaton
 

Recommended

It Risk Advisory Brochure
It Risk Advisory BrochureIt Risk Advisory Brochure
It Risk Advisory BrochureRahul Bhan (CA, CIA, MBA)
 
It Risk Advisory Brochure
It Risk Advisory BrochureIt Risk Advisory Brochure
It Risk Advisory BrochureRahul Bhan (CA, CIA, MBA)
 
It risk advisory brochure 2013
It risk advisory brochure 2013It risk advisory brochure 2013
It risk advisory brochure 2013Rahul Bhan (CA, CIA, MBA)
 
ECATA - Sourcing Strategies of IT Services
ECATA - Sourcing Strategies of IT ServicesECATA - Sourcing Strategies of IT Services
ECATA - Sourcing Strategies of IT ServicesPatrick Nolot
 
Enpower Process Consulting Profile
Enpower Process Consulting ProfileEnpower Process Consulting Profile
Enpower Process Consulting ProfileEnpower Process Consultants
 
Quality and-process-outsourcing
Quality and-process-outsourcingQuality and-process-outsourcing
Quality and-process-outsourcingbhauc
 
Enterprise Directions
Enterprise DirectionsEnterprise Directions
Enterprise DirectionsArnaldo Colombo
 
G2 It Services Overview 09.07.01
G2 It Services Overview 09.07.01G2 It Services Overview 09.07.01
G2 It Services Overview 09.07.01wdgleaton
 
Omnitech Corporate Overview
Omnitech Corporate OverviewOmnitech Corporate Overview
Omnitech Corporate Overviewfonsjanssen
 
Itil 2011 Mind Maps
Itil 2011 Mind MapsItil 2011 Mind Maps
Itil 2011 Mind MapsHussein Elmenshawy
 
Hybrid ITSM FrontRange & Gartner Webcast
Hybrid ITSM FrontRange & Gartner WebcastHybrid ITSM FrontRange & Gartner Webcast
Hybrid ITSM FrontRange & Gartner WebcastFrontRange
 
Iiba april 20 presentation
Iiba april 20 presentationIiba april 20 presentation
Iiba april 20 presentationPatrick van Abbema, PMP, CBAP, CSP
 
Va Field Ops And It Governance
Va Field Ops And It GovernanceVa Field Ops And It Governance
Va Field Ops And It Governancejbreeling
 
Sudip Julian Workshop Presentation 23 3 10
Sudip Julian Workshop Presentation 23 3 10Sudip Julian Workshop Presentation 23 3 10
Sudip Julian Workshop Presentation 23 3 10Rajesh_Ibhrampurkar
 
IAPsolutions' corporate presentation
IAPsolutions' corporate presentationIAPsolutions' corporate presentation
IAPsolutions' corporate presentationIAPsolutions
 
GSX_BLUGpresentation 2011
GSX_BLUGpresentation 2011GSX_BLUGpresentation 2011
GSX_BLUGpresentation 2011GSX Solutions
 
Iris-Corp's corporate business profile
Iris-Corp's corporate business profileIris-Corp's corporate business profile
Iris-Corp's corporate business profileIris Corporate Solutions Pvt. Ltd.
 
Process Innovation vs. Governance, Risk and Compliance
Process Innovation vs. Governance, Risk and ComplianceProcess Innovation vs. Governance, Risk and Compliance
Process Innovation vs. Governance, Risk and ComplianceMichael zur Muehlen
 
IAPsolutions Corporate Presentation
IAPsolutions Corporate PresentationIAPsolutions Corporate Presentation
IAPsolutions Corporate PresentationIAPsolutions
 
Introduction to Business Process Management Suite
Introduction to Business Process Management SuiteIntroduction to Business Process Management Suite
Introduction to Business Process Management SuiteAppian
 
NINtec corporate presentation
NINtec corporate presentationNINtec corporate presentation
NINtec corporate presentationNINtec
 
Business Process Managmenet & Intelligent BPM Suites
Business Process Managmenet & Intelligent BPM SuitesBusiness Process Managmenet & Intelligent BPM Suites
Business Process Managmenet & Intelligent BPM Suitesshyjusr
 
iBuild
iBuildiBuild
iBuildibuildsolutions
 
Value Reference Model - Information and Knowledge Mgt
Value Reference Model - Information and Knowledge MgtValue Reference Model - Information and Knowledge Mgt
Value Reference Model - Information and Knowledge MgtArnaldo Colombo
 
Riskpro insurance advisory services 2013
Riskpro insurance advisory services 2013Riskpro insurance advisory services 2013
Riskpro insurance advisory services 2013Rahul Bhan (CA, CIA, MBA)
 
Riskpro construction industry 2013
Riskpro construction industry 2013Riskpro construction industry 2013
Riskpro construction industry 2013Rahul Bhan (CA, CIA, MBA)
 
Insurance fraud risk management service
Insurance fraud risk management serviceInsurance fraud risk management service
Insurance fraud risk management serviceRahul Bhan (CA, CIA, MBA)
 
Riskpro capital markets industry 2013
Riskpro capital markets industry 2013Riskpro capital markets industry 2013
Riskpro capital markets industry 2013Rahul Bhan (CA, CIA, MBA)
 
Bi risk services 2013
Bi risk services 2013Bi risk services 2013
Bi risk services 2013Rahul Bhan (CA, CIA, MBA)
 
Project mgmt services brochure 2013
Project mgmt services brochure 2013Project mgmt services brochure 2013
Project mgmt services brochure 2013Rahul Bhan (CA, CIA, MBA)
 

More Related Content

What's hot

Omnitech Corporate Overview
Omnitech Corporate OverviewOmnitech Corporate Overview
Omnitech Corporate Overviewfonsjanssen
 
Hybrid ITSM FrontRange & Gartner Webcast
Hybrid ITSM FrontRange & Gartner WebcastHybrid ITSM FrontRange & Gartner Webcast
Hybrid ITSM FrontRange & Gartner WebcastFrontRange
 
Va Field Ops And It Governance
Va Field Ops And It GovernanceVa Field Ops And It Governance
Va Field Ops And It Governancejbreeling
 
Sudip Julian Workshop Presentation 23 3 10
Sudip Julian Workshop Presentation 23 3 10Sudip Julian Workshop Presentation 23 3 10
Sudip Julian Workshop Presentation 23 3 10Rajesh_Ibhrampurkar
 
IAPsolutions' corporate presentation
IAPsolutions' corporate presentationIAPsolutions' corporate presentation
IAPsolutions' corporate presentationIAPsolutions
 
GSX_BLUGpresentation 2011
GSX_BLUGpresentation 2011GSX_BLUGpresentation 2011
GSX_BLUGpresentation 2011GSX Solutions
 
Process Innovation vs. Governance, Risk and Compliance
Process Innovation vs. Governance, Risk and ComplianceProcess Innovation vs. Governance, Risk and Compliance
Process Innovation vs. Governance, Risk and ComplianceMichael zur Muehlen
 
IAPsolutions Corporate Presentation
IAPsolutions Corporate PresentationIAPsolutions Corporate Presentation
IAPsolutions Corporate PresentationIAPsolutions
 
Introduction to Business Process Management Suite
Introduction to Business Process Management SuiteIntroduction to Business Process Management Suite
Introduction to Business Process Management SuiteAppian
 
NINtec corporate presentation
NINtec corporate presentationNINtec corporate presentation
NINtec corporate presentationNINtec
 
Business Process Managmenet & Intelligent BPM Suites
Business Process Managmenet & Intelligent BPM SuitesBusiness Process Managmenet & Intelligent BPM Suites
Business Process Managmenet & Intelligent BPM Suitesshyjusr
 
Value Reference Model - Information and Knowledge Mgt
Value Reference Model - Information and Knowledge MgtValue Reference Model - Information and Knowledge Mgt
Value Reference Model - Information and Knowledge MgtArnaldo Colombo
 

What's hot (16)

Omnitech Corporate Overview
Omnitech Corporate OverviewOmnitech Corporate Overview
Omnitech Corporate Overview
 
Itil 2011 Mind Maps
Itil 2011 Mind MapsItil 2011 Mind Maps
Itil 2011 Mind Maps
 
Hybrid ITSM FrontRange & Gartner Webcast
Hybrid ITSM FrontRange & Gartner WebcastHybrid ITSM FrontRange & Gartner Webcast
Hybrid ITSM FrontRange & Gartner Webcast
 
Iiba april 20 presentation
Iiba april 20 presentationIiba april 20 presentation
Iiba april 20 presentation
 
Va Field Ops And It Governance
Va Field Ops And It GovernanceVa Field Ops And It Governance
Va Field Ops And It Governance
 
Sudip Julian Workshop Presentation 23 3 10
Sudip Julian Workshop Presentation 23 3 10Sudip Julian Workshop Presentation 23 3 10
Sudip Julian Workshop Presentation 23 3 10
 
IAPsolutions' corporate presentation
IAPsolutions' corporate presentationIAPsolutions' corporate presentation
IAPsolutions' corporate presentation
 
GSX_BLUGpresentation 2011
GSX_BLUGpresentation 2011GSX_BLUGpresentation 2011
GSX_BLUGpresentation 2011
 
Iris-Corp's corporate business profile
Iris-Corp's corporate business profileIris-Corp's corporate business profile
Iris-Corp's corporate business profile
 
Process Innovation vs. Governance, Risk and Compliance
Process Innovation vs. Governance, Risk and ComplianceProcess Innovation vs. Governance, Risk and Compliance
Process Innovation vs. Governance, Risk and Compliance
 
IAPsolutions Corporate Presentation
IAPsolutions Corporate PresentationIAPsolutions Corporate Presentation
IAPsolutions Corporate Presentation
 
Introduction to Business Process Management Suite
Introduction to Business Process Management SuiteIntroduction to Business Process Management Suite
Introduction to Business Process Management Suite
 
NINtec corporate presentation
NINtec corporate presentationNINtec corporate presentation
NINtec corporate presentation
 
Business Process Managmenet & Intelligent BPM Suites
Business Process Managmenet & Intelligent BPM SuitesBusiness Process Managmenet & Intelligent BPM Suites
Business Process Managmenet & Intelligent BPM Suites
 
iBuild
iBuildiBuild
iBuild
 
Value Reference Model - Information and Knowledge Mgt
Value Reference Model - Information and Knowledge MgtValue Reference Model - Information and Knowledge Mgt
Value Reference Model - Information and Knowledge Mgt
 

Viewers also liked

India and sweden strategy brochure 2013 riskpro
India and sweden strategy brochure 2013 riskproIndia and sweden strategy brochure 2013 riskpro
India and sweden strategy brochure 2013 riskproRahul Bhan (CA, CIA, MBA)
 
Accounting payroll outsourcing services 2013
Accounting payroll outsourcing services 2013Accounting payroll outsourcing services 2013
Accounting payroll outsourcing services 2013Rahul Bhan (CA, CIA, MBA)
 
Marketing risk advisory brochure 2013 riskpro
Marketing risk advisory brochure 2013 riskproMarketing risk advisory brochure 2013 riskpro
Marketing risk advisory brochure 2013 riskproRahul Bhan (CA, CIA, MBA)
 

Viewers also liked (19)

Riskpro insurance advisory services 2013
Riskpro insurance advisory services 2013Riskpro insurance advisory services 2013
Riskpro insurance advisory services 2013
 
Riskpro construction industry 2013
Riskpro construction industry 2013Riskpro construction industry 2013
Riskpro construction industry 2013
 
Insurance fraud risk management service
Insurance fraud risk management serviceInsurance fraud risk management service
Insurance fraud risk management service
 
Riskpro capital markets industry 2013
Riskpro capital markets industry 2013Riskpro capital markets industry 2013
Riskpro capital markets industry 2013
 
Bi risk services 2013
Bi risk services 2013Bi risk services 2013
Bi risk services 2013
 
Project mgmt services brochure 2013
Project mgmt services brochure 2013Project mgmt services brochure 2013
Project mgmt services brochure 2013
 
Bpo risk management 2013
Bpo risk management 2013Bpo risk management 2013
Bpo risk management 2013
 
Independent director sme services 2013
Independent director sme services 2013Independent director sme services 2013
Independent director sme services 2013
 
Bi risk services 2013
Bi risk services 2013Bi risk services 2013
Bi risk services 2013
 
Real estate risk advisory brochure 2013
Real estate risk advisory brochure 2013Real estate risk advisory brochure 2013
Real estate risk advisory brochure 2013
 
Insurance fraud risk management service
Insurance fraud risk management serviceInsurance fraud risk management service
Insurance fraud risk management service
 
Riskpro capital markets industry 2013
Riskpro capital markets industry 2013Riskpro capital markets industry 2013
Riskpro capital markets industry 2013
 
Real estate risk advisory brochure 2013
Real estate risk advisory brochure 2013Real estate risk advisory brochure 2013
Real estate risk advisory brochure 2013
 
Risk management benchmarking 2013
Risk management benchmarking 2013Risk management benchmarking 2013
Risk management benchmarking 2013
 
India and sweden strategy brochure 2013 riskpro
India and sweden strategy brochure 2013 riskproIndia and sweden strategy brochure 2013 riskpro
India and sweden strategy brochure 2013 riskpro
 
Member firm proposal 2013
Member firm proposal 2013Member firm proposal 2013
Member firm proposal 2013
 
Accounting payroll outsourcing services 2013
Accounting payroll outsourcing services 2013Accounting payroll outsourcing services 2013
Accounting payroll outsourcing services 2013
 
Marketing risk advisory brochure 2013 riskpro
Marketing risk advisory brochure 2013 riskproMarketing risk advisory brochure 2013 riskpro
Marketing risk advisory brochure 2013 riskpro
 
Aml training
Aml trainingAml training
Aml training
 

Similar to It risk advisory brochure 2013

Dialogue partners Contact Center Consultancy
Dialogue partners Contact Center ConsultancyDialogue partners Contact Center Consultancy
Dialogue partners Contact Center ConsultancyDialogue Partners
 
Testing as-a-service capability portfolio corbus 02-07-13
Testing as-a-service capability portfolio corbus 02-07-13Testing as-a-service capability portfolio corbus 02-07-13
Testing as-a-service capability portfolio corbus 02-07-13ebreger
 
Guiding Principles for Mobile Payment Readiness
Guiding Principles for Mobile Payment ReadinessGuiding Principles for Mobile Payment Readiness
Guiding Principles for Mobile Payment ReadinessPerficient, Inc.
 
Skills Services Phoenix June2010
Skills Services Phoenix June2010Skills Services Phoenix June2010
Skills Services Phoenix June2010Mike Ryan
 
X duce corporate_overview
X duce corporate_overviewX duce corporate_overview
X duce corporate_overviewgcdelmar
 
ThinkFaculty ITIL Training Course IBM
ThinkFaculty ITIL Training Course IBMThinkFaculty ITIL Training Course IBM
ThinkFaculty ITIL Training Course IBMZyma Arsalan
 
Culture structure strategy_for_a_grc_program
Culture structure strategy_for_a_grc_programCulture structure strategy_for_a_grc_program
Culture structure strategy_for_a_grc_programRamsés Gallego
 
Role Discovery and RBAC Design: A Case Study with IBM Role and Policy Modeler
Role Discovery and RBAC Design: A Case Study with IBM Role and Policy ModelerRole Discovery and RBAC Design: A Case Study with IBM Role and Policy Modeler
Role Discovery and RBAC Design: A Case Study with IBM Role and Policy ModelerProlifics
 
Identity Access Management Fishnet Security
Identity Access Management Fishnet SecurityIdentity Access Management Fishnet Security
Identity Access Management Fishnet Securitytbeckwith
 
Managed Services
Managed ServicesManaged Services
Managed ServicesVenkat J
 
Marlabs- ISMNY Deck
Marlabs- ISMNY DeckMarlabs- ISMNY Deck
Marlabs- ISMNY DeckMarlabs
 
It risk advisory brochure 2013
It risk advisory brochure 2013It risk advisory brochure 2013
It risk advisory brochure 2013Nidhi Gupta
 

Similar to It risk advisory brochure 2013 (20)

It Risk Advisory Brochure
It Risk Advisory BrochureIt Risk Advisory Brochure
It Risk Advisory Brochure
 
It risk advisory brochure 2013
It risk advisory brochure 2013It risk advisory brochure 2013
It risk advisory brochure 2013
 
It risk advisory brochure 2013
It risk advisory brochure 2013It risk advisory brochure 2013
It risk advisory brochure 2013
 
Dialogue partners Contact Center Consultancy
Dialogue partners Contact Center ConsultancyDialogue partners Contact Center Consultancy
Dialogue partners Contact Center Consultancy
 
Testing as-a-service capability portfolio corbus 02-07-13
Testing as-a-service capability portfolio corbus 02-07-13Testing as-a-service capability portfolio corbus 02-07-13
Testing as-a-service capability portfolio corbus 02-07-13
 
Guiding Principles for Mobile Payment Readiness
Guiding Principles for Mobile Payment ReadinessGuiding Principles for Mobile Payment Readiness
Guiding Principles for Mobile Payment Readiness
 
Skills Services Phoenix June2010
Skills Services Phoenix June2010Skills Services Phoenix June2010
Skills Services Phoenix June2010
 
X duce corporate_overview
X duce corporate_overviewX duce corporate_overview
X duce corporate_overview
 
ThinkFaculty ITIL Training Course IBM
ThinkFaculty ITIL Training Course IBMThinkFaculty ITIL Training Course IBM
ThinkFaculty ITIL Training Course IBM
 
Culture structure strategy_for_a_grc_program
Culture structure strategy_for_a_grc_programCulture structure strategy_for_a_grc_program
Culture structure strategy_for_a_grc_program
 
Cogent overview
Cogent overviewCogent overview
Cogent overview
 
Role Discovery and RBAC Design: A Case Study with IBM Role and Policy Modeler
Role Discovery and RBAC Design: A Case Study with IBM Role and Policy ModelerRole Discovery and RBAC Design: A Case Study with IBM Role and Policy Modeler
Role Discovery and RBAC Design: A Case Study with IBM Role and Policy Modeler
 
Supplyweaver
SupplyweaverSupplyweaver
Supplyweaver
 
Identity Access Management Fishnet Security
Identity Access Management Fishnet SecurityIdentity Access Management Fishnet Security
Identity Access Management Fishnet Security
 
Managed Services
Managed ServicesManaged Services
Managed Services
 
Marlabs- ISMNY Deck
Marlabs- ISMNY DeckMarlabs- ISMNY Deck
Marlabs- ISMNY Deck
 
Mindshare Managed It Services Intro V.1
Mindshare Managed It Services Intro V.1Mindshare Managed It Services Intro V.1
Mindshare Managed It Services Intro V.1
 
It risk advisory brochure 2013
It risk advisory brochure 2013It risk advisory brochure 2013
It risk advisory brochure 2013
 
It risk advisory brochure 2013
It risk advisory brochure 2013It risk advisory brochure 2013
It risk advisory brochure 2013
 
It risk advisory brochure 2013
It risk advisory brochure 2013It risk advisory brochure 2013
It risk advisory brochure 2013
 

More from Rahul Bhan (CA, CIA, MBA)

India and sweden strategy brochure 2013 riskpro
India and sweden strategy brochure 2013 riskproIndia and sweden strategy brochure 2013 riskpro
India and sweden strategy brochure 2013 riskproRahul Bhan (CA, CIA, MBA)
 
Accounting payroll outsourcing services 2013
Accounting payroll outsourcing services 2013Accounting payroll outsourcing services 2013
Accounting payroll outsourcing services 2013Rahul Bhan (CA, CIA, MBA)
 

More from Rahul Bhan (CA, CIA, MBA) (20)

CIA degree
CIA degreeCIA degree
CIA degree
 
MBA Nyenrode degree
MBA Nyenrode degreeMBA Nyenrode degree
MBA Nyenrode degree
 
CA final certificate
CA final certificateCA final certificate
CA final certificate
 
B.Com Degree
B.Com DegreeB.Com Degree
B.Com Degree
 
Code of conduct completion certificate
Code of conduct completion certificateCode of conduct completion certificate
Code of conduct completion certificate
 
Marketing risk advisory brochure 2013
Marketing risk advisory brochure 2013Marketing risk advisory brochure 2013
Marketing risk advisory brochure 2013
 
Legal risk advisory services 2013
Legal risk advisory services 2013Legal risk advisory services 2013
Legal risk advisory services 2013
 
Lean six sigma training services 2013
Lean six sigma training services 2013Lean six sigma training services 2013
Lean six sigma training services 2013
 
India entry strategy brochure 2013
India entry strategy brochure 2013India entry strategy brochure 2013
India entry strategy brochure 2013
 
India and sweden strategy brochure 2013 riskpro
India and sweden strategy brochure 2013 riskproIndia and sweden strategy brochure 2013 riskpro
India and sweden strategy brochure 2013 riskpro
 
Independent director sme services 2013
Independent director sme services 2013Independent director sme services 2013
Independent director sme services 2013
 
Fraud risk services 2013
Fraud risk services 2013Fraud risk services 2013
Fraud risk services 2013
 
Fatca compliance brochure riskpro 2013
Fatca compliance brochure riskpro 2013Fatca compliance brochure riskpro 2013
Fatca compliance brochure riskpro 2013
 
Aml training
Aml trainingAml training
Aml training
 
Accounting payroll outsourcing services 2013
Accounting payroll outsourcing services 2013Accounting payroll outsourcing services 2013
Accounting payroll outsourcing services 2013
 
Vendor risk management 2013
Vendor risk management 2013Vendor risk management 2013
Vendor risk management 2013
 
Marketing risk advisory brochure 2013
Marketing risk advisory brochure 2013Marketing risk advisory brochure 2013
Marketing risk advisory brochure 2013
 
Legal risk advisory services 2013
Legal risk advisory services 2013Legal risk advisory services 2013
Legal risk advisory services 2013
 
Lean six sigma training services 2013
Lean six sigma training services 2013Lean six sigma training services 2013
Lean six sigma training services 2013
 
Insurance fraud risk management service
Insurance fraud risk management serviceInsurance fraud risk management service
Insurance fraud risk management service
 

It risk advisory brochure 2013

  • 1. IT Risk Advisory Services Riskpro India Ventures (P) Limited New Delhi, Mumbai, Bangalore 1
  • 2. Who is Riskpro… Why us? ABOUT US MISSION  Riskpro is an organisation of member firms around India devoted to client service  Provide integrated risk management excellence. Member firms offer wide range consulting services to mid-large sized of services in the field of risk management. corporate /financial institutions in India  Currently it has offices in three major cities  Be the preferred service provider for Mumbai, Delhi and Bangalore and alliances complete Governance, Risk and Compliance in other cities. (GRC) solutions.  Managed by experienced professionals with experiences spanning various industries. VALUE PROPOSITION DIFFERENTIATORS  You get quality advisory, normally delivered by large consulting firms, at fee levels  Risk Management is our main focus charged by independent & small firms  Over 200 years of cumulative experience  High quality deliverables  Hybrid Delivery model  Multi-skilled & multi-disciplined organisation.  Ability to take on large and complex projects  Timely completion of any task due to delivery capabilities  Affordable alternative to large firms  We Hold hands, not shake hands. 2
  • 3. Riskpro’s Network Presence New Delhi Agra Jaipur Ahmedabad Kolkata Mumbai Pune Hyderabad Bangalore Chennai Salem 3
  • 4. IT Services Landscape The Backdrop: o Fast changing IT services market o Technological advances o Rising integration of business and technology o Corporate focus on core competencies o Maturation of IT vendor management role Business Need: o Meeting cost, time-to-market o Innovation objectives o Realization by corporates to assemble and integrate services and solutions o Growing demand from best-in-breed suppliers o Acquire the right services at the right prices o Must have deep knowledge of the IT services marketplace o Understanding its future direction o New trends in the application and infrastructure services marketplace 4
  • 5. Riskpro IT Risk Advisory Service Service Offerings Information Information Information Information Information Technology Security Security Technology Technology Service Management Audit Assurance Governance Management 5
  • 6. IT Service Management How we Do •Service architecture Scoping •SLA’s Consulting •ITSM Assessment •Control Processes • Service Delivery • Release & Resolution • IT service road mapping • GAP Analysis Standardizing • • • Tollgate review Performance metrics analysis Compliance review • Standard pre-assessment • ISO 20000 Compliances • • • ITIL practices PDCA cycle alignment Training- Basic / Advanced Value Proposition • Efficient business service delivery processes • Reduced risk in using external service providers • Reduced costs • Enhanced ability to manage business complexities in a diverse operational environment 6
  • 7. Information Security Management How we Do • Risk Assessment & Management • IS security policy framework Consulting • • Internal audit procedures IS controls review • Penetration testing • Compliance- IS policies • IS security implementation review Standardizing • • • GAP analysis Performance metrics analysis Vulnerability assessment • SAS Type II audits & compliance • BS 7799 implementation • ISO 27001/17799 implementation Compliances • • DPA GLBA • HIPAA Value Proposition • Operational resilience • Risk reduction • Secure best practices • Business continuity preventive approach 7
  • 8. Information Security Audit How we Do • Operating system audits • Database audits Consulting • • Networking/ Firewall audits Application systems – Functionality assessment • Web application/Data centre audit • Institutional risk areas review • General Controls- Physical Standardizing security/BCP/BRP • Change management – Controls & Tracking • Application Controls- System edits/Access • IS policies and procedures Compliances • • • IDS Forensic auditing FERPA Value Proposition • Robust IT governance framework • Strategic & operational value through business-risk focused approach • Pre-emptive risk control capability • Corporate IT compliance adherence for future business initiatives and IT investments 8
  • 9. IT Assurance How we Do • Business Continuity Planning • Consulting • Cyber crime investigative services IT external & internal audits • IT assessment and benchmarking • Data protection and privacy • Standardizing • IT security & business flexibility IT project assurance reviews • Compliances – IS policies • SAS 70 • ISAE 3402 Compliances • ISO 27002 • PCI DSS Value Proposition • Advanced technologies capabilities advisory • Proactively manage your technology risks • Helping you to use data to fullest potential use • Securing while delivering high performance business results 9
  • 10. IT Governance How we Do • COBIT and ITIL reviews • Consulting • Identification of IT risks exposure Risk mitigation controls review • Balanced scorecard • Val IT business valuation plan • Standardizing • IT & Business Maturity models IT governance improvement methods • Improving IT skills & resources • ISO 38500/COBIT • Compliances • CMM TOGAF • ISO 22301 (new standard) Value Proposition • Ensuring your organizational structures & business processes are complaint • IT support framework enables to meet business strategic objectives • Useful framework tool for benchmarking the balance and effectiveness of IT governance practices 10
  • 11. Annexure- IT Advisory Offerings 11
  • 12. IT Service Management- Detailed Components How we Do - Systematic defining business case - Assessment of current- state gaps Process Excellence - Defining optimum process frameworks - Training & process deployment - Effective change management - Agile readiness- Risk identification & mitigation - Agile maturity assessment Agile Services - Process definition and best fit deployment - Project manager services - Training and mentoring services - Lean assessment for end-to-end processes - Opportunity assessment - Identifying improvements Lean Six Sigma - Project execution - Coaching & mentoring for processes - Training & Certification- GB/BB - Service model assessment & design - Process design , documentation Service Excellence - Maturity evaluation and audits - Outsourcing service model design - Configuration management - Baseline assessment existing vs industry best practice - Design estimation processes and techniques Software Estimation - Deployment and continuous improvement process - Organization performance benchmarking 12
  • 13. Information Security Mgmt- Detailed Components How we Do - Risk assessment /Developing mitigation strategy - Business critical function>Outage & Recovery time Business Continuity - Developing business/IT disaster recovery plan - BS 25999 implementation support –BCM tools - BCM audits and training - Vulnerability & penetration testing - Static and dynamic analysis (secure code review) Enterprise Application Security - Security configuration review - Compliance assessment ( SOX, PCI, HIPAA) - Remediation plan - IAM Visualization- Feasibility/Roadmap/Business case - IAM solution evaluation- Identity and Access Management - IAM prioritization- TCO & Cost benefit analysis - IAM Execution- Role management/SSO/Access - Audit, reporting, Training - - Compliance assessment – GAP analysis - Vendor/ Third party risk assessments IS Compliance - ISO 27001 advisory (Controls design & Evaluation) - IS Audit- Risk based/IT security/IT operations/ERP - IT GRC : Software's, Strategy , framework & roadmap - 13
  • 14. Information Security Audit- Detailed Components How we Do - Policy and Procedure Review - Active Social Engineering Security Operations - Third Party Oversight Review - System Inventory & Documentation Threat Mitigation - Physical/Environmental SecurityReview Security Technologies - Personnel / IT Staff Training - Internal Vulnerability assessment Professional Services - Host/ Network Diagnostic Review - Access Control Review 14
  • 15. IT Assurance - Detailed Components How we Do - Enterprise Test Strategy - Test process definition - Structural code assessment - Test automation strategy: Tools/ Framework - Performance Test strategy: Tools Consulting & Advisory - Security Test strategy: Tools - Test environment & Data management - Specialized test strategy - Tool and product evaluation - Administration and Management - Requirement management - Static Analysis/Structural code evaluation - Unit and integration testing - Functional testing ( system, integration cycle) - Performance testing (Load, volume, Stress , tuning) Functional/ Support Services - Security testing - Non-functional testing ( OAT, Usability) - Regression testing - Test automation - Environment management- Data, Release, UAT 15
  • 16. IT Governance - Detailed Components How we Do Project Portfolio Management High Availability –Disaster Strategy & Roadmap Recovery Set up Process Re-engineering Dashboards- Predictive Analysis Migrations- Outsourcing Governance Extract > Transport > Load Application Portfolio Rationalization Integrations & Upgrades Production Support- Performance Management Implementation /Maintenance 16
  • 17. Annexure – Service Sample 17
  • 18. Compliance related Services Insider Attack Manage your Compliance Needs Non-Compliance Dash Board Your Organization • We will assist you to ensure your information is secure • Compliance checks – ISO27001,ITGC,SOX,PCI-DSS and generic checks • BCP/DRP solutions • Long term/Short term goal setting – efficient mitigation* • Unique reporting – Dashboard based* • Certification is important but not everything rather security is Usually 3-4 Weeks depends on Projects Long Term Your Supplier • Check your IT Suppliers to ensure they follow your standards Short Term • Check current implementation of standards (ISO27001…) • Hand hold mitigation control implementation • Increase security of your suppliers • Dashboard view of all your suppliers and their status • Checks and repeat checks to ensure security controls are maintained • Exit Assessments Usually 1-2 Weeks depends on Projects 18
  • 19. Security in Software Development Mobile Malware Phishing Services on the applications users use Insider Attack ACH Fraud S (SDLC) – Secure Your Code/Information Phases Do you want a Secure Rollout? Threat model How much security is enough? Requirements Security in Requirements engineering Information Classification Are standards followed? Architecture Security Is encryption is needed? how? Design How to API’s interact HOUSTON methods IT Policy compliant? XSS,SQL Injection, CSRF? Coding Code reviews done? Developers & Security? How to handle buffer overflow Can the code protect itself? Does Testing involve security? Proof of Concept intrusion Testing How to handle buffer overflow Risks mitigated? Do we have a security test plan throughout? Rollout Can you confidently go to Production? is there a Security Quality Gate Pass? 19
  • 20. Vulnerability Assessment and Penetration Testing DDoS Attacks Your network, servers, computers Fraud Ethical Hack and Fix Services Hackers/Disgruntled Employees/Competition/Insider Attacks Our Services • Focus on critical business systems for your enterprise How Can I get access to • Ethical hacking into your network to find out security issues before a hacker does Your • Routers/Switches/UPS/Videoconference systems/Servers/VOIP systems/Firewalls/ and most connected Network/People/Money? devices on the network, the information can be stolen anywhere if we don’t take proper care • Dashboard view of vulnerabilities v/s the security risks • Vulnerabilities mapped to actual business risks (not just telling you to fix the issue but also why to fix it?, can you live with a risk?) • Training your IT teams to understand vulnerabilities May be I should get in How about, the receptionist, • Year long support in fixing the issues and ensuring your systems stay up to dated with latest security through the WLAN, it seems can I coax her into revealing patches to be unsecure some info? May be it is better I access the router… SNMP? MD 5 Hash 1-2 Weeks onsite & 4 Weeks Offshore Usually Decryption? Looks like their Videoconference has a public That user could be a good IP target for key logger Trojan! I We don’t call it Vulnerability can get credit cards! Hey I have administrator Scanning, We say “hacking” Access locally so, it’s a gold mine! How about launching a attack That webserver is not at all on the government using their patched, lets Deface them! systems? 20
  • 21. Cloud Specific Security Services Securing the cloud that you operate on DDoS Attacks Insider Attack Fraud Dark Cloud This is a unique service designed to assess the Cloud Service Provider platform from an information security risks/threats point of view. • Cloud Service Operational/Governance Assessment (Onsite Interview based): We will check for your cloud security compliance to well known industry standards including cloud security alliance. • Penetration testing of the Cloud Service Provider: This service would be a intruders perspective on your cloud setup to see if your customers are protected from different security risks like espionage, Information theft, customer privacy exposure, defacements, financial data leakage, Virus/Trojan insertion, DDoS attacks, etc. Apart from this the report would also indicate your compliance to different industry standards like ISO 27001, PCI-DSS, SOX etc. 21
  • 22. Riskpro Clients Our Clients Banking/ Insurance Corporate MNC Banking Intl Consulting IT / Others *Any trademarks or logos used throughout this presentation are the property of their respective owners 22
  • 23. Team Experiences Our Experiences Our team members have worked at world class Companies *Any trademarks or logos used throughout this presentation are the property of their respective owners 23
  • 24. RESUMES – Our team Credentials  Co-Founder - Riskpro  CA, CPA, MBA-Finance (USA), FRM (GARP) Manoj Jain  Over 10 years international experience – 6 years in Bahrain and 4 years USA  15 years exp in risk management consulting and internal audits, Specialization in Operational Risk, Basel II, Sox and Control design  Worked for Ernst & Young (Bahrain), Arab Investment Company (Bahrain), Navigant Consulting(USA), Kotak Mahindra Bank (India) and Credit Suisse(India)  Sox Compliance project for Fannie Mae, USA ( $900+ Billion Mortgage Company)  Co- Founder - Riskpro  CA (India), MBA (Netherlands), CIA (USA) Rahul Bhan  Over 15 years of extensive internal and external audit experience in India and abroad.  Worked with KPMG United Arab Emirates, PKF South Africa, Ernst and Young Kuwait, Deloitte Netherlands and KPMG India.  Worked with clients in a wide variety of industries and countries including trading, retail and consumer goods, NGO, manufacturing and banking and finance. Major clients include banks, investment companies, manufacturing organizations, aviation etc. 24
  • 25. RESUMES - Our team Credentials  Co-Founder - Riskpro Casper Abraham  PGD (Electrical & Electronics & Computer Programming)  30 years of experience in Information & Communications Technology (ICT) Solutions for Retail, Garments, Manufacturing, Services Industries.  Has created Companies, Divisions, Products, Brands, Teams & Markets.  Consulting in Business, Technology, Marketing & Sales & Strategic Planning.  Advisory, Training, Workshops & Implementation in Systems Thinking, Systems Modeling & Balanced Scorecard  Worked with TIFR, Mahindra, Ambience, Communico-Graphique & Ionidea Inc, USA,  Sr Vice President – Risk Management  MBA, PDFM,NSE-NCFM, PMP, CSSGB,ISO 9001:2000 I.A,GARP-FBR, ITILV3,CPP-BPM Hemant Seigell  Professional with 17 years of rich experience into diverse Consumer finance/ Lending operations ,Risk Management,BPMS, Consumer Banking, NBFC, Management Consulting & Housing finance in BFSI industry having successfully led key business strategic engagements across multi-product environment in APAC, Australia and US regions.  Worked with GE, ABN AMRO Bank, Citigroup, Accenture, Deutsche Postbank  Highly skilled and expert Trainer in Risk areas across Credit, Fraud, Operational, Corporate Risk management.  Specializes in Fraud Control, AML/KYC Compliance ,QA ,ERM and Regulatory governance. 25
  • 26. RESUMES - Our team Credentials  Head - Insurance Risk Advisory services  B.sc, Associate of Indian Institute of Insurance Licensed Category A Insurance surveyor R. Gupta   26 years of experience in Insurance advisory services, Loss adjusting for large corporates,Claims management.  Has assessed more than 4500 high value insurance claims across various industry sectors.  Risk management inspection  Valuations of fixed assets for insurance purpose.  Head - Human Capital Management Nilesh Bhatia  Chartered Accountant, Lead Assessor ISO 9000, Six Sigma Trained, Trained on Situational Leadership, Trained on interviewing skills and Whole Message Model.  Over two decades of international, multi-cultural experience in finance and human resources viz. internal audit, accounting operations, accounting process review & re-designing, risk management, business solutioning, six sigma projects, talent acquisition, talent retention, organization design/redesigning, compensation and appraisal processing, employee and customer satisfaction surveys, knowledge management and finance services.  Worked with Citicorp/MGF, India Glycol, Delphi, American Express India, American Express USA, Fidelity International and Macquarie Global Finance Services India. 26
  • 27. RESUMES - Our team Credentials  Head Taxation Risk Advisory Rajesh Jhalani  B.Com, FCA  Senior Partner with 48 year old Delhi based Chartered Accountant firm, Mehrotra and Mehrotra  Over 19 years of experience in the field of Audit, Taxation, Company law matters.  Major clients served are NTPC, BHEL, Bank of India, PNB, Airport Authority of India etc.  Specialist Risk Consultant – ERP & IT Compliance  SAP Certified, MBA (Finance), SAP Security trained (from SAP India), SAP GRC Access Gourav Ladha Controls trained (from SAP India)  Over 7 years of experience working in the area of ERP/IT Risk advisory, primarily focusing on SAP, for ‘Fortune 500’ clients in around 8 countries including US, UK, UAE, Hong Kong, etc  Specializes in SAP Risk & Controls Advisory, SAP Business Process Controls Audit, SAP Security & Segregation of Duties Control Audit, ERP Trainings,  Strong Industry experiences ranging from Beverages, Insurance, Energy, FMCG, Pharmaceutical, Retail, Telecommunication to IT Services  Worked for risk advisory teams of reputed organizations like Ernst & Young, EXL Services 27
  • 28. RESUMES - Our team Credentials  Vice President – Riskpro India Phanindra Prakash  FCA [India], ACMA [India], CFE [USA], CertIFRS [UK]  Over 16 years of extensive consulting experience which includes financial & systems audit, process transformation, implementation of internal controls, SOX compliance, fraud audits & due diligence, US-India taxation  Engaged in consulting roles as trusted advisor to finance, internal audit and information technology executives of multiple Fortune 1000 companies with project sites in US, Canada, Europe & Asia  Worked with E&Y and Deloitte Consulting in USA  Some of the major clients served internationally are GE Capital, UBS, McKesson, Eaton, Imation, Albertsons,  EVP and Head – Telecom Risk Advisory  M.Tech, IIT Kharagpur, India; IES; Doctoral study, research and teaching in Linkoping University/Sweden; Lead Auditor (BVQI). Asok Sit  Over 30 years on International experience in networks and mobile Handsets from top global companies /institutes like ISRO, Ericsson, Nokia, Nokia Siemens Networks and based mostly in its head quarter locations in India, EU, USA.  Expertise: Setting up capability, behaviour, culture in turning Risk, Quality, Innovation for competitive advantage, customer delight and sustainability; key skill sets are Engagement, Handholding, Coaching, Mentoring and lot of best practices, benchmarking/standards like CMMI, TL9000, Six Sigma, ISO, SAS 70 etc. 28
  • 29. RESUMES – Our Team  Vice President & Head – IT Risk Advisory Ravikiran Bhandari  Over 14+ Years of Experience in Information Security and Risk Management & CISM certified  Headed the Global Information Security team of Daimler (Mercedes-Benz) Worldwide at Bangalore for 9 years, previously worked at organization like Wipro, Bangalore Labs  Multi-sector experience including Banking, Insurance, Finance, Energy, Manufacturing, Retail, Hi-Tech & Telecom, and Automobile  Well known Ethical hacker: Was featured in BusinessWorld Magazine in an article about leading ethical hackers in India and published several articles in Print and Online Media  Rich experience in Information Security Audits across Corporations, 3rd Party Suppliers, Joint Ventures across several countries in the world including US, UK, China, Germany  Executive Vice President – Riskpro India Siddhartha Ghosh  CPA (USA), ACA, ACS, Grad CWA (India), MBA (USA), Associate ICPAS (Singapore)  Over 25 years of extensive audit and industry experience which includes 19 years with Rolls-Royce India Pvt Ltd at New Delhi and its associate and parent companies of Rolls- Royce in UK, USA and Singapore in all aspects of Finance, Taxation, Audit, Banking, Legal, Company Secretarial, Statutory compliances and due diligence, Internal Control, ESOP, Budgets, Cashflows, Forecasts, MIS Reporting, HR, Expatriate & Office Administration, Payroll, IT, Retirement Funds Administration, Shared Services, Project Accounts, etc.  Worked with Price Waterhouse Coopers for 4 years with reputed MNCs, banks, Indian corporate houses  Worked with McNally Bharat Engineering Company Ltd for 4 years 29
  • 30. RESUMES - PARTNERSHIPS Credentials Consultant – Information Security & IT Governance  LLB, CA, CISA, CWA, CS, CFE and others Anjay Agarwal  Over 15 years of experience in the field of Audit, Taxation, Investigations.  Specializing in the field of Systems Audit, Cybrex Audit, Computer Crime Investigations, IS Forensics  International Committee Member of Governmental and Regulatory Agencies Board and Academic Relations Committee of ISACA, USA  Consultant – Quality Management Founder of PMG, a TQM Consulting Co in Delhi Piyush Kumar   Mechanical Engineer  20+years experience in TQM concepts.  Strong skill set in various productivity & quality improvement projects including Six Sigma offerings  Past experiences include reputed organizations like Andersen Consulting, Eicher Consulting & Nathan & Nathan consultants 30
  • 31. RESUMES - PARTNERSHIPS  Specialist Risk Consultant – Business Continuity Andrew Hiles  Founder and 15-year Chairman of Survive, the first international user group for Business Continuity professionals  Founding director and first Fellow of the Business Continuity Institute  Over 25 years international consulting expertise in Risk, Crisis, Emergency, Incident, and Business Continuity and ICT Disaster Recovery Management  Multi-sector experience including Banking, Insurance, Finance, Oil, Gas, Energy, Manufacturing, Retail, Hi-Tech & Telecom  Western Press Award for services to business, 1994; BCI/CIR nomination for lifetime achievement in BC, 1999, London; inducted into BC Hall of Fame by CPM magazine, 2004, Washington DC.  Specialist Risk Consultant – Enterprise Risk Management Chris E. Mandel  Highly skilled risk and insurance professional with 25 years of experience designing, developing and implementing large, global corporate risk management programs for Fortune 500 firms.  Principal Consultant and Founder - Excellence in Risk Management, LLC. (Texas, USA) Co-founder and EVP, Professional Services, rPM3 Solutions, LLC (Maryland, USA).  Past experiences include Head of Global Risk Management for USAA, PepsiCo/Tricon Global and American National Red Cross  Additional risk and insurance experience at Verizon Corp,. Marsh USA and Liberty Mutual Insurance Co.  2004 Risk Manager of the Year – 2007 recipient of the Alexander Hamilton Award for “Excellence in ERM” (at USAA) – former President, Risk and Insurance Management Society, Inc. 31
  • 32. Strategic Alliance - ‘AssureEasy’ GRC Tool NIIT technologies and RiskPro offer a Unique GRC Management solution on cloud wherein NIIT provides the best in the breed Application platform and RiskPro brings best in class integrated risk management consulting services Platform Differentiators Risk Expertise  Cloud hosting model  High performance business results  No CAPEX, Infrastructure Investment  Improved portfolio optimization  No ongoing application/infrastructure  Enhancing organization’s ability for maintenance cost effective utilization of risk capital  Unique Delivery model  Extremely Fast Implementation  Highly experienced team of risk professionals with  Out of the box implementation in 2-3 weeks time plethora of risk domain knowledge and business  Highly configurable and flexible platform solutions  Customized solutions as per client’s needs  Credibility  Market Differentiators  Platform users include Cognizant , RBS , Fidelity ,  Premier risk consulting firm serving top NIIT Technologies etc. corporates/PSU’s as preferred knowledge  High CSAT ratings from existing Customers partners  Increasing market penetration combined with  System Integration Capabilities unique value proposition in risk consulting space  Services around solution implementation  Risk Management Capability /Application and Infrastructure support  Quick client assessment and delivery proposal  Industry packaged solution using domain across ERM expertise from NIIT’S vertical teams.  Multi industry and functional domain solutions 32
  • 33. Key Contacts Corporate Mumbai Delhi Bangalore Riskpro India Ventures (P) Manoj Jain Rahul Bhan Casper Abraham Limited Director Director Director M- 98337 67114 M- 99680 05042 M- 98450 61870 info@riskpro.in manoj.jain@riskpro.in rahul.bhan@riskpro.in casper.abraham@riskpro.in www.riskpro.in Shriram Gokte Hemant Seigell Vijayan Govindarajan EVP - Risk Management SVP – Risk Management EVP – Risk Management C 561, Defence colony M- 99536 97905 M- 99166 63652 M- 98209 94063 New Delhi 110024 shriram.gokte@riskpro.in hemant.seigell@riskpro.in vijayan.govindarajan@riskpro.in Sivaramakrishnan Ravikiran Bhandari VP – IT President – Banking & FS Risk Advisory M- 98690 19311 M- 99001 69562 smaran.iyer@riskpro.in ravikiran.bhandari@riskpro.in Ghaziabad / Noida Chennai Kolkata Gurgaon Siddhartha Ghosh R. Muralidharan Kashi Banerjee Nilesh Bhatia EVP - Finance EVP – Risk Management EVP – Risk Management Head – Human Capital Mgt. M- 9810058072 M- 95660 77326 M- 98304 75375 M- 98182 93434 Siddhartha.Ghosh@riskpro.in murali@riskpro.in kashi.banerjee@riskpro.in nilesh.bhatia@riskpro.in R Gupta - Insurance Risk Asok Sit M- 98101 07387 EVP – Telecom Risk Advisory M- 98105 03463 asok.sit@riskpro.in Pune Salem Ahmedabad Hyderabad / Agra M.L. Jain Chandrasekeran Maulik Manakiwala Phanindra Prakash (Hyderabad) Principal – Strategy Risk Recruitment franchisee Member Firm Member Firm M- 98220 11987 M – 94435 99132 M – 98256 40046 M- 95500 61616 mljain@riskpro.in Gourav Ladha Alok Kumar Agarwal (Agra) Sap 33 Risk Advisory Member Firm M- 97129 52955 M- 99971 65253