grc summit 2012

of 6 /6
8/21/2019 GRC Summit 2012 1/6 “Organisations manage their governance, risk management, legal and regulatory compliance in an unconnected manner, separated through functional lines, multi locations and sub units”  Join this interactive, wide ranging and new thought generating forum  to discuss way forward solutions, sharing of ideas on new initiatives and Maturity Models of GRC. A must attend Meeting and Networking Forum for Heads of Legal, Compliance, Governance, Audit, Risk Management, Finance, CIO and CTO To Discuss best practices in Governance, Risk Management & Compliance & Process for integrating and harmonizing people and process for a workable, practical Integrated and Unified GRC Framework  15  th   16  th  March 2012 Peninsula Grand, Mumbai Media Partners Conceptualized & Organized by Technical Partner Platinum Partner Silver Partners Bronze Partners Gold Partners Knowledge Partner

Author: abidalidossa

Post on 07-Aug-2018




0 download

Embed Size (px)


  • 8/21/2019 GRC Summit 2012


    “Organisations manage their governance, risk

    management, legal and regulatory compliance in an

    unconnected manner, separated through functional

    lines, multi locations and sub units” 

    Join this interactive, wide ranging and new thought generating forum  to discuss way forward solutions, sharing of ideas on newinitiatives and Maturity Models of GRC.

    A must attend Meeting and Networking Forum for Heads of Legal, Compliance, Governance, Audit, Risk Management, Finance, CIO and CTOTo Discuss best practices in Governance, Risk Management & Compliance &

    Process for integrating and harmonizing people and process for a workable, practicalIntegrated and Unified GRC Framework  

    15 th

     – 16 th

     March 2012Peninsula Grand, Mumbai

    Media Partners

    Conceptualized &

    Organized byTechnical Partner

    Platinum Partner

    Silver Partners Bronze Partners

    Gold PartnersKnowledge Partner

  • 8/21/2019 GRC Summit 2012



    © Copyright ITP Publishing India Pvt. Ltd. Any reproduction in part or full is prohibited without permission from ITP Publishing India Pvt. Ltd.

    Good Governance Effective and Real-time Risk Management and adhering to Regulatory Compliances have

    direct impact on your organizations

    There is an urgent and immediate need to cut complexities brought by necessity to manage governance, risk management and regulatory compliances which are now ov erseen by a number of departments includinginternal audit, information technology, compliance and regulatory management, enterprise risk management (ERM), operational risk and incident management amongst others.

    Ground Reality is that multiple groups bear responsibility for several functions and processes; they operate in silos, with i nsufficient sharing of information and following multiplicity of frameworks and systems.Anumber of thought leaders are now talking about the business sense to optimize resources and these intersecting activities as a Singular Function to bring about efficiencies, reduce or eliminate repetitions of same taskby multi departments, need to come beyond the paper trail to practices in real time by formulating a common GRC Framework.

    Thoughts on GRC have been discussed for some time as was during the 1 st 

     Edition of the GRC summit, yet real-time and inclusive integration is still work in process and what emerged is that the real work is to bringall the stakeholders working together in an integrated GRC framework.

    Audits, Finance, Compliance, Risk and Legal have their own functioning styles and process. Business line managers and IT bring in their own perspectives, which complicate adoption.

    Understanding and reconciling these disparities and conflicts is critical to success when driving an enterprise-wide GRC program.

    This inclusive two day conference bring together all stakeholders on a common discussion platform to see, hear and determine best practices in inter-linking people, processes and technology for the most appropriate GRC framework and a practical adoption roadmap that will work in today’s work and business environment !

    “The key SUCCESS for a GRC PROGRAM is a coordinated effort by AUDIT, LEGAL, RISK and COMPLIANCE functions andamong key administrative, operational personnel and business lines in both the implementation of the systems and the

    interpretation of the data generated” 

    Who Should Attend:-


      Chief Risk Officers

      Chief Legal Counsel

      Chief Compliance Officer

      Chief Internal Audit

      Chief Information Officer

      Chief Information Security

    Vice Presidents, General Managers, Head,Functional Managers & Consultants of:-


      Corporate Governance






      Enterprise Risk Management

      Legal and Regulatory


      Operational Risk

      Audit & Internal Controls

      Information Technology

      Information Security

      Management Assurance

    Sanjay has more than 20 years of rich experience in the fields of Risk Management, Accounting, Controllership,Business integration and ERP implementation. Over last ten years he has been focusing on the RiskManagement & Corporate Governance for manufacturing as well as service industries. Sanjay has extensiveexperience and specializes in developing & implementing integrated Risk Management framework, whichincludes synergizing Enterprise Risk Management, Risk Based Internal Audit, Sarbanes ‟  Oxley Compliance,Revenue Assurance and Fraud Management.

    In his current position as the Head of Management Assurance Group at Tata Communications Limited, his focusis to converge various governance functions into an integrated Governance Risk & Compliance (GRC) function.

    Sanjay has extensive & varied experiences of working with Fortune 500 & large India companies like Monsanto,Shell Petroleum, Ranbaxy & Reliance Communications

    Venue: Hotel Peninsula Grand,

    Andheri - East, Mumbai 

    Sanjay K Mathur,Vice President & Head Management Assurance Group Tata Communications Limited

    Platinum Partners: NIIT Technologies

    “NIIT Technologies is a leading IT solutions organization, servicing customers in North America, Europe , Middle East, Asia andAustralia. It offers services in Application Development and Maintenance, Managed Services, IP Asset or Platform Solutions, andBusiness Process Outsourcing to organizations in the Financial Services, Travel & Transportation, Manufacturing/Distribution,Healthcare and Government sectors. The Company adheres to major global benchmarks and standards, having secured the ISO9001:2000 certifications and the ISO: 27001 Information Security Management accreditation. NIIT Technologies also follows globalstandards of development. It has been assessed at Level 5 of SEI CMMi version 1.2. NIIT Technologies Business Process Outsourcingconforms to the highest quality standards such as COPC and Six S igma. Its data centre operations are assessed at the international ISO20000 IT management standards. The Company is embracing the potential of Cloud Computing as an early entrant into this space.Over the years, the Company has forged extremely rewarding relationships with global majors, a testimony to mutual commitmentand its ability to retain marquee clients, drawing repeat business from them. The Company’s vision is to be the “First Choice” ofservices for the focused segments serviced. The Company has been conferred with the LEED Platinum Green Building rating for theSoftware Development Block (SDB) on its 25 acre campus, designed to integrate people, spaces, and complex workflow. The building

    was conceived and built with a holistic approach to sustainability in five key areas: sustainable site development, water saving, energyefficiency, materials selection and indoor environmental quality. NIIT Technologies has 21 sales offices located in 14 countries with 7Near Shore Centres and 6 Data Centres across globe.

    NIIT Technologies’ Risk Management  Solution, Assure Easy enables its customers to evolve daily management of these risks intoreal competitive advantage. NIIT Technologies provides best-of-breed Risk Management Solution for Operational Risk, Technology Riskand Compliance Management. Supported by the company’s On-Demand GRC Platform, it offers highly configurable and flexibledeployment options that offer advantages such as reduced time-to-market and lower cost of ownership.

    For further information, please visit and” 

    Angie Chew is the Vice-President of NIIT Technologies and isresponsible for the GRC product, Assure Easy.Prior to joining NIIT Technologies she was the CIO of the Ministry ofCommunications & the Arts and the National Heritage Board, Vice-President at Singapore Airlines, Principal at the Ministry of HealthHoldings Regional Director at Visa International and Senior Managerat Accenture. Angie is currently based in Singapore

    Angie Chew,Vice-President,NIIT Technologies

    Knowledge Partners: IBM

    IBM OpenPages – Governance, Risk and Compliance.

    Driving business performance with Insight. Managing risk, improving compliance.

    Governance, risk, and compliance solutions enable customers to identify, manage, monitor and report on risk and complianceinitiatives across the enterprise, helping businesses to reduce loss, improve decision-making about resource allocation, and optimize

    business performance.The IBM OpenPages GRC Platform software allows organizations to:

    „  Identify, manage, monitor, and analyze risk across the enterprise in a single, integrated solution by eliminating the silos of

    Compliance, Audit, IT Risk, Operational Risk Management etc.

    „  Integrate risk management and compliance processes to meet the persistent challenge of regulatory oversight

    „  Leverage GRC information to make better business decisions

    „  Empower decision makers with fully scalable and interactive reporting and trending tool

    Conference Chair Day One Conference Chair Day Two

  • 8/21/2019 GRC Summit 2012



    © Copyright ITP Publishing India Pvt. Ltd. Any reproduction in part or full is prohibited without permission from ITP Publishing India Pvt. Ltd.

    8.00 Registration and morning refreshment

    9.15Mainstreaming of GRC into Business ProcessKeynote address by session chair

    Sanjay K Mathur, VP & Head Management Assurance Group, Tata Communications Limited

    9.30Key Note Panel: Where & Why is GRC integration needed most?

    Cost saving or Effective functioning?

    Board of Directors Perspective    Examining current governance vulnerabilities & GRC integration interplay in plugging

    governance gaps  Evaluating GAPS in governance, risk management & compliance and ground realties

    which are real needs for effective board functioning  Role of integrated GRC strategy in increasing business transparency and business


    Perspective from Management (CEO and MD)  

      Gaps in risk management, compliance which hinder organisational top line and bottom-line

      How can GRC help in effective functioning and managing of companies?  What are the key expectations from CXO  GRC as a Business Enabler

    Suparna Singh, VP, Governance and Risk Management,Essar Group

    Ravi Raman, Head Investment Analytics and Operations  InfraHedge Ltd- A State Street Subsidiary.

    Hemant Kumar, President Legal, Reliance Communications

    Suhas Tuljapurkar, Managing Partner, Legasis PartnersFounder Director, Legasis Services Pvt. Ltd

    1.00 Refreshment and networking break

    1.30 Moving from Compliance to Assurance: Can We Leverage GRC?

    With the present challenge of a consistently changing compliance landscape it isimperative to build a robust and effective compliance management system.

    This presentation will cover how GRC can help build the management assurance so that itnot just helps meeting the compliance but also helps in reporting of compliance effectively.

    Manohar Ganshani, Practice Partner, Governance, Risk and Compliance, Wipro Consulting Services  

    2.00 Enterprise GRC platform better answer to Siloed approach ofmanaging GRC

    Arlene Laungayan, Senior Director, Operational Risk,BM 

    2.30 GRC, BI & Enterprise Mobility - A case for Convergence, ExecutiveReporting and ROI

    Anand Tatavarthi, Vice President,Cura Technologies Limited

    3.00 “The Complexity of the Compliance Challenge in India”.

    The presenter shall seek to understand why statutory compliance is such a challenge in India.He proposes that the problem is a complex of:1. Indian historic experience,2. The Indian cultural context, and3. The structure of our laws and the democracy tax we pay.In conclusion, comment is made on the dynamics of our changing legal and statutorylandscape

    Ranjeev C. Dubey, Managing Partner,

    N South Advocates

    13.30  Networking lunch

    14.30 Expert Panel Discussion:Practical Road Map for GRC Convergence

    Methodology to link process and technology for effectivelybridging together internal audit, risk management, information security,operations and compliance functions  • 

    GRC Champion: Who should leads the initiative?•  What are key steps in integrating GRC into the company culture and work ethos?• 

    How do you position GRC structures right in o rganizational hierarchy?• 

    Challenges and practical path for creating a sustainable structure•  Identifying and bridging the GAP between department and a unified GRC



    Communication strategy in getting the right message across to all stakeholders•  How do you create harmony between business roles?• 

    Accommodating stakeholder requirements• 

    What is the ideal GRC framework and state of future play for fast growthcompanies?

    •  Cost of integrating of GRC with company’s present system? How do you work onlowering cost implications on size and nature of organization

    Identifying current challenges and business benefits for a unified GRCframework?  • 

    Is the corporate world looking at GRC as a strategic tool or Monitoring / Controlconcept or value creation? Why?

    •  What are the current challenges in organization in aligning governance, riskmanagement and compliance framework?

    •  What is the ideal GRC framework, state of future play and business benefit for fastgrowing company or for a globally expanding corporate and why?


    Siloed functions and impact on your GRC strategy?

    Change Management: How do you manage transition from silo assurance and

    compliance functions to an integrated GRC - addressing concerns ofstakeholders at various levels, socializing GRC and creating GRC culture inenterprise?  •  How do you bring different mindsets of different individuals to collaborate and work

    on a uniform GRC p latform?• 

    How do you build ownership culture within the organization and amongst keystakeholders related to GRC?


    How do you increase sincerity of departmental heads in taking Risk, Audit andCompliances seriously?

    •  Communication plan for raising awareness level of management and Board OfDirectors about importance and benefits of GRC? What are the key buy in factors toachieve a positive outcome?

    Expert Panel Chair:Sanjay Mathur, Head- Management Assurance Group,TATA Communications Ltd.

    Expert Panel Members 

    Suparna Singh, Vice President, Governance and Risk Management,Essar Group

    Devamalya Dey, Group President – Audit & Compliance, Yes Bank Ltd

    Parag Deodhar, Chief Risk Officer and Vice President – ProgramManagement & Process Excellence, Bharti AXA General Insurance Co. Ltd.

    Angie Chew, Vice-President, NIIT Technologies

    Devendra Parulekar, Partner, Ernst & Young Pvt. Ltd. 

    16.30 Refreshment and networking break

    16.45 Practical Road Map for GRC Convergence (Continued..)

    Role of Technology as key differentiator factor for a successful or a failed GRCFramework

    •  Current technology environment and available platforms which can be integrated inyour existing infrastructure

    •  How is the GRC solutions and tools expanding – are they hype or provided a practicalsolution to ease your governance, risk management and compliance activities?

    •  Implementation costs, investment and RoI•  Key consideration before choosing your technology partner•  Case Examples: Analyzing failed and successful implementation

    Panel Chair: Sr. Representative, MetricStream 

    Expert Panel Members: 

    Baiju Gujarathi, Sr. Vice President, Repro India Pvt. Ltd

    Sunil Varkey, Head Information Security, Idea Cellular Ltd.

    Uma Charan Singh, Vice President IT & CIO, Greaves Cotton

    17.45 Summation and end of day one

    CONFERENCE DAY ONE: THURSDAY, 15th March 2012 

  • 8/21/2019 GRC Summit 2012



    © Copyright ITP Publishing India Pvt. Ltd. Any reproduction in part or full is prohibited without permission from ITP Publishing India Pvt. Ltd.

    8.30 Registration and morning refreshment

    09.15 Opening remarks by session chair

    Angie Chew, Vice-President,NIIT Technologies

    09.30 Key Panel Discussion: GRC Maturity ModelsQuantification, Accountability, Reporting, Disclosures

    Discussion Focus One: Maturity Models

    •  What are the metrics and measurement to check the success and progress of yourGRC plan?

    •  What to track during your GRC implementation and integration?

    •  Why? And how?

    •  Establishing and tracking GRC goals

    •  Monitoring external and internal context for changes which impact GRC capabilitydesign

    •  How do you make improvements to GRC capability

    •  Creating collaborative accountability across business function and roles

    •  GRC Maturity Models

    Discussion Focus Two: GRC Reporting Structures & Accountability  Effective GRC convergence means that GRC objectives are assessed and reported and forcontinued effectiveness all information and status of risk and controls should be madeavailable for continuous reporting. This discussion focuses on reporting, accountability

    and communication structures highlighting the progress of GRC objectives

    Discussion Focus Three: The Payoff For GRC

      How do you use GRC as an effective reputational tool building block for up scalingcompany valuation and stakeholders perceptions

    Discussion Focus Four: THE GRC ChampionIdentifying the GRC Champion who should lead the initiative in your organization

    Panel Chair:

    Ravi Raman, Head Investment Analytics and Operations InfraHedge Ltd- A State Street Subsidiary.

    Panel Members:

    Pradeep Parakh, Group President (GRC) & Company Secretary,Bajaj Hindusthan Limited

    Sr. Representative, MetricStream

    Anil Jhumkhawala, Advisor, 

    S J financial & Management Consultants Limited.Rajdeep Premkumar Pai,Senior Governance Risk Compliance Professional 

    1.00 Networking and refreshment break

    1.30 Expert Analysis:GRC Tools – Evaluating Enterprise GRC Platforms

    Rishi Kapoor, Practice Leader ‟ BFSI Cloud offerings, NIIT Technologies

    2.00  Solving the IT GRC Puzzle


    Look at the different IT practices,•  IT GRC components in an organization

    •  Design a unified IT GRC framework to bring the components & practices together

    •  Automation Roadmap for IT GRC

    •  Blending intelligence with IT GRC

    Vinod Vasudevan, Co-founder and COO, Paladion 

    2.30 The next weakest link: Vendor Risk Management

      Distinctive needs to manage risk associated with different partners, vendors andoutsourced service providers.

      What are the challenges and main problems with the current Vendor RiskManagement Process

      Aggregating information related to Vendors & applicable standards/terms


    Continuous monitoring of risk associated with Vendors


    Why you as a vendor should be concerned about managing the risk of vendors  Simple yet effective risk management & reporting of individual/multiple Vendors with


    Devang Ashar, Regional Director (APAC & ME region),MODULO 

    3.00 Networking lunch

    14.00 Aligning Risk and Compliance in the context of organizationalbusiness objectives and GRC Convergence

    Focus One: How to you link Compliance Strategy to a unified GRCstrategy• 

    Creating a road map in ethics and compliance: vision, mission, core values and strategy•  Percolating GRC into day to day management at regulatory and legal level – 

    benchmarking the same at various business unit levels• 

    Evaluating how you can stay on top on regulatory requirements and changes theretowith a unified GRC program

    •  Adapting your risk and compliance models for local conditions


    Anticipating change in business and regulatory environments

    •  Achieving connectedness between compliance, audit and risk programmes

    •  Developing a principles based risk & compliance approach

    •  Achieving connectedness between compliance, audit and risk programmes

    •  Compliance Risk Identification & Management - Mapping of controls and compliancerequirements to specific business processes

    •  How do you maintain strong relationships with local and regionally regulatory bodies

    •  Working with entities to achieve local compliance

    •  Extending corporate governance standards and principals across borders

    Focus Two: How to you link Enterprise risk management to a unifiedGRC strategyThe real upside for GRC, above and beyond the ‚keeping your CEO out of jail”  comesfrom creating new ways to take good risk management and governance to the bank for theorganizations as well as the stakeholdersThe most dramatically different upside that GRC offers comes f rom monetizing changes inthe risk profile of companies as they work in increasingly complex and risky business


      How would you build a business case justifying and convincing the Audit Committee on

    implementing GRC as a separate component different from ERM?

      If Organizations are in the process of implementing ERM, what considerations should bemade to ensure GRC is also mapped as part of ERM?

      Real Time Risk Alert Monitoring, Detection & Reporting


    Importance of good governance and ERM strategy– directors’ duties, legislation &expectations


    Organisation’s risk appetite – link to stakeholders’ expectations 

      Committing to a risk Management programme

      How do you create a c ommon risk management communication language?


    Linking your ERM to a unified GRC strategy

      Case study: Case analysis on successful ERM from industry sectors and key factors insuccessful implementation

    Panel Chair

    Rajdeep Premkumar Pai,Senior Governance Risk Compliance Professional

    Expert Panel Members: 

    Gagan Palta, Country Compliance Officer – India, ALSTOM

    Amal Kundu, Chief Risk Officer, TELCON

    Jyotin Mehta, VP & Chief Internal Auditor,Voltas Limited*

    Srikant Balan, Head – Corporate Planning, Business Assurance and RiskManagement, Infosys BPO Limited

    Debashis Roy, Senior Director, Head Enterprise Risk Management IDFC

    Mandar Vanarse, Practice Head and Partner,Wipro Consulting Services


    An open session with 6 Hosted Discussion tables which are intended to cover GRCconvergence issues specific to industries and are a perfect environment for shared learning.

    Each round table will have an expert host to moderate and streamline the flow ofdiscussions. Typical flow will be


    Governance, Risk & Compliance Challenges faced by round table participants

      Practical examples of GRC Framework in industry, maturity models, failure and successanalysis

      Scrutinizing tangible benefits of GRC Convergence

    Industry Round Tables

      Pharmaceuticals & Biotech


    Banking and Financial Services

      IT and ITES


    Engineering and Construction 

    Automotive and Auto Ancillary

      Discussion Topic based on feedback from participants

    16.15  Summation and end of day two

    CONFERENCE DAY TWO: FRIDAY 16th March 2012 

    ‘*’ – awaiting formal confirmation

  • 8/21/2019 GRC Summit 2012



    © Copyright ITP Publishing India Pvt. Ltd. Any reproduction in part or full is prohibited without permission from ITP Publishing India Pvt. Ltd.

    Amal Kundu is the Chief Risk Officer and Chief Ethics counselor ofTelco Constructions Equipment Company Limited, a TATA and Hitachioint venture company.Amal is a Cost and Management Accountantwith 27 years of experience in the field of Enterprise Risk Management,GRC, Finance, Accounts, Fraud investigation ,Business assurance andnternal control.Amal is experienced in handling detailed deals, creation of newcompanies, SAP, SOX, J Sox implementations. He has has alsomplemented the


    Enterprise Risk management and Business continuityplanning as part of strategic planning process of his company.

    Amal Kundu,Chief Risk Officer and Chief Ethics counselor,Telco Constructions E ui ment Com an Limited



    Parag is the Chief Risk Officer and Vice President for Programmanagement and Process Excellence at Bharti AXA General InsuranceCo. Ltd. Parag is a Chartered Accountant, Certified Information SystemsAuditor from ISACA, US and Certified Fraud Examiner from ACFE, US.He is also a board member on the Bangalore Chapter of ACFE.

    He has over 15 years of experience in Enterprise RiskManagement, Information Security and Forensics, Audit,Consulting and Program Management.  Parag is experienced inhandling large programs including setting up of new business initiatives,Enterprise IT systems and companywide initiatives like ISO 9001/ISO

    27001 certification, Business Continuity & Disaster Recovery and SixSigma implementation. He has written several articles in online and printmedia and is a regular speaker at industry forum and seminars.Parag has worked with multinationals like AXA Group, Deutsche Bank,KPMG and Mahindra British Telecom.” 

    Parag Deodhar,Chief Risk Officer and Vice President ‟ Program Management& Process Excellence,Bharti AXA General Insurance Co. Ltd

    Rajdeep Premkumar Pai is Senior Governance Risk ComplianceProfessional. He is Change Management Enabler with 20 years ofinancial expertise, governance and compliance experience acrosseveral manufacturing, FMCG, BFIS services, Dairy Board, NGOs etc. He

    has served in countries including India, UAE, Malaysia & Tanzania.

    He started his career spanning 2 decades with S.B.Billimoria &Co.,moved on to heavy industries M/s. Walchandnagar Industries (1999 -2001), went abroad to work in leading telecom operator (UAE, India &Africa). In between he also worked as Audit Controller in Aircel. He hasbeen instrumental in set up and establishment of internal departmentand institutionalizing governance model  in several companies.

    Admitted to the Bar in 1981, he is extensively experienced in maintream corporate commercial legal practice including strategic and

    general corporate advice, M&A, corporate contracting, corporateinance, private equity and venture capital. He is widely known for his

    cutting edge guidance on winning litigation strategies and has advisedon a number of highly talked about disputes between corporate houses.As the Managing Partner of the firm, he is the team leader on many ofhe firm’s leading assignments,He has been the principal speaker at

    many of the business and legal conferences around the world. He hasalso been principal trainer at several of corporate communicationnitiatives undertaken under the umbrella of IALLM. He is a columnist formany of India’s leading publications including Businessworld. He hasauthored the pioneering litigation strategy book for top business andegal executives “Winning Legal Wars”  (Macmillan, 2003). 

    Legal Heads,23%

    Internal Auditand Head of

    Management Assuran ce

    12% ComplianceProfessionals,


    RiskManagement, CR


    IT GRC Headsand Managers


    CIO and Head ofIT


    CISO3% 2%

    Participants Profile for 1st Edition of GRC



    Mr. Dey oversights the Audit, Compliance, Fraud Investigations andthe Company Secretarial functions for Yes Bank. In this role he isresponsible for ensuring that Yes Bank function’s according to thehighest Compliance standards and all functions are auditedthoroughly to ensure a robust risk containment and controlenvironment. Prior to joining Yes Bank he was with Citibank N.A.for 16 years. He spent the first 10 years in various Operations rolesculminating with a stint as Senior Country Operations Officer ofCitibank N.A., Bangladesh. He spent the next 6 years in Citibank’sInternal Audit function initially covering the CEEMEA region andlater covering Asia. In his role in Citibank’s Internal Audit he was

    responsible for leading major audits covering Citigroup’s GlobalProcessing Centers in Mumbai & Penang, Transaction ServiceBusinesses and certain major countries in the CEEMEA & Asiaregions. Within Citigroup, Dev was globally recognized as a subjectmatter expert in Trade Audits.

    Smt Suparna Singh is an Electrical Engineer and an MBA fromIIM,Calcutta..Her work experience encompasses more than 20years.She started her career working on the shopfloor of DurgapurSteel Plant in Steel Authority of India Ltd for several years aswell as in the supply chain section.In Essar Group, which is aconglomerate of 8 businesses, Ms Singh reports directly to thePromoters, the Ruias, and manages the CorporateGovernance of the Group, the Risk Management processes ofthe Group, the Business Development processes as well asthe synergies common across the Businesses and Functions.

    Apart from tracking the strategies and performance of each ofthe Businesses and Corporate Functions, Ms Suparna Singh isalso actively involved in building relationships for the Groupwith delegates and senior members from Businesses andGovernments across the World while discussing win-winways to work together.

    Ravi started off as a mechanical engineer and moved to thefinancial services industry spending time with the best banksand FI's in India. He has seen many startups with innovativeideas and many "firsts" in the Industry that became theindustry leaders in their own space,Ravi in pas has been co-ordinator of the Core Group set up byAllianz AG to set up life and nonlife ventures in India, Set up

    Risk Management function at Infosys BPO, Establishment theGlobal Risk Management and Compliance operations forButterfield Fulcrum across multiple jurisdictions.Ravi’s specialties include Risk Management, Compliance( SOX,GLB etc), ITES, Information Security, Insurance, InclusiveGrowth, Sustainability

    Ravi Raman,Head Investment Analytics and Operations,InfraHedge Ltd- A State Street Subsidiary.


    Rishi Kapoor is a Practice Leader for BFSI products at NIITTechnologies. He comes with strong BFSI , PMO Consulting andEnterprise Risk Management experience. Prior to joining NIIT he hasled strategic PMO for Banks (Head & AVP PMO ‟ CitiFinancial GSC),Insurance (Head & VP Corporate Initiatives - Max Bupa HealthInsurance) and Technology (Head Program Management / PMOConsulting - HCL and Satyam) companies. Rishi is currently


    based inDelhi, India.

    Rishi Kapoor, Practice Leader - BFSI Cloud Offerings,NIIT Technologies

    Manohar Ganshani heads Governance Risk & Compliance practicein Wipro Consulting Services. He is a Bachelor in Engineering inComputer Science. Manohar has 21 years of experience in the fieldof Information Technology with over 11 years in the area ofInformation security, IT security, Cyber security, Data privacy,Regulatory compliance, Security strategy, and policy andarchitecture design.As a practitioner, he has handled many complex engagements in

    risk and compliance space for the clients in US, EU, APAC apartfrom India.As a thought leader, he has written and spoken onvarious issues like mobile security, cyber security, criticalinfrastructure protection, privacy for telecom, insider threat, socialmedia security and social awareness etc in various forumsorganized by industry and state governments. 

    Mandar Vanarse, the author of ASSIMPLER framework for ITStrategy and Enterprise Architecture is the Practice Head andPartner with Wipro Consulting Services. He has been intovarious leadership positions in last 17 years in US, Middle East,APAC, ANZ and India. He has led cross cultural teams onshoreand offshore. His experience spans across Telecom, BFSI,Energy and Utilities, Infrastructure and Government. Mandarhas also led Practices, ODCs and startup organizations in thecapacity of Head, CTO and CEO to successful p rofit centers.His Skills include advisory in designing Service Strategy,Innovation Center, e Business Strategy, Business Value of IT, ITStrategy and EA, IT Optimization, SOA and Cloud offerings. Hehas been an invited speaker in various conferences and hasbeen strategy coach and mentor for many organizations andGovernments.


    Vinod Vasudevan is a co-founder and COO of Paladion. He has 15years of experience in technology and information riskmanagement domain. As the COO at Paladion, Vinod has servicedlarge enterprise organizations across the globe for setting up ofintegrated risk management systems and for stream lining systembased operations. He regularly presents in leading forums,conferences, recent one being RSA conference, Europe. He sits onthe expert panel of industry consortiums. He is the lead author ofthe book “Application Security in the ISO 27001 Environment”from IT Governance, UK. Vinod is also the co-author of "EnhancingComputer Security with Smart Technology" published byAuerbach. He is a CISSP and a PCI QSA.

    Mandar Vanarse, Practice Head and Partner,Wipro Consulting Services

    Devang Ashar is a seasoned IS professional with 14 years ofexperience working on many enterprise security solutions &with regulations such as COBIT, HIPAA, PCI DSS, SOX, ISO27001. He has extensively worked in various IS domains forconsulting projects with Banks & Telecoms across the world.And has achieved several industry accreditations such as CISA,CISSP, ISO 27001 LA, Six Sigma etc.Devang is working as the Regional Director at ModuloSecurity, LLC. and is responsible for driving their GRCsolutions across APAC region. He has also worked with Multi-nationals like Rolta group, Microland India Ltd, YodleeInfoTech & Amdocs India.

    Rajdeep Premkumar Pai,Senior Governance Risk Compliance Professional  

    Anand joined Cura March 2010 and handles general Corporateunctions from India including Delivery, Services & initiated India

    Business Development. He has over 18 years of experience in IT SWProducts (including GIS, Embedded), Services, Consulting andManufacturing. He has worked for Global MNCs & large conglomeratecompanies including Lanco Group, Rain Industries, Intelligroup &Navionics

    Anand Tatavarthi,Vice President,Cura Technolo ies Limited

    Devendra is a Partner with advisory services in Ernst & Young(India). He is leading the Governance, Risk and Complianceautomation practice for Ernst & Young in India and also headsthe IT Risk and Assurance (ITRA) practice for Technology,Communications and Entertainment in the western region. Hespecializes in end to end GRC services such as design,implementation and has 11+ years of experience in variousother projects related to Information Security, Risk

    Assessment, IT Strategy, IT Assurance, Application Reviews,due diligence, BCP & DR across various companies in India.

    Devendra.Parulekar,PartnerErnst & Young Pvt. Ltd.

    Suparna Singh,Vice President, Governance and Ri sk Management,Essar Group


    Devamalya Dey, Group President ‟ Audit & Compliance,YES Bank Limited

    Manohar Ganshani,Practice Partner, Governance, Risk and Compliance,  Wipro Consulting Services


    Ranjeev C. Dubey,Managing Partner,N South Advocates

    Devang Ashar,Regional Director (APAC & ME region)MODULO 

    Vinod Vasudevan,Co-founder and COO,Paladion 

    Arlene Laungayan heads up Operational Risk ImplementationServices, Advisory & Content business in the Asia Pacific region.Prior to IBM, she spent seven years at American Express where sheworked in various risk management areas, including Market, Creditand Operational Risk. Within Operational Risk, she has helpedmany clients in developing methodologies for loss data collection,risk and control self assessment, management reporting, scenarioanalysis and operational Risk capital modeling.

    Arlene holds a MBA from Columbia Business School in New Yorkand is also an instructor for the Risk Management Association onInternal Loss Data, External Loss Data and Scenario Analysis.

    Arlene Laungayan, Senior Director, Operational Risk,IBM 

  • 8/21/2019 GRC Summit 2012



    © Copyright ITP Publishing India Pvt. Ltd. Any reproduction in part or full is prohibited without permission from ITP Publishing India Pvt. Ltd.

    Technical Partner: ETrends 

    Provides bankable software services in the area of enterprise business applications. It isone of the nation's most reputed IT company to provide range of fully customizablesolutions for corporate governance to suite the requirements of your company.GRC solutions offered by ETrends have been well accepted by the of top business groupsof India like TATA, GODREJ, JSW.“LASER” ‟  Enterprise Application by ETRENDS is content-enabled workflow solution

    designed specifically for Risk Management, Legal Compliance Management, Internal AuditManagement and Insider Trading Management Systems. The most tangible benefits ofEtrends solutions are related to strategy execution, process and performanceimprovement.Visit to know more about GRC offerings by ETrends.


    Gold Partner: N South Advocates

    Established independently in the fast growing commercial hub Gurgaon, N South isamongst India’s cutting edge corporate law firms offering high quality legal servicesacross the country. N South is recognized for its guidance of cutting edge transactions inM&A, Corporate Finance, Private Equity, Projects, Infrastructure and restructuring ofbusiness.The firm was involved in structuring some of the much talked about transactions in Indianbusiness landscape. The firm also continues to remain at the forefront of complexcommercial and corporate control litigation. Winning Legal Wars (McMillan 2003) by itsManaging Partner Mr. Ranjeev C. Dubey, remains the seminal business book on legalstrategies and tactics.N South represents a wide range of global clients along withsubstantial list of domestic clients.

    Silver Partner: Paladion 

    Paladion is the largest pure-play information security player in AsiaPAC and the fastestgrowing in Asia (as ranked in Deloitte Technology Fast 500 Asia Pacific & Technology Fast50 India - 2006, 2007, 2008 & 2009, 2010).With a global footprint across 15 countries and decade of experience in the informationsecurity domain, Paladion today is actively managing security for over 450 customers. Itprovides security assurance, compliance, governance, monitoring and managementservices to large and medium sized organizations.Paladion also offers solutions for communication interception to law enforcement agenciesand service providers. Paladion’s security solutions have been awarded by Asian Banker,  Red Herrings, and Financial Insights. Paladion is involved in several security research forumsand has authored books on security management .

    Gold Partner: MetricStream

    MetricStream is the market leader for integrated Governance, Risk, and Compliance (GRC)Management Solutions for global enterprises enabling them to deliver better businessperformance. It's customer portfolio spans across all verticals with world-leadingcompanies in each industry.

    The MetricStream GRC Platform provides solutions for audit management, regulatorycompliance, risk management, policy management, IT GRC, supplier/vendor governanceand quality management.

    Gold Partner: CURA

    In today's fast paced global economy, with emerging threats, coupled with ever moreregulations, organizations find themselves in a position that necessitates the activemanagement of Governance, Risk, Opportunity, and Compliance. As there is substantialoverlap across these functions, a co-ordinated approach is required. Ultimately, thesechallenges can be reduced to risks and opportunities that the business faces. It is on thisidea that Cura was founded in 2002.

    Cura provides smarter software solutions designed to enable businesses around the worldto quickly achieve the bottom line benefits of GRC ‟ Governance, Enterprise wide RiskManagement and Compliance linked to performance management. Cura does this

    through faster implementation, easier configurability & true enterprise architecture.Cura is used by over 200 amongst Global 1000 enterprises around the world, partneringwith Big Four consulting firms in focused areas of GRC and is recognised as a Challengerby Gartner and as a Leader by Forrester Research in GRC domain

    Silver Partner: Modulo

    Modulo is the leading global provider of Governance, Risk and Compliance (GRC)management solutions. Founded in 1985, Modulo has provided solutions to over athousand organizations worldwide for IT GRC, ERM, BCM, Vendor, Compliance and RiskManagement..Modulo Risk Manager is an out-of-the-box solution that allow organizations to automatethe process of identifying, analyzing, evaluating and treating risks across the enterprise,while reducing complexity and costs .The software and methodology greatly simplify themanagement of risk and compliance with market standards and regulations, as well as ITgovernance mandates. Risks analysis is performed using a quantitative, consistent andstructured methodology that is based on international risk management rules andstandards.Modulo received the “2011 Best Buy” and 5 -Star choice by SC Magazine and isrecognized as a winner of the 2011 & 2010 Info Security Products

    Bronze Partner: RBEI

    Robert Bosch Engineering and Business Solutions Limited (RBEI), is a 100% ownedsubsidiary of Robert Bosch GmbH, one of the world’s leading global supplier of technologyand services, offering end-to-end engineering, IT and Business solutions. With over 10000associates, RBEI is the largest software development center of Bosch outside Germany,indicating we are the Technology Powerhouse of Bosch in India. We have a globalfootprint with presence in US, Europe and the Asia Pacific region. RBEI is ISO 9001:2008certified (2009), appraised at CMMI-L5 as per ver 1.3 (2011) and also ISO 27001(2009)certified, with state-of-the-art facilities in Bangalore, Coimbatore and Ho Chi Minh City.RBEI provides solutions for businesses in primarily three areas: Engineering Services, ITServices and Business Services with the focal industries being Automotive, IndustrialTechnology, Consumer Goods and Building Technology.

    Gold Partner: Wipro

    Wipro Ltd. (NYSE: WIT) is a $7 billion global enterprise which offers services in IT servicesand consulting. Our services span financial services, retail, transportation, manufacturing,healthcare services, energy and utilities, technology, telecom and media.

    Wipro Consulting Services (WCS)  is a division of the Wipro Ltd. WCS has 1350+consultants based in Europe, N. America, India, Asia Pacific and the Middle East. Theintegrated consulting services combine the benefits of expert proximity, with globalleverage to provide technology edge and speed to strategic programs. WCS offersBusiness Advisory, IT Consulting and Risk & Compliance services designed to improvebusiness performance, drive operational efficiency and enhance the reputational capitaland competitive advantage of the organization. WCS focuses on enhancing businessperformance of its clients by streamlining processes, reducing organizational risk andleveraging the global sourcing / outsourcing organizational model.

    The Governance, Risk and Compliance practice of the Wipro Consulting Services divisionhelps organizations transform their risk and security processes to achieve their businessgoals.

    The Enterprise Architecture practice offers services such as governance architecture,service oriented architecture, information architecture and infrastructure architecture,Business-IT alignment, Value Management office, IT strategy, IT portfolio rationalizationand Green IT.

    Partnering Organization For GRC SUMMIT

    Bronze Partner: Newgen Software Technologies Ltd.

    Newgen Software Technologies Limited is a leading global provider of Business ProcessManagement (BPM), Enterprise Content management (ECM) and CustomerCommunication Management, with a global footprint of 850 installations in over45countries with large, mission-critical solutions deployed at the world's leading Banks,Insurance firms, BPO’s, Healthcare Organizations, Government, Telecom Companies &Shared Service Centers.

    Silver Partner: Legasis 

    Legasis adds value by applying IT solutions to repetitive legal tasks. We have intricateunderstanding of over 39 Legal Processes where IT solutions can reduce Price Value gapwithout compromising the quality of legal deliverables.Legatrix-compliance management solution has been helping many Fortune 100 c lients’General Counsels and Compliance Heads in managing their tasks seamlessly, andtransparently. It has helped the CEOs , the Directors on the Board ( especially theIndependent Directors), the Board Committees to evaluate on real-time basis, the risksassociated with statutory and regulatory compliances.Legasis' core strength is in its ability to deliver value to by leveraging our industry expertiseand legal framework.Legasis is proudly serving a number of Fortune 100 companies in India & Globally. Ourcompetence is spoken by the clients we serve. Legasis believes in a partnering approachwith its clients for a perpetual journey in an ever changing dynamic business & legallandscape.