1. For more than 24 months, FixNix has researched compliance for the Indias leading e-commerce brands, security thought leadership forums, and production of SMB GRC product.Now they bring youGOVERNANCE, RISK & COMPLIANCE

2. To Get 200% Benefit of This PresentationFIRSTMute Your Cellphone SECONDUnlearn Whatever You Know in GRC World & Lend your Ears for next 60 minutes 3. 5 RULES 4. 5 RULES 5. 1TREAT YOURBUSINESS ASKING 6. WHY THE WHAT THEY NEED TO SHOULD ADOPTCAN DO FOR TO TAKE 7. 2SPREAD ANDMOVE 8. BLAH BLAH BLAHBLAHB BLAHBLAH 9. WHICHGRC PRODUCT HAS ITALL? 10. 3HELP THEMWHAT YOU ARE 11. THE CANSPROCESS RECYCLED = 1000 CANSJANUARYFEBRUARYMARCH 12. 4PRACTICE NOT DECORATION 13. 5CULTIVATE 14. Community Development In order to bring lasting change, we must first prioritize the things that will bring about the maximum impact Then we must organize schedules and resources that will support the priorities Finally, we need to mobilize people to be able to take action and bring about that change 15. Community Development In order to bring lasting change, we must first prioritize the things that will bring about the maximum impactprioritize organize mobilize Then we must organize schedules and resources that will support the priorities Finally, we need to mobilize people to be able to take action and bring about that change 16. prioritize organize mobilize 17. prioritize organize mobilize 18. prioritize organize mobilize 19. 5 RULES 20. prioritize organize mobilize 21. GARTNER ABOUT GRC MARKET 22. LEADERS ARE INNOVATING WITHADVANCED CAPABILITIES, HAVE LARGE CUSTOMER BASES, HAVE SOLID CAPABILITIES IN THE CORE PLATFORM FUNCTIONS AUDITMANAGEMENT, COMPLIANCE MANAGEMENT, RISK MANAGEMENT AND POLICY MANAGEMENT AND HAVE EXECUTED ACROSS SEVERAL INDUSTRIES, WITH SUPPORT FOR MULTIPLE PROFESSIONAL ROLES. 23. SEVERAL VISIONARIES ARE DRIVINGINNOVATION IN THE MARKET THROUGH INTEGRATION WITH BUSINESS PROCESS MODELING, CCM, RISK ANALYTICS, TARGETED VERTICAL INDUSTRY SOLUTIONS, AND OTHER ADVANCED CAPABILITIES BEYOND THE CORE FUNCTIONS. 24. THE EGRCPLATFORM MARKET IS DERIVED FROM THE NEED FOR MANY ENTITIES TO IMPROVE THE OVERSIGHT OF CORPORATE GOVERNANCE INCLUDING FINANCIAL REPORTING COMPLIANCE, ERM AND RELATED AUDITS. 25. AN EGRCPLATFORM MUST SOLVE THE IMMEDIATE GRCM NEEDS ASSOCIATED WITH CORPORATE GOVERNANCE, AND ALSO ENABLE AN ENTERPRISE TO PURSUECONSOLIDATION AND INTEGRATION OF A DIVERSE SET OF OPERATIONAL, IT, LEGAL AND FINANCE GRC ACTIVITIES. 26. IN A 2013 GARTNER SURVEY OF 174 EGRC PLATFORM USERS, THE SIX LEADING USES WERE ENTERPRISE OROPERATIONAL RISK MANAGEMENT (61%),AUDIT MANAGEMENT (53%), IT RISK MANAGEMENT (34%), CASE OR INCIDENT MANAGEMENT (32%),POLICY MANAGEMENT (30%), AND INTEGRATED PERFORMANCE AND RISK MANAGEMENT (29%). 27. MOST EGRC PLATFORM VENDORS ARE ADDING PREPACKAGE CAPABILITIES, OR APPLICATIONS, THAT MEET INDUSTRY-SPECIFIC OPERATIONAL GRC NEEDS, SUCH AS BASELII/III, SOLVENCY II, EH&S COMPLIANCE AND SUSTAINABILITY, HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT (HIPAA) AND OTHER HEALTHCARECOMPLIANCE, FOREIGN CORRUPT PRIVACY ACT(FCPA) AND OTHER ANTI-BRIBERY RULES, THIRD-PARTY RISK MANAGEMENT,REGULATORY CHANGE MANAGEMENT, GRAMM-LEACH-BLILEY ACT (GLBA), PCI, CONFLICT MINERALS AND OTHER DODD-FRANK ACT REQUIREMENTS,BCM, AND NERC/FERC COMPLIANCE 28. SOME VENDORS ALSO PROVIDE ITASSETREPOSITORY, IT POLICY MANAGEMENT AND THE AUTOMATED COLLECTION OF IT CONTROLS DATA. ORGANIZATIONS WITH A PRIMARY INTEREST IN ITCENTRIC GRCM REQUIREMENTS SHOULD BE AWARE THAT MOST EGRC PLATFORMS BALANCEFINANCIAL, OPERATIONAL AND IT REQUIREMENTS AT THE EXPENSE OF IT-CENTRIC DEPTH. 29. demands on internal audit organizationsIncreased as they cope with increasing regulatory requirements, ERM oversight and demands for more business performance auditsAnERM to support by business leadersincreasing regulatory focus on anti-corruption and bribery in the aftermath of the 2008 global financial crisistransparency objectives of regulators and decision making Risk analytics to support integration of risk management and performance management Regulatory content services and change management to deal with regulatory proliferation 30. SOX knock-on effect The , as organizations find that auditors and regulators worldwide are raising the bar on internal controls, even when the law is not as stringent as U.S. SOX (for example, Law 262 in Italy) Consolidation, with a shift from dominance of the market by smaller best-of-breed players to one dominated by larger, wellestablished vendors Third-party risk management to ensure that third parties do not present unacceptable compliance and risk challenges Social risk management issues emerging from social marketing strategies and the need to ensure compliance with privacy and advertising regulations Operational technology and critical infrastructure protection, which increases the variety and volume of risk and controls data 31. Specifically, as GRC adapts to social,third-party monitoring and operational technologyrequirements, the volume of use cases will expand beyond what is reasonable to be included directly on the platform. With the proliferation of use cases, the platform will need to integrate with many moreexternal datasources and applications, thus reversing what has been the evolution during the past six years to support most GRC use cases directly on the platform. Thus, the platform will fade in market positioning importance, but will remain foundational as anenabler for new GRC-related markets. 32. www.fixnix.co shan@fixRnix.in 9025 198 198