Organisations manage their governance, risk

management, legal and regulatory compliance in an

unconnected manner, separated through functional
lines, multi locations and sub units

Join this interactive, wide ranging and new thought generating forum to discuss way forward solutions, sharing of ideas on new
initiatives and Maturity Models of GRC.

A must attend Meeting and Networking Forum for Heads of Legal, Compliance, Governance, Audit, Risk Management, Finance, CIO and CTO
To Discuss best practices in Governance, Risk Management & Compliance &
Process for integrating and harmonizing people and process for a workable, practical
Integrated and Unified GRC Framework



15
th
16
th
March 2012
Peninsula Grand, Mumbai



Media Partners
Conceptualized &
Organized by

Technical Partner


Platinum Partner


Silver Partners



Bronze Partners


Gold Partners


Knowledge Partner








Copyright ITP Publishing India Pvt. Ltd. Any reproduction in part or full is prohibited without permission from ITP Publishing India Pvt. Ltd.






































































Good Governance, Effective and Real-time Risk Management and adhering to Regulatory Compliances have
direct impact on your organizations





There is an urgent and immediate need to cut complexities brought by necessity to manage governance, risk management and regulatory compliances which are now overseen by a number of departments including
internal audit, information technology, compliance and regulatory management, enterprise risk management (ERM), operational risk and incident management amongst others.

Ground Reality is that multiple groups bear responsibility for several functions and processes; they operate in silos, with i nsufficient sharing of information and following multiplicity of frameworks and systems.A
number of thought leaders are now talking about the business sense to optimize resources and these intersecting activities as a Singular Function to bring about efficiencies, reduce or eliminate repetitions of same task
by multi departments, need to come beyond the paper trail to practices in real time by formulating a common GRC Framework.

Thoughts on GRC have been discussed for some time as was during the 1
st
Edition of the GRC summit, yet real-time and inclusive integration is still work in process and what emerged is that the real work is to bring
all the stakeholders working together in an integrated GRC framework.

Audits, Finance, Compliance, Risk and Legal have their own functioning styles and process. Business line managers and IT bring in their own perspectives, which complicate adoption.

Understanding and reconciling these disparities and conflicts is critical to success when driving an enterprise-wide GRC program.

This inclusive two day conference bring together all stakeholders on a common discussion platform to see, hear and determine best practices in inter-linking people,
processes and technology for the most appropriate GRC framework and a practical adoption roadmap that will work in todays work and business environment !

The key SUCCESS for a GRC PROGRAM is a coordinated effort by AUDIT, LEGAL, RISK and COMPLIANCE functions and
among key administrative, operational personnel and business lines in both the implementation of the systems and the
interpretation of the data generated


Who Should Attend:-
CXO
Chief Risk Officers
Chief Legal Counsel
Chief Compliance Officer
Chief Internal Audit
Chief Information Officer
Chief Information Security
Vice Presidents, General Managers, Head,
Functional Managers & Consultants of:-
Finance
Corporate Governance
Treasury
Controllers
Compliance
Accounts
Enterprise Risk Management
Legal and Regulatory
Ethics
Operational Risk
Audit & Internal Controls
Information Technology
Information Security
Management Assurance











Sanjay has more than 20 years of rich experience in the fields of Risk Management, Accounting, Controllership,
Business integration and ERP implementation. Over last ten years he has been focusing on the Risk
Management & Corporate Governance for manufacturing as well as service industries. Sanjay has extensive
experience and specializes in developing & implementing integrated Risk Management framework, which
includes synergizing Enterprise Risk Management, Risk Based Internal Audit, Sarbanes Oxley Compliance,
Revenue Assurance and Fraud Management.

In his current position as the Head of Management Assurance Group at Tata Communications Limited, his focus
is to converge various governance functions into an integrated Governance Risk & Compliance (GRC) function.

Sanjay has extensive & varied experiences of working with Fortune 500 & large India companies like Monsanto,
Shell Petroleum, Ranbaxy & Reliance Communications

Venue: Hotel Peninsula Grand,
Andheri - East, Mumbai

Sanjay K Mathur,
Vice President & Head Management Assurance Group
Tata Communications Limited




Platinum Partners: NIIT Technologies


NIIT Technologies is a leading IT solutions organization, servicing customers in North America, Europe, Middle East, Asia and
Australia. It offers services in Application Development and Maintenance, Managed Services, IP Asset or Platform Solutions, and
Business Process Outsourcing to organizations in the Financial Services, Travel & Transportation, Manufacturing/Distribution,
Healthcare and Government sectors. The Company adheres to major global benchmarks and standards, having secured the ISO
9001:2000 certifications and the ISO: 27001 Information Security Management accreditation. NIIT Technologies also follows global
standards of development. It has been assessed at Level 5 of SEI CMMi version 1.2. NIIT Technologies Business Process Outsour cing
conforms to the highest quality standards such as COPC and Six Sigma. Its data centre operations are assessed at the international ISO
20000 IT management standards. The Company is embracing the potential of Cloud Computing as an early entrant into this space.
Over the years, the Company has forged extremely rewarding relationships with global majors, a testimony to mutual commitment
and its ability to retain marquee clients, drawing repeat business from them. The Companys vision is to be the First Choice of
services for the focused segments serviced. The Company has been conferred with the LEED Platinum Green Building rating for the
Software Development Block (SDB) on its 25 acre campus, designed to integrate people, spaces, and complex workflow. The building
was conceived and built with a holistic approach to sustainability in five key areas: sustainable site development, water saving, energy
efficiency, materials selection and indoor environmental quality. NIIT Technologies has 21 sales offices located in 14 countries with 7
Near Shore Centres and 6 Data Centres across globe.

NIIT Technologies Risk Management Solution, Assure Easy enables its customers to evolve daily management of these risks into
real competitive advantage. NIIT Technologies provides best-of-breed Risk Management Solution for Operational Risk, Technology Risk
and Compliance Management. Supported by the companys On-Demand GRC Platform, it offers highly configurable and flexible
deployment options that offer advantages such as reduced time-to-market and lower cost of ownership.

For further information, please visit www.niit-tech.com and www.cloud.niit-tech.com









Angie Chew is the Vice-President of NIIT Technologies and is
responsible for the GRC product, Assure Easy.
Prior to joining NIIT Technologies she was the CIO of the Ministry of
Communications & the Arts and the National Heritage Board, Vice-
President at Singapore Airlines, Principal at the Ministry of Health
Holdings Regional Director at Visa International and Senior Manager
at Accenture. Angie is currently based in Singapore








Angie Chew,
Vice-President,
NIIT Technologies



Knowledge Partners: IBM



IBM OpenPages Governance, Risk and Compliance.

Driving business performance with Insight. Managing risk, improving compliance.

Governance, risk, and compliance solutions enable customers to identify, manage, monitor and report on risk and compliance
initiatives across the enterprise, helping businesses to reduce loss, improve decision-making about resource allocation, and optimize
business performance.

The IBM OpenPages GRC Platform software allows organizations to:

Identify, manage, monitor, and analyze risk across the enterprise in a single, integrated solution by eliminating the silos of
Compliance, Audit, IT Risk, Operational Risk Management etc.
Integrate risk management and compliance processes to meet the persistent challenge of regulatory oversight
Leverage GRC information to make better business decisions
Empower decision makers with fully scalable and interactive reporting and trending tool

Conference Chair Day One

Conference Chair Day Two








Copyright ITP Publishing India Pvt. Ltd. Any reproduction in part or full is prohibited without permission from ITP Publishing India Pvt. Ltd.




08.00


Registration and morning refreshment



09.15

Mainstreaming of GRC into Business Process
Keynote address by session chair

Sanjay K Mathur, VP & Head Management Assurance Group,
Tata Communications Limited



09.30

Key Note Panel: Where & Why is GRC integration needed most?
Cost saving or Effective functioning?


Board of Directors Perspective
Examining current governance vulnerabilities & GRC integration interplay in plugging
governance gaps
Evaluating GAPS in governance, risk management & compliance and ground realties
which are real needs for effective board functioning
Role of integrated GRC strategy in increasing business transparency and business
assurance

Perspective from Management (CEO and MD)
Gaps in risk management, compliance which hinder organisational top line and bottom-
line
How can GRC help in effective functioning and managing of companies?
What are the key expectations from CXO
GRC as a Business Enabler

Suparna Singh, VP, Governance and Risk Management,Essar Group

Ravi Raman, Head Investment Analytics and Operations
InfraHedge Ltd- A State Street Subsidiary.


Hemant Kumar, President Legal, Reliance Communications

Suhas Tuljapurkar, Managing Partner, Legasis Partners
Founder Director, Legasis Services Pvt. Ltd



11.00

Refreshment and networking break



11.30

Moving from Compliance to Assurance: Can We Leverage GRC?



With the present challenge of a consistently changing compliance landscape it is
imperative to build a robust and effective compliance management system.

This presentation will cover how GRC can help build the management assurance so that it
not just helps meeting the compliance but also helps in reporting of compliance effectively.

Manohar Ganshani, Practice Partner, Governance, Risk and Compliance,
Wipro Consulting Services



12.00


Enterprise GRC platform better answer to Siloed approach of
managing GRC




Arlene Laungayan, Senior Director, Operational Risk,
IBM



12.30

GRC, BI & Enterprise Mobility - A case for Convergence, Executive
Reporting and ROI





Anand Tatavarthi, Vice President,
Cura Technologies Limited



13.00

The Complexity of the Compliance Challenge in India.


The presenter shall seek to understand why statutory compliance is such a challenge in India.
He proposes that the problem is a complex of:
1. Indian historic experience,
2. The Indian cultural context, and
3. The structure of our laws and the democracy tax we pay.
In conclusion, comment is made on the dynamics of our changing legal and statutory
landscape

Ranjeev C. Dubey, Managing Partner,
N South Advocates


13.30

Networking lunch





































































14.30

Expert Panel Discussion:
Practical Road Map for GRC Convergence


Methodology to link process and technology for effectively
bridging together internal audit, risk management, information security,
operations and compliance functions
GRC Champion: Who should leads the initiative?
What are key steps in integrating GRC into the company culture and work ethos?
How do you position GRC structures right in organizational hierarchy?
Challenges and practical path for creating a sustainable structure
Identifying and bridging the GAP between department and a unified GRC
Framework?
Communication strategy in getting the right message across to all stakeholders
How do you create harmony between business roles?
Accommodating stakeholder requirements
What is the ideal GRC framework and state of future play for fast growth
companies?
Cost of integrating of GRC with companys present system? How do you work on
lowering cost implications on size and nature of organization

Identifying current challenges and business benefits for a unified GRC
framework?
Is the corporate world looking at GRC as a strategic tool or Monitoring / Control
concept or value creation? Why?
What are the current challenges in organization in aligning governance, risk
management and compliance framework?
What is the ideal GRC framework, state of future play and business benefit for fast
growing company or for a globally expanding corporate and why?
Siloed functions and impact on your GRC strategy?

Change Management: How do you manage transition from silo assurance and
compliance functions to an integrated GRC - addressing concerns of
stakeholders at various levels, socializing GRC and creating GRC culture in
enterprise?
How do you bring different mindsets of different individuals to collaborate and work
on a uniform GRC platform?
How do you build ownership culture within the organization and amongst key
stakeholders related to GRC?
How do you increase sincerity of departmental heads in taking Risk, Audit and
Compliances seriously?
Communication plan for raising awareness level of management and Board Of
Directors about importance and benefits of GRC? What are the key buy in factors to
achieve a positive outcome?


Expert Panel Chair:
Sanjay Mathur, Head- Management Assurance Group,
TATA Communications Ltd.

Expert Panel Members

Suparna Singh, Vice President, Governance and Risk Management,
Essar Group

Devamalya Dey, Group President Audit & Compliance, Yes Bank Ltd

Parag Deodhar, Chief Risk Officer and Vice President Program
Management & Process Excellence, Bharti AXA General Insurance Co. Ltd.

Angie Chew, Vice-President, NIIT Technologies

Devendra Parulekar, Partner, Ernst & Young Pvt. Ltd.



16.30

Refreshment and networking break



16.45

Practical Road Map for GRC Convergence (Continued..)


Role of Technology as key differentiator factor for a successful or a failed GRC
Framework
Current technology environment and available platforms which can be integrated in
your existing infrastructure
How is the GRC solutions and tools expanding are they hype or provided a practical
solution to ease your governance, risk management and compliance activities?
Implementation costs, investment and RoI
Key consideration before choosing your technology partner
Case Examples: Analyzing failed and successful implementation

Panel Chair: Sr. Representative, MetricStream

Expert Panel Members:

Baiju Gujarathi, Sr. Vice President, Repro India Pvt. Ltd

Sunil Varkey, Head Information Security, Idea Cellular Ltd.

Uma Charan Singh, Vice President IT & CIO, Greaves Cotton




17.45

Summation and end of day one




CONFERENCE DAY ONE: THURSDAY, 15
th
March 2012







Copyright ITP Publishing India Pvt. Ltd. Any reproduction in part or full is prohibited without permission from ITP Publishing India Pvt. Ltd.


































































08.30


Registration and morning refreshment




09.15


Opening remarks by session chair

Angie Chew, Vice-President,
NIIT Technologies



09.30

Key Panel Discussion: GRC Maturity Models
Quantification, Accountability, Reporting, Disclosures



Discussion Focus One: Maturity Models
What are the metrics and measurement to check the success and progress of your
GRC plan?
What to track during your GRC implementation and integration?
Why? And how?
Establishing and tracking GRC goals
Monitoring external and internal context for changes which impact GRC capability
design
How do you make improvements to GRC capability
Creating collaborative accountability across business function and roles
GRC Maturity Models

Discussion Focus Two: GRC Reporting Structures & Accountability
Effective GRC convergence means that GRC objectives are assessed and reported and for
continued effectiveness all information and status of risk and controls should be made
available for continuous reporting. This discussion focuses on reporting, accountability
and communication structures highlighting the progress of GRC objectives

Discussion Focus Three: The Payoff For GRC
How do you use GRC as an effective reputational tool building block for up scaling
company valuation and stakeholders perceptions

Discussion Focus Four: THE GRC Champion
Identifying the GRC Champion who should lead the initiative in your organization

Panel Chair:
Ravi Raman, Head Investment Analytics and Operations
InfraHedge Ltd- A State Street Subsidiary.

Panel Members:

Pradeep Parakh, Group President (GRC) & Company Secretary,
Bajaj Hindusthan Limited

Sr. Representative, MetricStream

Anil Jhumkhawala, Advisor,
S J financial & Management Consultants Limited.

Rajdeep Premkumar Pai,
Senior Governance Risk Compliance Professional



11.00

Networking and refreshment break



11.30

Expert Analysis:
GRC Tools Evaluating Enterprise GRC Platforms



Rishi Kapoor, Practice Leader BFSI Cloud offerings, NIIT Technologies



12.00

Solving the IT GRC Puzzle


Look at the different IT practices,
IT GRC components in an organization
Design a unified IT GRC framework to bring the components & practices together
Automation Roadmap for IT GRC
Blending intelligence with IT GRC

Vinod Vasudevan, Co-founder and COO, Paladion



12.30

The next weakest link: Vendor Risk Management


Distinctive needs to manage risk associated with different partners, vendors and
outsourced service providers.
What are the challenges and main problems with the current Vendor Risk
Management Process
Aggregating information related to Vendors & applicable standards/terms
Continuous monitoring of risk associated with Vendors
Why you as a vendor should be concerned about managing the risk of vendors
Simple yet effective risk management & reporting of individual/multiple Vendors with
GRC

Devang Ashar, Regional Director (APAC & ME region),MODULO




13.00

Networking lunch




14.00

Aligning Risk and Compliance in the context of organizational
business objectives and GRC Convergence


Focus One: How to you link Compliance Strategy to a unified GRC
strategy
Creating a road map in ethics and compliance: vision, mission, core values and strategy
Percolating GRC into day to day management at regulatory and legal level
benchmarking the same at various business unit levels
Evaluating how you can stay on top on regulatory requirements and changes thereto
with a unified GRC program
Adapting your risk and compliance models for local conditions
Anticipating change in business and regulatory environments
Achieving connectedness between compliance, audit and risk programmes
Developing a principles based risk & compliance approach
Achieving connectedness between compliance, audit and risk programmes
Compliance Risk Identification & Management - Mapping of controls and compliance
requirements to specific business processes
How do you maintain strong relationships with local and regionally regulatory bodies
Working with entities to achieve local compliance
Extending corporate governance standards and principals across borders

Focus Two: How to you link Enterprise risk management to a unified
GRC strategy
The real upside for GRC, above and beyond the keeping your CEO out of jail comes
from creating new ways to take good risk management and governance to the bank for the
organizations as well as the stakeholders
The most dramatically different upside that GRC offers comes from monetizing changes in
the risk profile of companies as they work in increasingly complex and risky business
environments
How would you build a business case justifying and convincing the Audit Committee on
implementing GRC as a separate component different from ERM?
If Organizations are in the process of implementing ERM, what considerations should be
made to ensure GRC is also mapped as part of ERM?
Real Time Risk Alert Monitoring, Detection & Reporting
Importance of good governance and ERM strategy directors duties, legislation &
expectations
Organisations risk appetite link to stakeholders expectations
Committing to a risk Management programme
How do you create a common risk management communication language?
Linking your ERM to a unified GRC strategy
Case study: Case analysis on successful ERM from industry sectors and key factors in
successful implementation


Panel Chair

Rajdeep Premkumar Pai,
Senior Governance Risk Compliance Professional

Expert Panel Members:

Gagan Palta, Country Compliance Officer India, ALSTOM

Amal Kundu, Chief Risk Officer, TELCON

Jyotin Mehta, VP & Chief Internal Auditor,Voltas Limited*

Srikant Balan, Head Corporate Planning, Business Assurance and Risk
Management, Infosys BPO Limited

Debashis Roy, Senior Director, Head Enterprise Risk Management
IDFC

Mandar Vanarse, Practice Head and Partner,
Wipro Consulting Services





15.45

INDUSTRY SPECIFIC OPEN ROUND TABLE DISCUSSION


An open session with 6 Hosted Discussion tables which are intended to cover GRC
convergence issues specific to industries and are a perfect environment for shared learning.

Each round table will have an expert host to moderate and streamline the flow of
discussions. Typical flow will be

Governance, Risk & Compliance Challenges faced by round table participants
Practical examples of GRC Framework in industry, maturity models, failure and success
analysis
Scrutinizing tangible benefits of GRC Convergence


Industry Round Tables

Pharmaceuticals & Biotech
Banking and Financial Services
IT and ITES
Engineering and Construction
Automotive and Auto Ancillary
Discussion Topic based on feedback from participants




16.15

Summation and end of day two



CONFERENCE DAY TWO: FRIDAY 16
th
March 2012
* awaiting formal confirmation







Copyright ITP Publishing India Pvt. Ltd. Any reproduction in part or full is prohibited without permission from ITP Publishing India Pvt. Ltd.






































































Amal Kundu is the Chief Risk Officer and Chief Ethics counselor of
Telco Constructions Equipment Company Limited, a TATA and Hitachi
joint venture company.Amal is a Cost and Management Accountant
with 27 years of experience in the field of Enterprise Risk Management,
GRC, Finance, Accounts, Fraud investigation ,Business assurance and
internal control.
Amal is experienced in handling detailed deals, creation of new
companies, SAP, SOX, J Sox implementations. He has has also
implemented the Enterprise Risk management and Business continuity
planning as part of strategic planning process of his company.

Amal Kundu,
Chief Risk Officer and Chief Ethics counselor,
Telco Constructions Equipment Company Limited
PROFILE OF EXPERT SPEAKERS For GRC SUMMIT (GOVERNANCE, RISK, COMPLAINCE)




Parag is the Chief Risk Officer and Vice President for Program
management and Process Excellence at Bharti AXA General Insurance
Co. Ltd. Parag is a Chartered Accountant, Certified Information Systems
Auditor from ISACA, US and Certified Fraud Examiner from ACFE, US.
He is also a board member on the Bangalore Chapter of ACFE.

He has over 15 years of experience in Enterprise Risk
Management, Information Security and Forensics, Audit,
Consulting and Program Management. Parag is experienced in
handling large programs including setting up of new business initiatives,
Enterprise IT systems and companywide initiatives like ISO 9001/ISO
27001 certification, Business Continuity & Disaster Recovery and Six
Sigma implementation. He has written several articles in online and print
media and is a regular speaker at industry forum and seminars.
Parag has worked with multinationals like AXA Group, Deutsche Bank,
KPMG and Mahindra British Telecom.


Parag Deodhar,
Chief Risk Officer and Vice President Program Management
& Process Excellence,
Bharti AXA General Insurance Co. Ltd






Rajdeep Premkumar Pai is Senior Governance Risk Compliance
Professional. He is Change Management Enabler with 20 years of
financial expertise, governance and compliance experience across
several manufacturing, FMCG, BFIS services, Dairy Board, NGOs etc. He
has served in countries including India, UAE, Malaysia & Tanzania.

He started his career spanning 2 decades with S.B.Billimoria &Co.,
moved on to heavy industries M/s. Walchandnagar Industries (1999 -
2001), went abroad to work in leading telecom operator (UAE, India &
Africa). In between he also worked as Audit Controller in Aircel. He has
been instrumental in set up and establishment of internal department
and institutionalizing governance model in several companies.






Admitted to the Bar in 1981, he is extensively experienced in main
stream corporate commercial legal practice including strategic and
general corporate advice, M&A, corporate contracting, corporate
finance, private equity and venture capital. He is widely known for his
cutting edge guidance on winning litigation strategies and has advised
on a number of highly talked about disputes between corporate houses.
As the Managing Partner of the firm, he is the team leader on many of
the firms leading assignments,He has been the principal speaker at
many of the business and legal conferences around the world. He has
also been principal trainer at several of corporate communication
initiatives undertaken under the umbrella of IALLM. He is a columnist for
many of Indias leading publications including Businessworld. He has
authored the pioneering litigation strategy book for top business and
legal executives Winning Legal Wars (Macmillan, 2003).

Legal Heads,
23%
Internal Audit
and Head of
Management
Assurance
12%
Compliance
Professionals,
25%
Risk
Management, CR
O
20%
IT GRC Heads
and Managers
10%
CIO and Head of
IT
5%
CISO
3% 2%
Participants Profile for 1st Edition of GRC
Summit





Mr. Dey oversights the Audit, Compliance, Fraud Investigations and
the Company Secretarial functions for Yes Bank. In this role he is
responsible for ensuring that Yes Bank functions according to the
highest Compliance standards and all functions are audited
thoroughly to ensure a robust risk containment and control
environment. Prior to joining Yes Bank he was with Citibank N.A.
for 16 years. He spent the first 10 years in various Operations roles
culminating with a stint as Senior Country Operations Officer of
Citibank N.A., Bangladesh. He spent the next 6 years in Citibanks
Internal Audit function initially covering the CEEMEA region and
later covering Asia. In his role in Citibanks Internal Audit he was
responsible for leading major audits covering Citigroups Global
Processing Centers in Mumbai & Penang, Transaction Service
Businesses and certain major countries in the CEEMEA & Asia
regions. Within Citigroup, Dev was globally recognized as a subject
matter expert in Trade Audits.






Smt Suparna Singh is an Electrical Engineer and an MBA from
IIM,Calcutta..Her work experience encompasses more than 20
years.
She started her career working on the shopfloor of Durgapur
Steel Plant in Steel Authority of India Ltd for several years as
well as in the supply chain section.In Essar Group, which is a
conglomerate of 8 businesses, Ms Singh reports directly to the
Promoters, the Ruias, and manages the Corporate
Governance of the Group, the Risk Management processes of
the Group, the Business Development processes as well as
the synergies common across the Businesses and Functions.
Apart from tracking the strategies and performance of each of
the Businesses and Corporate Functions, Ms Suparna Singh is
also actively involved in building relationships for the Group
with delegates and senior members from Businesses and
Governments across the World while discussing win-win
ways to work together.




Ravi started off as a mechanical engineer and moved to the
financial services industry spending time with the best banks
and FI's in India. He has seen many startups with innovative
ideas and many "firsts" in the Industry that became the
industry leaders in their own space,
Ravi in pas has been co-ordinator of the Core Group set up by
Allianz AG to set up life and nonlife ventures in India, Set up
Risk Management function at Infosys BPO, Establishment the
Global Risk Management and Compliance operations for
Butterfield Fulcrum across multiple jurisdictions.
Ravis specialties include Risk Management, Compliance( SOX,
GLB etc), ITES, Information Security, Insurance, Inclusive
Growth, Sustainability
Ravi Raman,
Head Investment Analytics and Operations,
InfraHedge Ltd- A State Street Subsidiary.








Rishi Kapoor is a Practice Leader for BFSI products at NIIT
Technologies. He comes with strong BFSI , PMO Consulting and
Enterprise Risk Management experience. Prior to joining NIIT he has
led strategic PMO for Banks (Head & AVP PMO CitiFinancial GSC),
Insurance (Head & VP Corporate Initiatives - Max Bupa Health
Insurance) and Technology (Head Program Management / PMO
Consulting - HCL and Satyam) companies. Rishi is currently based in
Delhi, India.
Rishi Kapoor, Practice Leader - BFSI Cloud Offerings,
NIIT Technologies





Manohar Ganshani heads Governance Risk & Compliance practice
in Wipro Consulting Services. He is a Bachelor in Engineering in
Computer Science. Manohar has 21 years of experience in the field
of Information Technology with over 11 years in the area of
Information security, IT security, Cyber security, Data privacy,
Regulatory compliance, Security strategy, and policy and
architecture design.
As a practitioner, he has handled many complex engagements in
risk and compliance space for the clients in US, EU, APAC apart
from India.As a thought leader, he has written and spoken on
various issues like mobile security, cyber security, critical
infrastructure protection, privacy for telecom, insider threat, social
media security and social awareness etc in various forums
organized by industry and state governments.






Mandar Vanarse, the author of ASSIMPLER framework for IT
Strategy and Enterprise Architecture is the Practice Head and
Partner with Wipro Consulting Services. He has been into
various leadership positions in last 17 years in US, Middle East,
APAC, ANZ and India. He has led cross cultural teams onshore
and offshore. His experience spans across Telecom, BFSI,
Energy and Utilities, Infrastructure and Government. Mandar
has also led Practices, ODCs and startup organizations in the
capacity of Head, CTO and CEO to successful profit centers.
His Skills include advisory in designing Service Strategy,
Innovation Center, e Business Strategy, Business Value of IT, IT
Strategy and EA, IT Optimization, SOA and Cloud offerings. He
has been an invited speaker in various conferences and has
been strategy coach and mentor for many organizations and
Governments.





Vinod Vasudevan is a co-founder and COO of Paladion. He has 15
years of experience in technology and information risk
management domain. As the COO at Paladion, Vinod has serviced
large enterprise organizations across the globe for setting up of
integrated risk management systems and for stream lining system
based operations. He regularly presents in leading forums,
conferences, recent one being RSA conference, Europe. He sits on
the expert panel of industry consortiums. He is the lead author of
the book Application Security in the ISO 27001 Environment
from IT Governance, UK. Vinod is also the co-author of "Enhancing
Computer Security with Smart Technology" published by
Auerbach. He is a CISSP and a PCI QSA.

Mandar Vanarse, Practice Head and Partner,
Wipro Consulting Services





Devang Ashar is a seasoned IS professional with 14 years of
experience working on many enterprise security solutions &
with regulations such as COBIT, HIPAA, PCI DSS, SOX, ISO
27001. He has extensively worked in various IS domains for
consulting projects with Banks & Telecoms across the world.
And has achieved several industry accreditations such as CISA,
CISSP, ISO 27001 LA, Six Sigma etc.
Devang is working as the Regional Director at Modulo
Security, LLC. and is responsible for driving their GRC
solutions across APAC region. He has also worked with Multi-
nationals like Rolta group, Microland India Ltd, Yodlee
InfoTech & Amdocs India.

Rajdeep Premkumar Pai,
Senior Governance Risk Compliance Professional






Anand joined Cura March 2010 and handles general Corporate
functions from India including Delivery, Services & initiated India
Business Development. He has over 18 years of experience in IT SW
Products (including GIS, Embedded), Services, Consulting and
Manufacturing. He has worked for Global MNCs & large conglomerate
companies including Lanco Group, Rain Industries, Intelligroup &
Navionics

Anand Tatavarthi,
Vice President,
Cura Technologies Limited






Devendra is a Partner with advisory services in Ernst & Young
(India). He is leading the Governance, Risk and Compliance
automation practice for Ernst & Young in India and also heads
the IT Risk and Assurance (ITRA) practice for Technology,
Communications and Entertainment in the western region. He
specializes in end to end GRC services such as design,
implementation and has 11+ years of experience in various
other projects related to Information Security, Risk
Assessment, IT Strategy, IT Assurance, Application Reviews,
due diligence, BCP & DR across various companies in India.
Devendra.Parulekar,
Partner
Ernst & Young Pvt. Ltd.
Suparna Singh,
Vice President, Governance and Risk Management,
Essar Group
Devamalya Dey,
Group President Audit & Compliance,
YES Bank Limited
Manohar Ganshani,
Practice Partner, Governance, Risk and Compliance,
Wipro Consulting Services
Ranjeev C. Dubey,
Managing Partner,
N South Advocates


Devang Ashar,
Regional Director (APAC & ME region)
MODULO

Vinod Vasudevan,
Co-founder and COO,
Paladion







Arlene Laungayan heads up Operational Risk Implementation
Services, Advisory & Content business in the Asia Pacific region.
Prior to IBM, she spent seven years at American Express where she
worked in various risk management areas, including Market, Credit
and Operational Risk. Within Operational Risk, she has helped
many clients in developing methodologies for loss data collection,
risk and control self assessment, management reporting, scenario
analysis and operational Risk capital modeling.

Arlene holds a MBA from Columbia Business School in New York
and is also an instructor for the Risk Management Association on
Internal Loss Data, External Loss Data and Scenario Analysis.
Arlene Laungayan,
Senior Director, Operational Risk,
IBM








Copyright ITP Publishing India Pvt. Ltd. Any reproduction in part or full is prohibited without permission from ITP Publishing India Pvt. Ltd.




Technical Partner: ETrends

Provides bankable software services in the area of enterprise business applications. It is
one of the nation's most reputed IT company to provide range of fully customizable
solutions for corporate governance to suite the requirements of your company.
GRC solutions offered by ETrends have been well accepted by the of top business groups
of India like TATA, GODREJ, JSW.
LASER Enterprise Application by ETRENDS is content-enabled workflow solution
designed specifically for Risk Management, Legal Compliance Management, Internal Audit
Management and Insider Trading Management Systems. The most tangible benefits of
Etrends solutions are related to strategy execution, process and performance
improvement.
Visit www.lasergrc.com to know more about GRC offerings by ETrends.
GLIMPSES OF 2011 SUMMIT
Gold Partner: N South Advocates

Established independently in the fast growing commercial hub Gurgaon, N South is
amongst Indias cutting edge corporate law firms offering high quality legal services
across the country. N South is recognized for its guidance of cutting edge transactions in
M&A, Corporate Finance, Private Equity, Projects, Infrastructure and restructuring of
business.
The firm was involved in structuring some of the much talked about transactions in Indian
business landscape. The firm also continues to remain at the forefront of complex
commercial and corporate control litigation. Winning Legal Wars (McMillan 2003) by its
Managing Partner Mr. Ranjeev C. Dubey, remains the seminal business book on legal
strategies and tactics.N South represents a wide range of global clients along with
substantial list of domestic clients.




Silver Partner: Paladion

Paladion is the largest pure-play information security player in AsiaPAC and the fastest
growing in Asia (as ranked in Deloitte Technology Fast 500 Asia Pacific & Technology Fast
50 India - 2006, 2007, 2008 & 2009, 2010).
With a global footprint across 15 countries and decade of experience in the information
security domain, Paladion today is actively managing security for over 450 customers. It
provides security assurance, compliance, governance, monitoring and management
services to large and medium sized organizations.
Paladion also offers solutions for communication interception to law enforcement agencies
and service providers. Paladions security solutions have been awarded by Asian Banker,
Red Herrings, and Financial Insights. Paladion is involved in several security research forums
and has authored books on security management.

Gold Partner: MetricStream

MetricStream is the market leader for integrated Governance, Risk, and Compliance (GRC)
Management Solutions for global enterprises enabling them to deliver better business
performance. It's customer portfolio spans across all verticals with world-leading
companies in each industry.

The MetricStream GRC Platform provides solutions for audit management, regulatory
compliance, risk management, policy management, IT GRC, supplier/vendor governance
and quality management.




Gold Partner: CURA

In today's fast paced global economy, with emerging threats, coupled with ever more
regulations, organizations find themselves in a position that necessitates the active
management of Governance, Risk, Opportunity, and Compliance. As there is substantial
overlap across these functions, a co-ordinated approach is required. Ultimately, these
challenges can be reduced to risks and opportunities that the business faces. It is on this
idea that Cura was founded in 2002.

Cura provides smarter software solutions designed to enable businesses around the world
to quickly achieve the bottom line benefits of GRC Governance, Enterprise wide Risk
Management and Compliance linked to performance management. Cura does this
through faster implementation, easier configurability & true enterprise architecture.

Cura is used by over 200 amongst Global 1000 enterprises around the world, partnering
with Big Four consulting firms in focused areas of GRC and is recognised as a Challenger
by Gartner and as a Leader by Forrester Research in GRC domain



Silver Partner: Modulo

Modulo is the leading global provider of Governance, Risk and Compliance (GRC)
management solutions. Founded in 1985, Modulo has provided solutions to over a
thousand organizations worldwide for IT GRC, ERM, BCM, Vendor, Compliance and Risk
Management..
Modulo Risk Manager is an out-of-the-box solution that allow organizations to automate
the process of identifying, analyzing, evaluating and treating risks across the enterprise,
while reducing complexity and costs .The software and methodology greatly simplify the
management of risk and compliance with market standards and regulations, as well as IT
governance mandates. Risks analysis is performed using a quantitative, consistent and
structured methodology that is based on international risk management rules and
standards.
Modulo received the 2011 Best Buy and 5-Star choice by SC Magazine and is
recognized as a winner of the 2011 & 2010 Info Security Products


Bronze Partner: RBEI

Robert Bosch Engineering and Business Solutions Limited (RBEI), is a 100% owned
subsidiary of Robert Bosch GmbH, one of the worlds leading global supplier of technology
and services, offering end-to-end engineering, IT and Business solutions. With over 10000
associates, RBEI is the largest software development center of Bosch outside Germany,
indicating we are the Technology Powerhouse of Bosch in India. We have a global
footprint with presence in US, Europe and the Asia Pacific region. RBEI is ISO 9001:2008
certified (2009), appraised at CMMI-L5 as per ver 1.3 (2011) and also ISO 27001(2009)
certified, with state-of-the-art facilities in Bangalore, Coimbatore and Ho Chi Minh City.
RBEI provides solutions for businesses in primarily three areas: Engineering Services, IT
Services and Business Services with the focal industries being Automotive, Industrial
Technology, Consumer Goods and Building Technology.



Gold Partner: Wipro


Wipro Ltd. (NYSE: WIT) is a $7 billion global enterprise which offers services in IT services
and consulting. Our services span financial services, retail, transportation, manufacturing,
healthcare services, energy and utilities, technology, telecom and media.

Wipro Consulting Services (WCS) is a division of the Wipro Ltd. WCS has 1350+
consultants based in Europe, N. America, India, Asia Pacific and the Middle East. The
integrated consulting services combine the benefits of expert proximity, with global
leverage to provide technology edge and speed to strategic programs. WCS offers
Business Advisory, IT Consulting and Risk & Compliance services designed to improve
business performance, drive operational efficiency and enhance the reputational capital
and competitive advantage of the organization. WCS focuses on enhancing business
performance of its clients by streamlining processes, reducing organizational risk and
leveraging the global sourcing / outsourcing organizational model.

The Governance, Risk and Compliance practice of the Wipro Consulting Services division
helps organizations transform their risk and security processes to achieve their business
goals.

The Enterprise Architecture practice offers services such as governance architecture,
service oriented architecture, information architecture and infrastructure architecture,
Business-IT alignment, Value Management office, IT strategy, IT portfolio rationalization
and Green IT.

Partnering Organization For GRC SUMMIT

Bronze Partner: Newgen Software Technologies Ltd.

Newgen Software Technologies Limited is a leading global provider of Business Process
Management (BPM), Enterprise Content management (ECM) and Customer
Communication Management, with a global footprint of 850 installations in over
45countries with large, mission-critical solutions deployed at the world's leading Banks,
Insurance firms, BPOs, Healthcare Organizations, Government, Telecom Companies &
Shared Service Centers.


Silver Partner: Legasis

Legasis adds value by applying IT solutions to repetitive legal tasks. We have intricate
understanding of over 39 Legal Processes where IT solutions can reduce Price Value gap
without compromising the quality of legal deliverables.
Legatrix-compliance management solution has been helping many Fortune 100 clients
General Counsels and Compliance Heads in managing their tasks seamlessly, and
transparently. It has helped the CEOs , the Directors on the Board ( especially the
Independent Directors), the Board Committees to evaluate on real-time basis, the risks
associated with statutory and regulatory compliances.
Legasis' core strength is in its ability to deliver value to by leveraging our industry expertise
and legal framework.
Legasis is proudly serving a number of Fortune 100 companies in India & Globally. Our
competence is spoken by the clients we serve. Legasis believes in a partnering approach
with its clients for a perpetual journey in an ever changing dynamic business & legal
landscape.