4. Who is Riskpro… Why us?
ABOUT US MISSION
Riskpro is an organisation of member firms
around India devoted to client service Provide integrated risk management
excellence. Member firms offer wide range consulting services to mid-large sized
of services in the field of risk management. corporate /financial institutions in India
Currently it has offices in three major cities Be the preferred service provider for
Mumbai, Delhi and Bangalore and alliances complete Governance, Risk and Compliance
in other cities. (GRC) solutions.
Managed by experienced professionals with
experiences spanning various industries.
VALUE PROPOSITION DIFFERENTIATORS
You get quality advisory, normally delivered
by large consulting firms, at fee levels Risk Management is our main focus
charged by independent & small firms
Over 200 years of cumulative experience
High quality deliverables
Hybrid Delivery model
Multi-skilled & multi-disciplined organisation.
Ability to take on large and complex projects
Timely completion of any task due to delivery capabilities
Affordable alternative to large firms We Hold hands, not shake hands.
4
5. Risk Management Advisory Services
Basel II/III Advisory Corporate Risks Information Security
Market Risk Enterprise Risk Assessment IS Audit
Credit Risk Fraud Risk Information Security
Operational Risk Risk based Internal Audit IT Assurance
ICAAP Operations Risk IT Governance
Forensic services
SERVICES
Operational Risk Governance Other Risks
Process reviews Corporate Governance Business/Strategic Risk
Policy/ Process Review Business Strategic risk Reputation Risk
Process Improvement Fraud Risk Outsourcing Risk
Compliance Risk Forensic Accounting Contractual Risk
Training Recruitment
Banking – E Learning Virtual Risk Managers
Corporate Training Full Time Risk Professionals
Regular Risk Management Training Part time Risk Professionals
Online Training material Risk Managers on call – free
Workshops / Events
5
6. Our Delivery Methodology
FREE USP
“No Cost – Know Risk” Diagnostic Assessment
(To determine your pain points, industry benchmarking etc)
GAP ANALYSIS & PROJECT DEFINITION
(Riskpro and clients brainstorm define project)
USP
PROJECT TEAM DEFINITION
Client gets to select Riskpro team members, subject matter experts.
Riskpro uses a mix of client staff / own staff for maximum value add
PROJECT EXECUTION
Constant project updates, timely project completion and project
outcomes that are practical and easy to maintain
6
7. Business Model – Hospital (Illustrative)
Corporate Governance Business Planning
Stakeholder
perspective
Mergers & Acquisitions/ Projects Marketing & Sales
Service Medical Strategy Patient discharge
Patient reception Diagnosis & Medical Record
Delivery & Service and Rehabilitation
& admission Patient Treatment Maintenance
Excellence Services
Medical Audit
Cost Procurement - Medical HR & Payroll Procurement - Capex
Perspective
Operating Systems & IT Housekeeping Inventory Management
Other
Insurance including TPA Finance & Accounts MIS & FR
Enablers
Administration & Facility
Customer Service Legal & Taxation
Management
Misc.
Blood Bank Management Waste & Energy Management F&B
Important
Quality Assurance
Strategic Operational Support
7
8. Key Issues noticed in Hospitals
• • Frequent changes in the Project Plan
Short Healthcare Personnel
• • Lack of investment in research and development to
Stock Out of Life Saving Drugs
• Improper maintenance of medical records identify opportunities for new specialty services.
• Improper monitoring of cost and quality against the plan/
• Long pending from TPA’s/ Corporate
• Loss of star doctor/team budgets
• • Lack of focus on Medical Programs
Issue of expired blood/medicine to patients
• • Incorrect diagnosis/ treatment provided to patients
Not maintaining adequate transparency with
• Regulatory non compliances
patients with regard to treatment provided
• • Unhygienic conditions in hospital kitchen
Improper waste management
• • Improper segregation and disposal of waste
Customer service not in sync with customer
• Incomplete medical records
expectations
• • Incorrect provisioning for accounts receivables
Incorrect billing to patients
• • Inappropriate data used for reporting to management
Insufficient use of IT in daily operations
• • Weak processes to ensure compliance to JCI/ NABH
Threat of information theft from external & internal
sources
• Continuous dependence to drive revenue through
ECHS/CGHS
8
9. Risk Based Internal Audit How we Do
Internal Auditing helps an organization
accomplish its objectives by bringing a Enterprise Risk
systematic, disciplined approach to evaluate Assessment
and improve the effectiveness of risk
management, control and governance
processes. Risk
Need of Organizations
Source: The Institute of Internal Auditors 1999 (IIA) Assessment
Process
Reviews
Fraud Benefits of Risk based Audit
Mitigation
• Traditional audit view value added
Control techniques
Reviews •Risk profile of Businesses
•Internal Controls & Ops Risk reviews
Transaction •Cost reductions recommendations
Audit •Review of Fraud Risk Controls
Increasing Enterprise Risk Focus
9
10. Internal Audit Universe
Internal Audit may be performed in the following domains for hospitals:
Major focus area Objective
Ensuring management’s vision , business objectives are incorporated in
i Hospital Governance the governing principles of the hospitals.
Ensuring robust procedures supporting clinicians to provide best quality
ii Medical & Quality Audit medical care to patients.
Ensuring robust business processes to support effective and efficient
iii Operations Support Audit operation of units.
Ensuring processes to recruit, develop and retain workers and leaders to
iv People Audit support achievement of business objectives
Ensuring processes and controls for accurate and effective financial
v Finance & Accounts accounting and reporting.
Ensuring processes to help units and HO comply with internal policy and
vi Compliance Management procedures, legal requirements, JCI, NABH and other requirements.
10
11. Internal Audit methodology for Hospitals
Audit planning Audit execution Reporting
• Gaining detailed understanding of your • Detailed scoping for each audit in discussion • Providing detailed audit issues and supporting
organisation. with process leaders, unit heads, FCs and evidence (including discussions) to process leaders
• Identification of key business processes HO to identify key focus areas. at unit and management for management comments.
supporting patient service. • Conducting detailed process walkthroughs, • Organising audit closure workshop at unit with
• Importance mapping of business processes documentation , risk & controls identification process leaders, unit head and medical director to
with patient journey. and testing. discuss audit issues, rating and recommendations
Key Activities
• Identification of business risks at unit and • Continuous discussion with management at and attain common understanding.
organisation wide level. unit and HO. • Submit final audit report to unit, HO and audit
• Organising workshops at unit and HO level • Identification of issues, risks, implications, committee.
to discuss key business processes and risk recommendations and discussion with • Formation of recommendations implementation
rating to attain common understanding. process leaders. roadmap in consultation with unit and HO.
• Identification of operational and clinical • Audit issue/ process gap impact analysis on • Summary reporting to audit committee and
processes to be audited (audit wish list). clinical and support processes. presentation.
• Discussion with unit heads and HO to • Benchmarking of processes with leading • Obtain feedback.
prioritise audits. hospital practices.
• Findings and recommendations report for management
comments
Deliverabl
• Final internal audit plan • Engagement scoping document and timelines • Final report for management and audit committee
• • • Practical recommendations and implementation
es
Engagement letters Regular audit updates
• Audit workpapers and audit issues roadmap
• Audit committee report and presentation
Assurance
•
Quality
Team of professionals with extensive experience in healthcare audits.
• Continuous project reviews by partners and directors of the firm to ensure quality and client satisfaction.
11
12. Patient Journey View - Illustrative
Standard steps/ stages in a patient journey in an hospital
List of departments supporting service delivery
Business importance assigned to departments on basis of
degree of involvement in providing patient care/ service
12
13. Other factors to be considered for Scoping
Multi-specialty Vs. Super Specialty hospital. More intense IA’s in case hospital is multi & super specialty.
Business Objectives – have to be kept in mind for each hospital/ unit and IA scope should be fine tweaked
accordingly
Age of the hospital – for new hospitals, key focus is effective implementation of SOP’s, clarity in roles &
responsibilities, service delivery monitoring. Stable/ Mature hospitals focus more on operational excellence,
introducing industry best practices.
Integrated Compliance Risk Management – Most hospitals review same controls more than once, for eg.
Billing process may be reviewed in NABH/ JCI and/ or in Internal Audit and or in ISO and or in Internal Controls
over financial reporting review. Management should consider developing an integrated compliance risk
management framework whereby risk is assessed/ tested once and reported in multiple places as required.
Past IA scope – key issues/ challenges play important role in direction setting. Audit Charter should cover key
processes/ controls monitoring regularly. Non key processes/ controls can be tested/ reviewed once in 2/3 years.
Fraud vulnerabilities should be reviewed while ascertaining IA scope
Maturity of IT/ ERP system is crucial factor for scoping
13
15. Detailed Coverage – Hospital Governance
(i) Hospital Governance
Business Whether IA
Sub Areas
Criticality recommended
Mergers & Acquisition – Internal Control
H Yes
DDR
Medical Strategy & Quality H Yes
Capacity Management H Yes
Quality Compliance Management –
H Yes
NABH/ JCI
New Projects H Yes
Corporate Governance Matters H Yes
Marketing H Yes
15
16. Detailed Coverage – Hospital Governance
(ii) Medical & Quality Audit
Whether IA
Sub Areas Business Criticality
recommended
Allied Health operations M Yes
Stress Care Centres H Yes
Medical Psyh Units M Yes
Operation Theatre’s H Yes
ICU, MICU, ICCU & PICU H Yes
Imaging Centres & Laboratory’s H Yes
Progressive Care Unit M Yes
Vascular Rooms H Yes
Cardiac Recovery rooms H Yes
Prep room H Yes
Recovery room H Yes
Ambulance services H Yes
Surgical Services H Yes
Blood bank management H Yes
Nurse/ Doctors bay M Yes
Pediatrics/ Orthro/ Neuro Unit M Yes
16
17. Detailed Coverage – Hospital Governance
(iii) Operations Support Audit
Business Whether IA
Sub Areas
Criticality recommended
Parking, Reception & Front Office L Yes
Admissions H Yes
Procurement including CPC H Yes
Inventory Management H Yes
Foods & Beverages M Yes
Laundry & Housekeeping M Yes
Centre for Community Service M Yes
Discharge & Billing H Yes
Autopsy & Mortuary management M Yes
Patient Safety – Incident Management H Yes
Pharmacy M Yes
ATM, Café, Spiritual ministry L No
Insurance including TPA H Yes
Bio / Non Bio Medical equipment H Yes
Energy & Water consumption M Yes
IT Support – FOS, ITGC, ERP, Business
H Yes
Continuity & DRP
17
18. Detailed Coverage – Hospital Governance
(iv) People Audit
Whether IA
Sub Areas Business Criticality
recommended
HR Planning & Recruitment H Yes
Employee training H Yes
Hospital and clinician relationship management M Yes
Roster management H Yes
Employee Records M Yes
Leadership Development Initiatives H Yes
Payroll end to end M Yes
Salary benchmarking M Yes
Performance Appraisal process H Yes
Employee Satisfaction Survey H Yes
18
19. Detailed Coverage – Hospital Governance
(v) Finance & Accounts
Whether IA
Sub Areas Business Criticality
recommended
Budgeting H Yes
Accounts Receivable H Yes
Accounts Payable H Yes
Fixed Assets Management H Yes
Cash & Bank Management M Yes
Capital Expenditure H Yes
Treasury M Yes
Stock Options M Yes
Taxation H Yes
Financial Reporting H Yes
Foreign Exchange M Yes
Investments M Yes
Share Capital And Funds Utilization M Yes
19
20. Detailed Coverage – Hospital Governance
(vi) Compliance
Whether IA
Sub Areas Business Criticality
recommended
Medical Records H Yes
Secretarial H Yes
EHS H Yes
Other enactments H Yes
Yes
JCI standards compliance H
NABH standards compliance H Yes
20
21. Riskpro Clients Our Clients
*Any trademarks or logos used throughout this presentation are the property of their respective owners
21
22. Team Experiences Our Experiences
Our team members have worked at world class Companies
*Any trademarks or logos used throughout this presentation are the property of their respective owners
22
23. RESUMES – Our team Credentials
Co-Founder - Riskpro
CA, CPA, MBA-Finance (USA), FRM (GARP)
Manoj Jain
Over 10 years international experience – 6 years in Bahrain and 4 years USA
15 years exp in risk management consulting and internal audits, Specialization in
Operational Risk, Basel II, Sox and Control design
Worked for Ernst & Young (Bahrain), Arab Investment Company (Bahrain),
Navigant Consulting(USA), Kotak Mahindra Bank (India) and Credit Suisse(India)
Sox Compliance project for Fannie Mae, USA ( $900+ Billion Mortgage Company)
Co- Founder - Riskpro
CA (India), MBA (Netherlands), CIA (USA)
Rahul Bhan
Over 15 years of extensive internal and external audit experience in India and
abroad.
Worked with KPMG United Arab Emirates, PKF South Africa, Ernst and Young
Kuwait, Deloitte Netherlands and KPMG India.
Worked with clients in a wide variety of industries and countries including trading,
retail and consumer goods, NGO, manufacturing and banking and finance. Major
clients include banks, investment companies, manufacturing organizations,
aviation etc.
23
24. RESUMES - Our team Credentials
Co-Founder - Riskpro
Casper Abraham
PGD (Electrical & Electronics & Computer Programming)
30 years of experience in Information & Communications Technology (ICT) Solutions
for Retail, Garments, Manufacturing, Services Industries.
Has created Companies, Divisions, Products, Brands, Teams & Markets.
Consulting in Business, Technology, Marketing & Sales & Strategic Planning.
Advisory, Training, Workshops & Implementation in Systems Thinking, Systems
Modeling & Balanced Scorecard
Worked with TIFR, Mahindra, Ambience, Communico-Graphique & Ionidea Inc, USA,
Sr Vice President – Risk Management
MBA, PDFM,NSE-NCFM, PMP, CSSGB,ISO 9001:2000 I.A,GARP-FBR, ITILV3,CPP-BPM
Hemant Seigell
Professional with 17 years of rich experience into diverse Consumer finance/ Lending
operations ,Risk Management,BPMS, Consumer Banking, NBFC, Management Consulting &
Housing finance in BFSI industry having successfully led key business strategic
engagements across multi-product environment in APAC, Australia and US regions.
Worked with GE, ABN AMRO Bank, Citigroup, Accenture, Deutsche Postbank
Highly skilled and expert Trainer in Risk areas across Credit, Fraud, Operational, Corporate
Risk management.
Specializes in Fraud Control, AML/KYC Compliance ,QA ,ERM and Regulatory governance.
24
25. RESUMES - Our team Credentials
Head - Insurance Risk Advisory services
B.sc, Associate of Indian Institute of Insurance
Licensed Category A Insurance surveyor
R. Gupta
26 years of experience in Insurance advisory services, Loss adjusting for large
corporates,Claims management.
Has assessed more than 4500 high value insurance claims across various industry
sectors.
Risk management inspection
Valuations of fixed assets for insurance purpose.
Head - Human Capital Management
Nilesh Bhatia
Chartered Accountant, Lead Assessor ISO 9000, Six Sigma Trained, Trained on Situational
Leadership, Trained on interviewing skills and Whole Message Model.
Over two decades of international, multi-cultural experience in finance and human resources
viz. internal audit, accounting operations, accounting process review & re-designing, risk
management, business solutioning, six sigma projects, talent acquisition, talent retention,
organization design/redesigning, compensation and appraisal processing, employee and
customer satisfaction surveys, knowledge management and finance services.
Worked with Citicorp/MGF, India Glycol, Delphi, American Express India, American Express
USA, Fidelity International and Macquarie Global Finance Services India.
25
26. RESUMES - Our team Credentials
Head – Taxation Risk Advisory
Rajesh Jhalani
B.Com, FCA
Senior Partner with 48 year old Delhi based Chartered Accountant firm, Mehrotra
and Mehrotra
Over 19 years of experience in the field of Audit, Taxation, Company law matters.
Major clients served are NTPC, BHEL, Bank of India, PNB, Airport Authority of
India etc.
President – Banking & Financial Services
A senior researcher in Applied Mathematics leading to Ph.D after MSc (Mathematics),
Sivaramakrishnan
CWA, CAIIB
Combined experience of 25+ years in corporate banking, risk management,
international trade finance, development of risk rating models, project finance, credit
monitoring and NPA management
Since 2006 conducting open / in-house training on the above domains to all Top
public/ new and old private sector banks, top MNC banks (India and abroad), leading
NBFCs and corporates in manufacturing and financial services space; Worked on IFC
(World Bank) funded projects for MSMEs in India and abroad
Worked for Bank of Baroda and ICICI Bank – bestowed Top Performer Award
continuously two years during his tenure; widely travelled abroad for business
relations, seminars, offering training, investor meetings, NYSE listing and for
processes involving establishment of representative Office in USA
26
27. RESUMES - Our team Credentials
Executive Vice President – Risk Management ( Banking & Financial Services)
A hands-on banking professional {BSc (Mathematics), CAIIB} with considerable
domestic and international experience
Kashi Banerjee
An aggregate experience of 24+ years across industry, mainly BFSI in several
functional areas including Retail and Commercial Banking, Corporate Lending, team
member of the Business Process Re-Engineering project (BPR); conceptualizing and
setting up shared services centres for centralized operations for the Bank in India.
Management through ERM framework overseeing all key areas of the business
through various Operational Risk tools like KRI / RCSA matrices. Managing of major
project implementation of Basel II and Compliance risk framework
Directing, reviewing and advising Board of Directors on various compliance issues and
representing the bank to the Central Bank regulatory offices.
Worked for ANZ Grindlays Bank, Standard Chartered, Bahraini Saudi Bank and Dubai
Holdings ( subsidiary)
Consultant – Information Security & IT Governance
Anjay Agarwal
LLB, CA, CISA, CWA, CS, CFE and others
Over 15 years of experience in the field of Audit, Taxation, Investigations.
Specializing in the field of Systems Audit, Cybrex Audit, Computer Crime
Investigations, IS Forensics
International Committee Member of Governmental and Regulatory Agencies
Board and Academic Relations Committee of ISACA, USA
27
28. RESUMES - Our team Credentials
Executive Vice President – Risk Management ( Banking & Financial Services)
Vijayan Govindarajan
Professional Risk Manager with considerable domestic and international experience
An aggregate experience of 30 + years across industry, mainly Banking in several functional areas
including Wholesale Credit Risk, Operational Risk, Trade Finance , Retail Banking and Islamic Financial
Services.
Track record of setting up of excellence in the set-up, and management of credit and operational risk,
compliance and credit administration functions in retail, commercial , Islamic Banking and offshore banking
entities in the Middle East.
Key strength includes Corporate Credits, Risk Management in IT, implementation of Risk Management
module in core banking Bank’s Policies, procedures, Country Risk. Played an active role in 3 core banking
software implementations
Worked for a Private Sector Bank in India, ABN AMRO Bank, Bahrain, Bank Muscat Bahrain and BMI Bank
Bahrain as AGM Risk Management.
Specialist Risk Consultant – ERP & IT Compliance
Gourav Ladha
SAP Certified, MBA (Finance), SAP Security trained (from SAP India), SAP GRC Access Controls trained
(from SAP India)
Over 7 years of experience working in the area of ERP/IT Risk advisory, primarily focusing on SAP, for
‘Fortune 500’ clients in around 8 countries including US, UK, UAE, Hong Kong, etc
Specializes in SAP Risk & Controls Advisory, SAP Business Process Controls Audit, SAP Security &
Segregation of Duties Control Audit, ERP Trainings,
Strong Industry experiences ranging from Beverages, Insurance, Energy, FMCG, Pharmaceutical, Retail,
Telecommunication to IT Services
Worked for risk advisory teams of reputed organizations like Ernst & Young, EXL Services
28
29. RESUMES - Our team Credentials
Vice President & Head – IT Risk Advisory
Ravikiran Bhandari
Over 14+ Years of Experience in Information Security and Risk Management & CISM
certified
Headed the Global Information Security team of Daimler (Mercedes-Benz) Worldwide at
Bangalore for 9 years, previously worked at organization like Wipro, Bangalore Labs
Multi-sector experience including Banking, Insurance, Finance, Energy, Manufacturing,
Retail, Hi-Tech & Telecom, and Automobile
Well known Ethical hacker: Was featured in BusinessWorld Magazine in an article about
leading ethical hackers in India and published several articles in Print and Online Media
Rich experience in Information Security Audits across Corporations, 3rd Party Suppliers, Joint
Ventures across several countries in the world including US, UK, China, Germany
Vice President – Legal Risk Advisory
Aashish Shrivastav
B.B.A. LL.B. (Hons.)
About half a decade experience in legal services to client’s with respect to Contract
and Commercial Laws, Joint Ventures, Inbound & Outbound Investments, Private
Equity Investment Transactions, Real Estate & Infrastructure, Energy and General
Corporate.
Have advised various social enterprises and start ups in setting up business in
India.
Worked for the leading law firms of India such as FoxMandal Little.
29
30. RESUMES - Our team Credentials
Vice President – Riskpro India
Phanindra Prakash
FCA [India], ACMA [India], CFE [USA], CertIFRS [UK]
Over 16 years of extensive consulting experience which includes financial & systems audit,
process transformation, implementation of internal controls, SOX compliance, fraud audits
& due diligence, US-India taxation
Engaged in consulting roles as trusted advisor to finance, internal audit and information
technology executives of multiple Fortune 1000 companies with project sites in US,
Canada, Europe & Asia
Worked with E&Y and Deloitte Consulting in USA
Some of the major clients served internationally are GE Capital, UBS, McKesson, Eaton,
Imation, Albertsons,
EVP and Head – Telecom Risk Advisory
M.Tech, IIT Kharagpur, India; IES; Doctoral study, research and teaching in Linkpoing
University/Sweden; Lead Auditor (BVQI).
Asok Sit
Over 30 years on International experience in networks and mobile Handsets from top
global companies /institutes like ISRO, Ericsson, Nokia, Nokia Siemens Networks and
based mostly in its head quarter locations in India, EU, USA.
Expertise: Setting up capability, behaviour, culture in turning Risk, Quality, Innovation for
competitive advantage, customer delight and sustainability; key skill sets are Engagement,
Handholding, Coaching, Mentoring and lot of best practices, benchmarking/standards like
CMMI, TL9000, Six Sigma, ISO, SAS 70 etc.
30
31. RESUMES - PARTNERSHIPS
Specialist Risk Consultant – Business Continuity
Andrew Hiles
Founder and 15-year Chairman of Survive, the first international user group for Business
Continuity professionals
Founding director and first Fellow of the Business Continuity Institute
Over 25 years international consulting expertise in Risk, Crisis, Emergency, Incident, and
Business Continuity and ICT Disaster Recovery Management
Multi-sector experience including Banking, Insurance, Finance, Oil, Gas, Energy,
Manufacturing, Retail, Hi-Tech & Telecom
Western Press Award for services to business, 1994; BCI/CIR nomination for
lifetime achievement in BC, 1999, London; inducted into BC Hall of Fame by CPM magazine,
2004, Washington DC.
Specialist Risk Consultant – Enterprise Risk Management
Chris E. Mandel
Highly skilled risk and insurance professional with 25 years of experience designing,
developing and implementing large, global corporate risk management programs for Fortune
500 firms.
Principal Consultant and Founder - Excellence in Risk Management, LLC. (Texas, USA) Co-
founder and EVP, Professional Services, rPM3 Solutions, LLC (Maryland, USA).
Past experiences include Head of Global Risk Management for USAA, PepsiCo/Tricon
Global and American National Red Cross
Additional risk and insurance experience at Verizon Corp,. Marsh USA and Liberty Mutual
Insurance Co.
2004 Risk Manager of the Year – 2007 recipient of the Alexander Hamilton Award for
“Excellence in ERM” (at USAA) – former President, Risk and Insurance Management
Society, Inc.
31
32. RESUMES - Advisors Credentials
Founder partner of Mehrotra and Mehrotra, a 48 year old CA firm in India
Mr. MP Mehrorta
B.Com, FCA, LLB
Over 48 years of experience in audits, taxation, legal matters, loan syndication etc.
Trustee of Cochin Port Trust, Member of Task Force for MOUs, Ministry of Heavy
Industries & Public Enterprises, Govt. of India, Ex- Member of Central Board of
Trustees, Employees’ Provident Fund Organisation (EPFO), Ministry of Labour,
Govt. of India, New Delhi.
Ex - Director, Canara Bank
Practicing chartered accountant in Delhi
CA, ICWA
Mr. PK Gupta
Over 35 years of professional experience.
Trustee, Kargil Shaheed Smarak Samiti
Hon. Treasurer, World Academy of Spiritual Sciences (WASS).
Panel Arbitrator, International Centre for Alternative Dispute Resolution
Arbitrator, Cement Corporation of India
Arbitrator, Bombay Stock Exchange Limited
Arbitrator, Central Depository Services (India) Limited
Arbitrator’s Panel of Indian Council of Arbitration
32