SlideShare uma empresa Scribd logo

FixNix 17 products1.0

•Transferir como PPTX, PDF•
•
FixNix Inc.,
FixNix Inc.,

FixNix GRC suite

Software
1 de 124
FixNix InfoSec Solutions GRC Suite of 17 Products
How FixNix add value? •Process Automation: By automating the compliance management processes the organization will dramatically reduce the time being spent by staff members, line managers, and senior managers on risk and compliance related activities. •Collaboration: Employees are able to carry out team activities in a productive manner with the collaborative environment that FixNix provides. •Consistent Process: FixNix enforces a consistent process across the enterprise, eliminating any deviations and error eliminating the cost and time associated with repeated processes and multiple checks. •Resource Utilization:With the entire compliance process streamlined and automated with the FixNix solution, the organization can better utilize its resources. •Comprehensive Visibility: Comprehensive visibility provided by FixNix has lowered the risk of non-compliance and executives can be assured of higher customer and investor confidence.
Enable Federated organizational structure and leverage technology for sustainability, consistency, efficiency and transparency across this organizational architecture. Managing documentation, risk, controls and reporting of internal controls having a number of limitations Challenges faced by industry in Compliance process
The system lacked role-based views, making it difficult for stakeholders such as executives to use the system. •There was no easy way to share risks and controls between processes in the system. As a result, the compliance teams ended up having to define a number of redundant controls in their existing system. This redundancy made change management very challenging. •The system lacked document management and change reporting capabilities. Although current versions were readily available, comparison of controls and documents to prior periods was completely manual and it was difficult to implement strict access control or deploy a streamlined process for change management.
FixNix Asset Management can cater the needs of •ISO Asset Management Workflows •ITIL Asset Management •Maintaining CMDB •Asset Gap Analysis and Asset Protection Platform
Asset management
Asset Registry / Inventory Phase
Asset Registry / Inventory Phase •This phase mainly involves the creation of assets. •You are prompted to provide the following properties for any asset creation. Physical Properties(like IP, MAC, asset sub type etc.,) Security Properties(like C/I/A values etc) Assignment Properties(like asset custodian, owner, user, current location etc) Current level of protection (You can alternately use the import feature for bulk addition of any kind of asset.)
Type of Assets you can maintain with FixNix Asset Registry •Information Assets •Computer / Servers •Source Code Assets •Service Assets •Mobile Assets •Document Assets •Miscellaneous (Coffee Machine, Printers & any other Consumable Assets) •Vehicle Assets
Assessment / Evaluation Phase
Assessment / Evaluation Phase The evaluator / CIO needs to understand the current level of protection and is responsible for defining the controls in the below classifications. •Labelling •Transport / Transmission •Addressing •Storage •Disposal
Action Phase
Action Phase – Custodian Role Custodian is responsible for implementing the controls that are recommended by evaluator/CIO and needs to describe the action statements taken by him and is responsible for providing the evidence documents.
Action Phase – Owner Role Owner is responsible for defining fair usage policies and he needs to communicate it with all the asset users. He needs to get acknowledgement from all the asset users that they have understood and accepted the policies.
Review Phase
Review Phase The evaluator needs to review to the actions taken by custodian and owner. Reviewer is supposed to take a decision on the actions and he needs to define a closure statement and a next review date
Whistle-blower/ Hotlin e
•Definition of Whistle- Blowing One who reveals wrong-doing within an organization to the public or to those in positions of authority. One who discloses information about misconduct in their workplace that they feel violates the law or endangers the welfare of others. One who speaks out, typically to expose corruption or dangers to the public or environment.
•Types of Whistle-Blowing •Internal Whistle-Blowing When an individual advocates beliefs or revelations within the organization. •External Whistle- Blowing When and individual advocates beliefs or revelations outside the organization.
•Stages of Whistle- Blowing Mainly three stages of whistle blowing given below 1.Blow the whistle 2.View Status 3.Evaluator Login
•Blow the Whistle Blow the Whistle Here we should mention what type of whistle and to whom you want send complaint whistle. Requester Information  Details description of whistle complaint and what is your idea to solve the problem. Submission Rules and regulation about whistle
•Blow the Whistle Blow the Whistle Here we should mention what type of whistle and to whom you want send complaint whistle. Requester Information  Details description of whistle complaint and what is your idea to solve the problem. Submission Rules and regulation about whistle
•Requester Information Blow the Whistle Here we should mention what type of whistle and to whom you want send complaint whistle. Requester Information  Details description of whistle complaint and what is your idea to solve the problem. Submission Rules and regulation about whistle
•Requester Information Blow the Whistle Here we should mention what type of whistle and to whom you want send complaint whistle. Requester Information  Details description of whistle complaint and what is your idea to solve the problem. Submission Rules and regulation about whistle
•Submission lHere only mentioned all rules and regulation of whistle complaint. l1.First each person should accept the rules and regulations l2.Then person can file a whistle
•Submission
View status A person who informs on a person or organization regarded as engaging in an unlawful or immoral activity. Person can check given below Person can check status of whistle complaint Person can add comment and send mail to authority person. Person can check the entered information
Status
Continue...
Evaluator Login lEvaluator can do following things are lEvaluator can view the whistle complaints lEvaluator can give solution to particular problem lEvaluator can chat to person lEvaluator can update the status of whistle complaint
Business Continuity Management( BCM)
Analyzing the Resources: The analysis phase consists of impact analysis, threat analysis and impact scenarios for Resources. If impact is Critical, two values are assigned:  Recovery Point Objective (RPO) – the acceptable latency of data that will not be recovered  Recovery Time Objective (RTO) – the acceptable amount of time to restore the function The recovery time objective must ensure that the Maximum Tolerable Period of Disruption (MTPoD) for each activity is not exceeded.
Business Plan: These phase identifies the most cost-effective disaster recovery solution that meets two main requirements from the impact analysis stage. Analysing the Operating Expenses(OPEX) and Capital Expenditure(CAPEX) for the designing Business Plan.
Implementation: These Stage defines whether the Business Plan is Implemented or not. Any Queries/Actions need to take? The implementation phase involves policy changes, material acquisitions, staffing and testing.
Acceptance and Testing: The purpose of testing is to achieve organizational acceptance that the solution satisfies the recovery requirements. Plans may fail to meet expectations due to insufficient or inaccurate recovery requirements, solution design flaws or solution implementation errors. Testing May include: Table-Top Exercise Functional Test
Maintenance Phase: Maintenance Cycle is divide to 3 parts: Monthly Annually Bi-Annually Issues found during the testing phase often must be reintroduced to the analysis phase.
Compliance management
Main Features Single repository for regulations and standards Centralized repository for compliance related organizational data Allow for gathering of data from non technology sources such as people Map compliance data to regulations and standards Allow for generation of reports, export data for use with other systems within an organization
Title and Content Layout with Chart
Main Features Provide management dashboards for compliance status with the ability to drill down across departments, geographies etc. Allow for creation of custom compliance frameworks or modify existing ones Provide reminders to people for addressing compliance related tasks in an optimal manner Manage exceptions and activities related to compliance Provide an exhaustive audit trail for all compliance related actions through the whole process
FRAUD MANAGEMNET SYSTEM {Automate the alerting and prevention of fraudulent activities}
Fraud is a type of criminal activity, defined as: •‘Abuse of position, or false representation, or prejudicing someone's rights for personal gain'. •Put simply, fraud is an act of deception intended for personal gain or to cause a loss to another party. The general criminal offence of fraud can include: •Deception whereby someone knowingly makes false representation or they fail to disclose information or they abuse a position. •Fraudsters are always finding new ways to trick you out of your money. What is a Fraud?
What is Fraud Management System? •Fraud Management System (FMS) that allows you to analyze data from any source{Eg: Whistle Blower}, investigate hypotheses to discover new patterns and root causes, identify fraudulent activity in real time, and manage workflows that eliminate threats. •Fraud Management Systems are used to automate the alerting and prevention of fraudulent activities and to exclude the “human factor”.
Fraud costs public and private enterprises hundreds of billions of dollars each year. „ Exponential increase of frequency and sophistication of fraud, waste, and abuse. „ Diverse, complex, and constantly changing fraud schemes and strategies. „ Huge volumes of data from multiple sources. „ Operational and organizational silos What Are the Challenges for Companies?
•The typical organization loses 5% of its revenues to fraud. •2011 estimated and projected global total fraud loss $3.5 trillion. How big is the problem?
•Decrease fraud losses through real-time analysis. •Improve operational efficiency by automated processes. •Improve investigator efficiency with real-time analyses and metrics. •Maximize detection efficiency by early identification and prediction of future risk. •Improve process efficiency through real-time monitoring. •Investigate, analyze and prevent fraud in ultra-high volume environments Fraud Management Benefits
•If your company is at risk for significant financial loss as a result of fraud, Fixnix Fraud Management is certainly worth a look at a very low cost compared to other GRC competitors. •First quantify the risk and then assess the cost of your current efforts to contain and mitigate that risk. • If you employ fraud investigators, you must have some measure of their success and chances are you measure the number of potential cases investigated, along with the number of real occurrences of fraud. •The goal should not necessarily be to increase the number of cases of fraud detected, but to detect fraud more quickly and to minimize the number of cases you chase that lead to no fraud (fewer cases of false positives). Recommendations
•File a Fraud.
•Fraud List
•Fraud Investigate
Project Management
•File new project
•List all programs
•Project Detail list
•Audit Detail of project
•Project Submission
Policy Management
FixNix Policy Management ●With FixNix Policy Management, you gain a meaningful understanding of what governs your business and can formulate policies appropriately to assist achieving corporate objectives and demonstrating compliances ●Key Benefits oReduction in the time and effort required to create and update policies. oMapping with Standards and Controls oCommunication of Policies are made easy oReports Generation oDashboards with drill down charts oVersion Management of Policies are made in a consistent manner.
Dashboard
New Policy Create your policies in a 5 easy steps Step 1: General Information Step 2: Scope, Purpose & Description Step 3: Mapping Standards & Controls Step 4: Assign the handlers Step 5: Date & Other settings
Step 1: General Information
Step 5: Date and Others
Step 2: Scope, Purpose and Description
Step 2: Mapping Standards and Controls
Step 4: Handlers
Step 4: Handlers
View Policy Creating a new version of your policy. Can view all the versions of policy
Viewing Policy
Reviewing Policy
Approving Policy
Incident Management
Incidents can be any failure or interruption to an IT service or a Configuration Item/Asset. These can get created from From Event Management From Web Interface User Phone Call Email Technician Staff
Incident File
Incident Evaluation
Incident Resolution
Incident Closure
Contract Management
Fixnix Contract Management is a web-based tool designed to automate the entire contract process end-to-end. It simplifies the way contracts are managed, tracked and reported. An automated contract management process involves 3 “lifecycle” stages: File contract, Approval & renewal. Full-featured automated contract management should allow you to have complete visibility and control over any given contract from its inception to its renewal. For each step in the contract management process, automated solutions prevent clogs and speed up sales cycles. Integrating FixNix Contract Management into your business process will effectively enforce compliance & mitigate business risks, and acts as a directory of information for all your clients and candidates.
File
Approval
Renewal
Vendor manageme nt
objectives •Government Watch List (what they are, laws, and enforcement actions) •HIPAA, how it affects facilities from a vendor perspective, BAA’s, etc. •Immunization testing, what is required, CDC and OSHA regulations •Training requirements, and OSHA rules and regulations •Access Controls
What to do - 10,000 Foot Establish a Vendor Relationship Policy Establish a formal process for annual vendor reviews Assign and train vendor relationship managers Establish a mechanism for tracking vendor management activities
Which Vendors All Vendors get costly Which group of vendors give you the best bang for your buck? Access to Customer Information Critical for Operations Critical to Customer Service Based on $ amount of the contract Otherwise visible/high risk (website host, video equipment in the CEO’s office)
The Vendor Manager role Who Centralized Distributed (with centralized management) Skillset and tools Time Requirements Accountability
Tools Overview Vendor Management Policy Annual review checklist Critical Statistics Vendor Contract and SLA Vendor Management Records Open and Resolved Issues List Vendor financial and third party review reports
Vendor Management Policy Describes the organizations beliefs, objectives, and general procedures related to vendor management/service provider oversight Key things in ours Required/recommended vendors Assignment of responsibilities Accountability Basics of annual reviews
Tools –Vendor Contract and SLA Outlines the services provided and expectations of each entity Outlines recourse for resolving issues Where is the vendor contract stored Contract termination date Date or period of notice prior to renewal or termination Insurance coverage of the carrier Privacy and other regulatory expectations
Tools –Vendor Management Records Records and reports of previous vendor management activities for this vendor Used to identify trends Reminder of concerns from prior reviews, have these been resolved?
What Does It Mean To Healthcare? •Vendor Management = Risk Management •Managing Risk to patients –healthcare-associated infections account for an estimated 1.7 million infections and 99,000 associated deaths each year –13,779 TB cases (a rate of 4.6 cases per 100,000 persons) were reported in the United States in 2006. –Patient Privacy and Patient Rights •Security of the hospital and hospital property •Managing Conflict of Interest •Cost controls with proper device and medication approval processes
Risk reduction •Access Controls –Cold Calling –Appointment setting –Medical mistakes due to interruptions Without Interruption With Interruption Procedural failure rate 69.6% 84.6% (with three interruptions) Clincal error (at least one) 25.3% 38.9% (with three interruptions) Estimated risk of major error 2.3% 4.7% (with four interruptions)
Challenges Facing A Facility •Vendor Company –Financials •Bankruptcies •Liens •Judgments –Legal Standing •Involved with Anti-Kickback Legislation –Liability Insurance –HUB’s –Conflict of Interest •Vendor Representatives –Immunizations •MMR •TB •Varicella •Influenza –Cold Calling –Background Check –Conflict of Interest –Contact Information –Proper Training
Choices Develop your own system Use a service Cost – Human capital – Design the system – Programming – Manage the information – Development time – Administer the program – Higher cost to vendor community  Cost –Normally at no or little cost to you –Administer the program –Lower cost to vendor community
How fixnix helps to tackle this ?
Listing of vendors
Approve or reject vendors
Questions?

Recomendados

Internal controls & ai ss
Internal controls & ai ssInternal controls & ai ss
Internal controls & ai ssKashif Rana ACCA
 
Cissp business continuity planning
Cissp business continuity planning Cissp business continuity planning
Cissp business continuity planning N N
 
Security Audit Best-Practices
Security Audit Best-PracticesSecurity Audit Best-Practices
Security Audit Best-PracticesMarco Raposo
 
Coso And Internal Audit
Coso And Internal AuditCoso And Internal Audit
Coso And Internal Auditijazurrehman
 
Lecture 16 internal control - james a. hall book chapter 3
Lecture 16 internal control - james a. hall book chapter 3Lecture 16 internal control - james a. hall book chapter 3
Lecture 16 internal control - james a. hall book chapter 3Habib Ullah Qamar
 
Internal Controls Over Information Systems
Internal Controls Over Information Systems Internal Controls Over Information Systems
Internal Controls Over Information Systems Jeffrey Paulette
 
Effective Internal Controls (Annotated) by @EricPesik
Effective Internal Controls (Annotated) by @EricPesikEffective Internal Controls (Annotated) by @EricPesik
Effective Internal Controls (Annotated) by @EricPesikEric Pesik
 
Internal Control
Internal ControlInternal Control
Internal ControlSalih Islam
 

Recomendados

Internal controls & ai ss
Internal controls & ai ssInternal controls & ai ss
Internal controls & ai ssKashif Rana ACCA
 
Cissp business continuity planning
Cissp business continuity planning Cissp business continuity planning
Cissp business continuity planning N N
 
Security Audit Best-Practices
Security Audit Best-PracticesSecurity Audit Best-Practices
Security Audit Best-PracticesMarco Raposo
 
Coso And Internal Audit
Coso And Internal AuditCoso And Internal Audit
Coso And Internal Auditijazurrehman
 
Lecture 16 internal control - james a. hall book chapter 3
Lecture 16 internal control - james a. hall book chapter 3Lecture 16 internal control - james a. hall book chapter 3
Lecture 16 internal control - james a. hall book chapter 3Habib Ullah Qamar
 
Internal Controls Over Information Systems
Internal Controls Over Information Systems Internal Controls Over Information Systems
Internal Controls Over Information Systems Jeffrey Paulette
 
Effective Internal Controls (Annotated) by @EricPesik
Effective Internal Controls (Annotated) by @EricPesikEffective Internal Controls (Annotated) by @EricPesik
Effective Internal Controls (Annotated) by @EricPesikEric Pesik
 
Internal Control
Internal ControlInternal Control
Internal ControlSalih Islam
 
Cisa domain 1
Cisa domain 1 Cisa domain 1
Cisa domain 1 Ismail aboulezz
 
IT Control Objectives for SOX
IT Control Objectives for SOXIT Control Objectives for SOX
IT Control Objectives for SOXMahesh Patwardhan
 
CISA Domain- 1 - InfosecTrain
CISA Domain- 1 - InfosecTrainCISA Domain- 1 - InfosecTrain
CISA Domain- 1 - InfosecTrainInfosecTrain
 
Business continuity management system
Business continuity management systemBusiness continuity management system
Business continuity management systemsubbusai82
 
008.itsecurity bcp v1
008.itsecurity bcp v1008.itsecurity bcp v1
008.itsecurity bcp v1Mohammad Ashfaqur Rahman
 
Level 3
Level 3Level 3
Level 3GWC GROUP
 
3 2006 06 cs6 4 gait principles v3a
3 2006 06 cs6 4 gait principles v3a3 2006 06 cs6 4 gait principles v3a
3 2006 06 cs6 4 gait principles v3aGene Kim
 
Internal financial control - how ready are you - Webinar
Internal financial control - how ready are you - WebinarInternal financial control - how ready are you - Webinar
Internal financial control - how ready are you - WebinarAli Zeeshan
 
human factor loop
human factor loophuman factor loop
human factor loopBasitali Nevarekar
 
IFC - Internal Financial Control
IFC - Internal Financial Control IFC - Internal Financial Control
IFC - Internal Financial Control Dr. Dhirendra Gautam
 
Internal audit RBIA and Lifecyle approach
Internal audit RBIA and Lifecyle approachInternal audit RBIA and Lifecyle approach
Internal audit RBIA and Lifecyle approachsubbusai82
 
Steps in it audit
Steps in it auditSteps in it audit
Steps in it auditkinjalmkothari92
 
Introduction to it auditing
Introduction to it auditingIntroduction to it auditing
Introduction to it auditingDamilola Mosaku
 
IT Audit For Non-IT Auditors
IT Audit For Non-IT AuditorsIT Audit For Non-IT Auditors
IT Audit For Non-IT AuditorsEd Tobias
 
Topic 02 human and organizational factors in process industry
Topic 02 human and organizational factors in process industryTopic 02 human and organizational factors in process industry
Topic 02 human and organizational factors in process industryBasitali Nevarekar
 
Ch2 2009 cisa
Ch2 2009 cisaCh2 2009 cisa
Ch2 2009 cisaasrulsani09
 
Information system control and audit
Information system control and auditInformation system control and audit
Information system control and auditAstri Stiawaty
 
CISM_WK_2.pptx
CISM_WK_2.pptxCISM_WK_2.pptx
CISM_WK_2.pptxdotco
 
Assessing risks and internal controls training
Assessing risks and internal controls trainingAssessing risks and internal controls training
Assessing risks and internal controls trainingshifataraislam
 
Control and audit of information System (hendri eka saputra)
Control and audit of information System (hendri eka saputra)Control and audit of information System (hendri eka saputra)
Control and audit of information System (hendri eka saputra)Hendri Eka Saputra
 
293504541-ict-its4-03-0811-assist-with-policy-development-for-client-support-...
293504541-ict-its4-03-0811-assist-with-policy-development-for-client-support-...293504541-ict-its4-03-0811-assist-with-policy-development-for-client-support-...
293504541-ict-its4-03-0811-assist-with-policy-development-for-client-support-...kndnewguade
 
5 Steps to Improve Your Incident Response Plan
5 Steps to Improve Your Incident Response Plan5 Steps to Improve Your Incident Response Plan
5 Steps to Improve Your Incident Response PlanResilient Systems
 

Mais conteĂşdo relacionado

Mais procurados

IT Control Objectives for SOX
IT Control Objectives for SOXIT Control Objectives for SOX
IT Control Objectives for SOXMahesh Patwardhan
 
CISA Domain- 1 - InfosecTrain
CISA Domain- 1 - InfosecTrainCISA Domain- 1 - InfosecTrain
CISA Domain- 1 - InfosecTrainInfosecTrain
 
Business continuity management system
Business continuity management systemBusiness continuity management system
Business continuity management systemsubbusai82
 
Level 3
Level 3Level 3
Level 3GWC GROUP
 
3 2006 06 cs6 4 gait principles v3a
3 2006 06 cs6 4 gait principles v3a3 2006 06 cs6 4 gait principles v3a
3 2006 06 cs6 4 gait principles v3aGene Kim
 
Internal financial control - how ready are you - Webinar
Internal financial control - how ready are you - WebinarInternal financial control - how ready are you - Webinar
Internal financial control - how ready are you - WebinarAli Zeeshan
 
IFC - Internal Financial Control
IFC - Internal Financial Control IFC - Internal Financial Control
IFC - Internal Financial Control Dr. Dhirendra Gautam
 
Internal audit RBIA and Lifecyle approach
Internal audit RBIA and Lifecyle approachInternal audit RBIA and Lifecyle approach
Internal audit RBIA and Lifecyle approachsubbusai82
 
Introduction to it auditing
Introduction to it auditingIntroduction to it auditing
Introduction to it auditingDamilola Mosaku
 
IT Audit For Non-IT Auditors
IT Audit For Non-IT AuditorsIT Audit For Non-IT Auditors
IT Audit For Non-IT AuditorsEd Tobias
 
Topic 02 human and organizational factors in process industry
Topic 02 human and organizational factors in process industryTopic 02 human and organizational factors in process industry
Topic 02 human and organizational factors in process industryBasitali Nevarekar
 
Ch2 2009 cisa
Ch2 2009 cisaCh2 2009 cisa
Ch2 2009 cisaasrulsani09
 
Information system control and audit
Information system control and auditInformation system control and audit
Information system control and auditAstri Stiawaty
 

Mais procurados (17)

Cisa domain 1
Cisa domain 1 Cisa domain 1
Cisa domain 1
 
IT Control Objectives for SOX
IT Control Objectives for SOXIT Control Objectives for SOX
IT Control Objectives for SOX
 
CISA Domain- 1 - InfosecTrain
CISA Domain- 1 - InfosecTrainCISA Domain- 1 - InfosecTrain
CISA Domain- 1 - InfosecTrain
 
Business continuity management system
Business continuity management systemBusiness continuity management system
Business continuity management system
 
008.itsecurity bcp v1
008.itsecurity bcp v1008.itsecurity bcp v1
008.itsecurity bcp v1
 
Level 3
Level 3Level 3
Level 3
 
3 2006 06 cs6 4 gait principles v3a
3 2006 06 cs6 4 gait principles v3a3 2006 06 cs6 4 gait principles v3a
3 2006 06 cs6 4 gait principles v3a
 
Internal financial control - how ready are you - Webinar
Internal financial control - how ready are you - WebinarInternal financial control - how ready are you - Webinar
Internal financial control - how ready are you - Webinar
 
human factor loop
human factor loophuman factor loop
human factor loop
 
IFC - Internal Financial Control
IFC - Internal Financial Control IFC - Internal Financial Control
IFC - Internal Financial Control
 
Internal audit RBIA and Lifecyle approach
Internal audit RBIA and Lifecyle approachInternal audit RBIA and Lifecyle approach
Internal audit RBIA and Lifecyle approach
 
Steps in it audit
Steps in it auditSteps in it audit
Steps in it audit
 
Introduction to it auditing
Introduction to it auditingIntroduction to it auditing
Introduction to it auditing
 
IT Audit For Non-IT Auditors
IT Audit For Non-IT AuditorsIT Audit For Non-IT Auditors
IT Audit For Non-IT Auditors
 
Topic 02 human and organizational factors in process industry
Topic 02 human and organizational factors in process industryTopic 02 human and organizational factors in process industry
Topic 02 human and organizational factors in process industry
 
Ch2 2009 cisa
Ch2 2009 cisaCh2 2009 cisa
Ch2 2009 cisa
 
Information system control and audit
Information system control and auditInformation system control and audit
Information system control and audit
 

Semelhante a FixNix 17 products1.0

CISM_WK_2.pptx
CISM_WK_2.pptxCISM_WK_2.pptx
CISM_WK_2.pptxdotco
 
Assessing risks and internal controls training
Assessing risks and internal controls trainingAssessing risks and internal controls training
Assessing risks and internal controls trainingshifataraislam
 
Control and audit of information System (hendri eka saputra)
Control and audit of information System (hendri eka saputra)Control and audit of information System (hendri eka saputra)
Control and audit of information System (hendri eka saputra)Hendri Eka Saputra
 
293504541-ict-its4-03-0811-assist-with-policy-development-for-client-support-...
293504541-ict-its4-03-0811-assist-with-policy-development-for-client-support-...293504541-ict-its4-03-0811-assist-with-policy-development-for-client-support-...
293504541-ict-its4-03-0811-assist-with-policy-development-for-client-support-...kndnewguade
 
5 Steps to Improve Your Incident Response Plan
5 Steps to Improve Your Incident Response Plan5 Steps to Improve Your Incident Response Plan
5 Steps to Improve Your Incident Response PlanResilient Systems
 
PECB Webinar: Performing an EMS Audit (gathering objective evidence) – closer...
PECB Webinar: Performing an EMS Audit (gathering objective evidence) – closer...PECB Webinar: Performing an EMS Audit (gathering objective evidence) – closer...
PECB Webinar: Performing an EMS Audit (gathering objective evidence) – closer...PECB
 
Implementing Asset Management System with ISO 55001
Implementing Asset Management System with ISO 55001Implementing Asset Management System with ISO 55001
Implementing Asset Management System with ISO 55001PECB
 
This ppt contains from chapter 6-10 and 13 of Maintenance and installation.
This ppt contains from chapter 6-10 and 13 of Maintenance and installation.This ppt contains from chapter 6-10 and 13 of Maintenance and installation.
This ppt contains from chapter 6-10 and 13 of Maintenance and installation.GemechisEdosa2
 
Dancyrityshy 1foundatioieh
Dancyrityshy 1foundatioiehDancyrityshy 1foundatioieh
Dancyrityshy 1foundatioiehAnne Starr
 
Segregation of duties in SAP @ ISACA Pune presentation on 18.4.2015
Segregation of duties in SAP @ ISACA Pune presentation on 18.4.2015 Segregation of duties in SAP @ ISACA Pune presentation on 18.4.2015
Segregation of duties in SAP @ ISACA Pune presentation on 18.4.2015 CA CISA Jayjit Biswas
 
Database auditing models
Database auditing models Database auditing models
Database auditing models ERSHUBHAM TIWARI
 
Tugas control & audit sistem informasi
Tugas control & audit sistem informasiTugas control & audit sistem informasi
Tugas control & audit sistem informasiNur Fatrianti
 
Privacy & Security Controls In Vendor Management Al Raymond
Privacy & Security Controls In Vendor Management Al RaymondPrivacy & Security Controls In Vendor Management Al Raymond
Privacy & Security Controls In Vendor Management Al Raymondspencerharry
 
The tasks You are assumed to be one of the software consultants .docx
The tasks You are assumed to be one of the software consultants .docxThe tasks You are assumed to be one of the software consultants .docx
The tasks You are assumed to be one of the software consultants .docxsarah98765
 
Internal control system
Internal control systemInternal control system
Internal control systemMadiha Hassan
 
Internal control system
Internal control systemInternal control system
Internal control systemMadiha Hassan
 
The Importance of Security within the Computer Environment
The Importance of Security within the Computer EnvironmentThe Importance of Security within the Computer Environment
The Importance of Security within the Computer EnvironmentAdetula Bunmi
 
Raising Red Flags - 07/2009
Raising Red Flags - 07/2009Raising Red Flags - 07/2009
Raising Red Flags - 07/2009rogersons
 
Using Modelling and Simulation for Policy Decision Support in Identity Manage...
Using Modelling and Simulation for Policy Decision Support in Identity Manage...Using Modelling and Simulation for Policy Decision Support in Identity Manage...
Using Modelling and Simulation for Policy Decision Support in Identity Manage...gueste4e93e3
 

Semelhante a FixNix 17 products1.0 (20)

CISM_WK_2.pptx
CISM_WK_2.pptxCISM_WK_2.pptx
CISM_WK_2.pptx
 
Assessing risks and internal controls training
Assessing risks and internal controls trainingAssessing risks and internal controls training
Assessing risks and internal controls training
 
Control and audit of information System (hendri eka saputra)
Control and audit of information System (hendri eka saputra)Control and audit of information System (hendri eka saputra)
Control and audit of information System (hendri eka saputra)
 
293504541-ict-its4-03-0811-assist-with-policy-development-for-client-support-...
293504541-ict-its4-03-0811-assist-with-policy-development-for-client-support-...293504541-ict-its4-03-0811-assist-with-policy-development-for-client-support-...
293504541-ict-its4-03-0811-assist-with-policy-development-for-client-support-...
 
5 Steps to Improve Your Incident Response Plan
5 Steps to Improve Your Incident Response Plan5 Steps to Improve Your Incident Response Plan
5 Steps to Improve Your Incident Response Plan
 
PECB Webinar: Performing an EMS Audit (gathering objective evidence) – closer...
PECB Webinar: Performing an EMS Audit (gathering objective evidence) – closer...PECB Webinar: Performing an EMS Audit (gathering objective evidence) – closer...
PECB Webinar: Performing an EMS Audit (gathering objective evidence) – closer...
 
Implementing Asset Management System with ISO 55001
Implementing Asset Management System with ISO 55001Implementing Asset Management System with ISO 55001
Implementing Asset Management System with ISO 55001
 
This ppt contains from chapter 6-10 and 13 of Maintenance and installation.
This ppt contains from chapter 6-10 and 13 of Maintenance and installation.This ppt contains from chapter 6-10 and 13 of Maintenance and installation.
This ppt contains from chapter 6-10 and 13 of Maintenance and installation.
 
Dancyrityshy 1foundatioieh
Dancyrityshy 1foundatioiehDancyrityshy 1foundatioieh
Dancyrityshy 1foundatioieh
 
Segregation of duties in SAP @ ISACA Pune presentation on 18.4.2015
Segregation of duties in SAP @ ISACA Pune presentation on 18.4.2015 Segregation of duties in SAP @ ISACA Pune presentation on 18.4.2015
Segregation of duties in SAP @ ISACA Pune presentation on 18.4.2015
 
Database auditing models
Database auditing models Database auditing models
Database auditing models
 
Tugas control & audit sistem informasi
Tugas control & audit sistem informasiTugas control & audit sistem informasi
Tugas control & audit sistem informasi
 
Privacy & Security Controls In Vendor Management Al Raymond
Privacy & Security Controls In Vendor Management Al RaymondPrivacy & Security Controls In Vendor Management Al Raymond
Privacy & Security Controls In Vendor Management Al Raymond
 
The tasks You are assumed to be one of the software consultants .docx
The tasks You are assumed to be one of the software consultants .docxThe tasks You are assumed to be one of the software consultants .docx
The tasks You are assumed to be one of the software consultants .docx
 
Internal control system
Internal control systemInternal control system
Internal control system
 
Internal control system
Internal control systemInternal control system
Internal control system
 
The Importance of Security within the Computer Environment
The Importance of Security within the Computer EnvironmentThe Importance of Security within the Computer Environment
The Importance of Security within the Computer Environment
 
Raising Red Flags - 07/2009
Raising Red Flags - 07/2009Raising Red Flags - 07/2009
Raising Red Flags - 07/2009
 
social audit
social auditsocial audit
social audit
 
Using Modelling and Simulation for Policy Decision Support in Identity Manage...
Using Modelling and Simulation for Policy Decision Support in Identity Manage...Using Modelling and Simulation for Policy Decision Support in Identity Manage...
Using Modelling and Simulation for Policy Decision Support in Identity Manage...
 

Mais de FixNix Inc.,

RBI Cyber Security Guidelines- FixNix GRC
RBI Cyber Security Guidelines- FixNix GRCRBI Cyber Security Guidelines- FixNix GRC
RBI Cyber Security Guidelines- FixNix GRCFixNix Inc.,
 
FoFN Friends of FixNix Partner briefing - Aug 2nd
FoFN Friends of FixNix Partner briefing - Aug 2ndFoFN Friends of FixNix Partner briefing - Aug 2nd
FoFN Friends of FixNix Partner briefing - Aug 2ndFixNix Inc.,
 
Fix nix GRC DEMO FOR RISK TEAM MPHASIS
Fix nix GRC DEMO FOR RISK TEAM MPHASISFix nix GRC DEMO FOR RISK TEAM MPHASIS
Fix nix GRC DEMO FOR RISK TEAM MPHASISFixNix Inc.,
 
FixNix corporate profile
FixNix corporate profileFixNix corporate profile
FixNix corporate profileFixNix Inc.,
 
Fixnix us vc_v3.0
Fixnix us vc_v3.0Fixnix us vc_v3.0
Fixnix us vc_v3.0FixNix Inc.,
 
Fix nix, inc.
Fix nix, inc.Fix nix, inc.
Fix nix, inc.FixNix Inc.,
 
New Business Model v1
New Business Model v1New Business Model v1
New Business Model v1FixNix Inc.,
 
Business model israel_v1.0
Business model israel_v1.0Business model israel_v1.0
Business model israel_v1.0FixNix Inc.,
 
Fix nix, inc
Fix nix, incFix nix, inc
Fix nix, incFixNix Inc.,
 
Fixnixbusinessmodelv1.0
Fixnixbusinessmodelv1.0Fixnixbusinessmodelv1.0
Fixnixbusinessmodelv1.0FixNix Inc.,
 
Fix nix business model for npc
Fix nix business model for npcFix nix business model for npc
Fix nix business model for npcFixNix Inc.,
 
Fixnix GRC Suite A Glance
Fixnix GRC Suite A GlanceFixnix GRC Suite A Glance
Fixnix GRC Suite A GlanceFixNix Inc.,
 
FixNix GRC suite
FixNix GRC suiteFixNix GRC suite
FixNix GRC suiteFixNix Inc.,
 
Choosing an open source log management system for small business
Choosing an open source log management system for small businessChoosing an open source log management system for small business
Choosing an open source log management system for small businessFixNix Inc.,
 
Lets understand the GRC market well with Ponemon analysis- FixNix
Lets understand the GRC market well with Ponemon analysis- FixNixLets understand the GRC market well with Ponemon analysis- FixNix
Lets understand the GRC market well with Ponemon analysis- FixNixFixNix Inc.,
 
Fix Nix deck
Fix Nix deckFix Nix deck
Fix Nix deckFixNix Inc.,
 
FixNix Pitch
FixNix PitchFixNix Pitch
FixNix PitchFixNix Inc.,
 
GRC 101 ISACA Bengaluru on 28th Dec 2013
GRC 101 ISACA Bengaluru on 28th Dec 2013GRC 101 ISACA Bengaluru on 28th Dec 2013
GRC 101 ISACA Bengaluru on 28th Dec 2013FixNix Inc.,
 
ISACA session about GRC
ISACA session about GRCISACA session about GRC
ISACA session about GRCFixNix Inc.,
 

Mais de FixNix Inc., (20)

RBI Cyber Security Guidelines- FixNix GRC
RBI Cyber Security Guidelines- FixNix GRCRBI Cyber Security Guidelines- FixNix GRC
RBI Cyber Security Guidelines- FixNix GRC
 
FoFN Friends of FixNix Partner briefing - Aug 2nd
FoFN Friends of FixNix Partner briefing - Aug 2ndFoFN Friends of FixNix Partner briefing - Aug 2nd
FoFN Friends of FixNix Partner briefing - Aug 2nd
 
Fix nix GRC DEMO FOR RISK TEAM MPHASIS
Fix nix GRC DEMO FOR RISK TEAM MPHASISFix nix GRC DEMO FOR RISK TEAM MPHASIS
Fix nix GRC DEMO FOR RISK TEAM MPHASIS
 
FixNix corporate profile
FixNix corporate profileFixNix corporate profile
FixNix corporate profile
 
Vc us v4.0
Vc us v4.0Vc us v4.0
Vc us v4.0
 
Fixnix us vc_v3.0
Fixnix us vc_v3.0Fixnix us vc_v3.0
Fixnix us vc_v3.0
 
Fix nix, inc.
Fix nix, inc.Fix nix, inc.
Fix nix, inc.
 
New Business Model v1
New Business Model v1New Business Model v1
New Business Model v1
 
Business model israel_v1.0
Business model israel_v1.0Business model israel_v1.0
Business model israel_v1.0
 
Fix nix, inc
Fix nix, incFix nix, inc
Fix nix, inc
 
Fixnixbusinessmodelv1.0
Fixnixbusinessmodelv1.0Fixnixbusinessmodelv1.0
Fixnixbusinessmodelv1.0
 
Fix nix business model for npc
Fix nix business model for npcFix nix business model for npc
Fix nix business model for npc
 
Fixnix GRC Suite A Glance
Fixnix GRC Suite A GlanceFixnix GRC Suite A Glance
Fixnix GRC Suite A Glance
 
FixNix GRC suite
FixNix GRC suiteFixNix GRC suite
FixNix GRC suite
 
Choosing an open source log management system for small business
Choosing an open source log management system for small businessChoosing an open source log management system for small business
Choosing an open source log management system for small business
 
Lets understand the GRC market well with Ponemon analysis- FixNix
Lets understand the GRC market well with Ponemon analysis- FixNixLets understand the GRC market well with Ponemon analysis- FixNix
Lets understand the GRC market well with Ponemon analysis- FixNix
 
Fix Nix deck
Fix Nix deckFix Nix deck
Fix Nix deck
 
FixNix Pitch
FixNix PitchFixNix Pitch
FixNix Pitch
 
GRC 101 ISACA Bengaluru on 28th Dec 2013
GRC 101 ISACA Bengaluru on 28th Dec 2013GRC 101 ISACA Bengaluru on 28th Dec 2013
GRC 101 ISACA Bengaluru on 28th Dec 2013
 
ISACA session about GRC
ISACA session about GRCISACA session about GRC
ISACA session about GRC
 

Último

The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfkalichargn70th171
 
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEBATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEOrtus Solutions, Corp
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxComplianceQuest1
 
Cloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackCloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackVICTOR MAESTRE RAMIREZ
 
Asset Management Software - Infographic
Asset Management Software - InfographicAsset Management Software - Infographic
Asset Management Software - InfographicHr365.us smith
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...harshavardhanraghave
 
why an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfwhy an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfjoe51371421
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideChristina Lin
 
Introduction to Decentralized Applications (dApps)
Introduction to Decentralized Applications (dApps)Introduction to Decentralized Applications (dApps)
Introduction to Decentralized Applications (dApps)Intelisync
 
EY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityEY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityNeo4j
 
Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)OPEN KNOWLEDGE GmbH
 
chapter--4-software-project-planning.ppt
chapter--4-software-project-planning.pptchapter--4-software-project-planning.ppt
chapter--4-software-project-planning.pptkotipi9215
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...ICS
 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...OnePlan Solutions
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxbodapatigopi8531
 
Engage Usergroup 2024 - The Good The Bad_The Ugly
Engage Usergroup 2024 - The Good The Bad_The UglyEngage Usergroup 2024 - The Good The Bad_The Ugly
Engage Usergroup 2024 - The Good The Bad_The UglyFrank van der Linden
 
Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software DevelopersVinodh Ram
 
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataAdobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataBradBedford3
 

Último (20)

The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
 
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEBATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docx
 
Cloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackCloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStack
 
Asset Management Software - Infographic
Asset Management Software - InfographicAsset Management Software - Infographic
Asset Management Software - Infographic
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
 
why an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfwhy an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdf
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
 
Introduction to Decentralized Applications (dApps)
Introduction to Decentralized Applications (dApps)Introduction to Decentralized Applications (dApps)
Introduction to Decentralized Applications (dApps)
 
EY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityEY_Graph Database Powered Sustainability
EY_Graph Database Powered Sustainability
 
Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)
 
chapter--4-software-project-planning.ppt
chapter--4-software-project-planning.pptchapter--4-software-project-planning.ppt
chapter--4-software-project-planning.ppt
 
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
 
Exploring iOS App Development: Simplifying the Process
Exploring iOS App Development: Simplifying the ProcessExploring iOS App Development: Simplifying the Process
Exploring iOS App Development: Simplifying the Process
 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptx
 
Engage Usergroup 2024 - The Good The Bad_The Ugly
Engage Usergroup 2024 - The Good The Bad_The UglyEngage Usergroup 2024 - The Good The Bad_The Ugly
Engage Usergroup 2024 - The Good The Bad_The Ugly
 
Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software Developers
 
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataAdobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
 

FixNix 17 products1.0

  • 1. FixNix InfoSec Solutions GRC Suite of 17 Products
  • 2. How FixNix add value? •Process Automation: By automating the compliance management processes the organization will dramatically reduce the time being spent by staff members, line managers, and senior managers on risk and compliance related activities. •Collaboration: Employees are able to carry out team activities in a productive manner with the collaborative environment that FixNix provides. •Consistent Process: FixNix enforces a consistent process across the enterprise, eliminating any deviations and error eliminating the cost and time associated with repeated processes and multiple checks. •Resource Utilization:With the entire compliance process streamlined and automated with the FixNix solution, the organization can better utilize its resources. •Comprehensive Visibility: Comprehensive visibility provided by FixNix has lowered the risk of non-compliance and executives can be assured of higher customer and investor confidence.
  • 3. Enable Federated organizational structure and leverage technology for sustainability, consistency, efficiency and transparency across this organizational architecture. Managing documentation, risk, controls and reporting of internal controls having a number of limitations Challenges faced by industry in Compliance process
  • 4. The system lacked role-based views, making it difficult for stakeholders such as executives to use the system. •There was no easy way to share risks and controls between processes in the system. As a result, the compliance teams ended up having to define a number of redundant controls in their existing system. This redundancy made change management very challenging. •The system lacked document management and change reporting capabilities. Although current versions were readily available, comparison of controls and documents to prior periods was completely manual and it was difficult to implement strict access control or deploy a streamlined process for change management.
  • 5. FixNix Asset Management can cater the needs of •ISO Asset Management Workflows •ITIL Asset Management •Maintaining CMDB •Asset Gap Analysis and Asset Protection Platform
  • 7. Asset Registry / Inventory Phase
  • 8. Asset Registry / Inventory Phase •This phase mainly involves the creation of assets. •You are prompted to provide the following properties for any asset creation. Physical Properties(like IP, MAC, asset sub type etc.,) Security Properties(like C/I/A values etc) Assignment Properties(like asset custodian, owner, user, current location etc) Current level of protection (You can alternately use the import feature for bulk addition of any kind of asset.)
  • 9. Type of Assets you can maintain with FixNix Asset Registry •Information Assets •Computer / Servers •Source Code Assets •Service Assets •Mobile Assets •Document Assets •Miscellaneous (Coffee Machine, Printers & any other Consumable Assets) •Vehicle Assets
  • 10.
  • 11.
  • 12.
  • 13.
  • 14.
  • 15.
  • 17. Assessment / Evaluation Phase The evaluator / CIO needs to understand the current level of protection and is responsible for defining the controls in the below classifications. •Labelling •Transport / Transmission •Addressing •Storage •Disposal
  • 18.
  • 19.
  • 21. Action Phase – Custodian Role Custodian is responsible for implementing the controls that are recommended by evaluator/CIO and needs to describe the action statements taken by him and is responsible for providing the evidence documents.
  • 22. Action Phase – Owner Role Owner is responsible for defining fair usage policies and he needs to communicate it with all the asset users. He needs to get acknowledgement from all the asset users that they have understood and accepted the policies.
  • 23.
  • 25. Review Phase The evaluator needs to review to the actions taken by custodian and owner. Reviewer is supposed to take a decision on the actions and he needs to define a closure statement and a next review date
  • 26.
  • 28. •Definition of Whistle- Blowing One who reveals wrong-doing within an organization to the public or to those in positions of authority. One who discloses information about misconduct in their workplace that they feel violates the law or endangers the welfare of others. One who speaks out, typically to expose corruption or dangers to the public or environment.
  • 29. •Types of Whistle-Blowing •Internal Whistle-Blowing When an individual advocates beliefs or revelations within the organization. •External Whistle- Blowing When and individual advocates beliefs or revelations outside the organization.
  • 30. •Stages of Whistle- Blowing Mainly three stages of whistle blowing given below 1.Blow the whistle 2.View Status 3.Evaluator Login
  • 31. •Blow the Whistle Blow the Whistle Here we should mention what type of whistle and to whom you want send complaint whistle. Requester Information  Details description of whistle complaint and what is your idea to solve the problem. Submission Rules and regulation about whistle
  • 32. •Blow the Whistle Blow the Whistle Here we should mention what type of whistle and to whom you want send complaint whistle. Requester Information  Details description of whistle complaint and what is your idea to solve the problem. Submission Rules and regulation about whistle
  • 33. •Requester Information Blow the Whistle Here we should mention what type of whistle and to whom you want send complaint whistle. Requester Information  Details description of whistle complaint and what is your idea to solve the problem. Submission Rules and regulation about whistle
  • 34. •Requester Information Blow the Whistle Here we should mention what type of whistle and to whom you want send complaint whistle. Requester Information  Details description of whistle complaint and what is your idea to solve the problem. Submission Rules and regulation about whistle
  • 35. •Submission lHere only mentioned all rules and regulation of whistle complaint. l1.First each person should accept the rules and regulations l2.Then person can file a whistle
  • 37. View status A person who informs on a person or organization regarded as engaging in an unlawful or immoral activity. Person can check given below Person can check status of whistle complaint Person can add comment and send mail to authority person. Person can check the entered information
  • 40. Evaluator Login lEvaluator can do following things are lEvaluator can view the whistle complaints lEvaluator can give solution to particular problem lEvaluator can chat to person lEvaluator can update the status of whistle complaint
  • 42. Analyzing the Resources: The analysis phase consists of impact analysis, threat analysis and impact scenarios for Resources. If impact is Critical, two values are assigned:  Recovery Point Objective (RPO) – the acceptable latency of data that will not be recovered  Recovery Time Objective (RTO) – the acceptable amount of time to restore the function The recovery time objective must ensure that the Maximum Tolerable Period of Disruption (MTPoD) for each activity is not exceeded.
  • 43.
  • 44.
  • 45.
  • 46. Business Plan: These phase identifies the most cost-effective disaster recovery solution that meets two main requirements from the impact analysis stage. Analysing the Operating Expenses(OPEX) and Capital Expenditure(CAPEX) for the designing Business Plan.
  • 47.
  • 48.
  • 49. Implementation: These Stage defines whether the Business Plan is Implemented or not. Any Queries/Actions need to take? The implementation phase involves policy changes, material acquisitions, staffing and testing.
  • 50.
  • 51. Acceptance and Testing: The purpose of testing is to achieve organizational acceptance that the solution satisfies the recovery requirements. Plans may fail to meet expectations due to insufficient or inaccurate recovery requirements, solution design flaws or solution implementation errors. Testing May include: Table-Top Exercise Functional Test
  • 52.
  • 53. Maintenance Phase: Maintenance Cycle is divide to 3 parts: Monthly Annually Bi-Annually Issues found during the testing phase often must be reintroduced to the analysis phase.
  • 54.
  • 56. Main Features Single repository for regulations and standards Centralized repository for compliance related organizational data Allow for gathering of data from non technology sources such as people Map compliance data to regulations and standards Allow for generation of reports, export data for use with other systems within an organization
  • 57. Title and Content Layout with Chart
  • 58.
  • 59. Main Features Provide management dashboards for compliance status with the ability to drill down across departments, geographies etc. Allow for creation of custom compliance frameworks or modify existing ones Provide reminders to people for addressing compliance related tasks in an optimal manner Manage exceptions and activities related to compliance Provide an exhaustive audit trail for all compliance related actions through the whole process
  • 60.
  • 61.
  • 62.
  • 63. FRAUD MANAGEMNET SYSTEM {Automate the alerting and prevention of fraudulent activities}
  • 64. Fraud is a type of criminal activity, defined as: •‘Abuse of position, or false representation, or prejudicing someone's rights for personal gain'. •Put simply, fraud is an act of deception intended for personal gain or to cause a loss to another party. The general criminal offence of fraud can include: •Deception whereby someone knowingly makes false representation or they fail to disclose information or they abuse a position. •Fraudsters are always finding new ways to trick you out of your money. What is a Fraud?
  • 65. What is Fraud Management System? •Fraud Management System (FMS) that allows you to analyze data from any source{Eg: Whistle Blower}, investigate hypotheses to discover new patterns and root causes, identify fraudulent activity in real time, and manage workflows that eliminate threats. •Fraud Management Systems are used to automate the alerting and prevention of fraudulent activities and to exclude the “human factor”.
  • 66. Fraud costs public and private enterprises hundreds of billions of dollars each year. „ Exponential increase of frequency and sophistication of fraud, waste, and abuse. „ Diverse, complex, and constantly changing fraud schemes and strategies. „ Huge volumes of data from multiple sources. „ Operational and organizational silos What Are the Challenges for Companies?
  • 67. •The typical organization loses 5% of its revenues to fraud. •2011 estimated and projected global total fraud loss $3.5 trillion. How big is the problem?
  • 68. •Decrease fraud losses through real-time analysis. •Improve operational efficiency by automated processes. •Improve investigator efficiency with real-time analyses and metrics. •Maximize detection efficiency by early identification and prediction of future risk. •Improve process efficiency through real-time monitoring. •Investigate, analyze and prevent fraud in ultra-high volume environments Fraud Management Benefits
  • 69. •If your company is at risk for significant financial loss as a result of fraud, Fixnix Fraud Management is certainly worth a look at a very low cost compared to other GRC competitors. •First quantify the risk and then assess the cost of your current efforts to contain and mitigate that risk. • If you employ fraud investigators, you must have some measure of their success and chances are you measure the number of potential cases investigated, along with the number of real occurrences of fraud. •The goal should not necessarily be to increase the number of cases of fraud detected, but to detect fraud more quickly and to minimize the number of cases you chase that lead to no fraud (fewer cases of false positives). Recommendations
  • 71.
  • 73.
  • 75.
  • 83. FixNix Policy Management ●With FixNix Policy Management, you gain a meaningful understanding of what governs your business and can formulate policies appropriately to assist achieving corporate objectives and demonstrating compliances ●Key Benefits oReduction in the time and effort required to create and update policies. oMapping with Standards and Controls oCommunication of Policies are made easy oReports Generation oDashboards with drill down charts oVersion Management of Policies are made in a consistent manner.
  • 85. New Policy Create your policies in a 5 easy steps Step 1: General Information Step 2: Scope, Purpose & Description Step 3: Mapping Standards & Controls Step 4: Assign the handlers Step 5: Date & Other settings
  • 86. Step 1: General Information
  • 87. Step 5: Date and Others
  • 88. Step 2: Scope, Purpose and Description
  • 89. Step 2: Mapping Standards and Controls
  • 92. View Policy Creating a new version of your policy. Can view all the versions of policy
  • 97. Incidents can be any failure or interruption to an IT service or a Configuration Item/Asset. These can get created from From Event Management From Web Interface User Phone Call Email Technician Staff
  • 103. Fixnix Contract Management is a web-based tool designed to automate the entire contract process end-to-end. It simplifies the way contracts are managed, tracked and reported. An automated contract management process involves 3 “lifecycle” stages: File contract, Approval & renewal. Full-featured automated contract management should allow you to have complete visibility and control over any given contract from its inception to its renewal. For each step in the contract management process, automated solutions prevent clogs and speed up sales cycles. Integrating FixNix Contract Management into your business process will effectively enforce compliance & mitigate business risks, and acts as a directory of information for all your clients and candidates.
  • 104. File
  • 108. objectives •Government Watch List (what they are, laws, and enforcement actions) •HIPAA, how it affects facilities from a vendor perspective, BAA’s, etc. •Immunization testing, what is required, CDC and OSHA regulations •Training requirements, and OSHA rules and regulations •Access Controls
  • 109.
  • 110. What to do - 10,000 Foot Establish a Vendor Relationship Policy Establish a formal process for annual vendor reviews Assign and train vendor relationship managers Establish a mechanism for tracking vendor management activities
  • 111. Which Vendors All Vendors get costly Which group of vendors give you the best bang for your buck? Access to Customer Information Critical for Operations Critical to Customer Service Based on $ amount of the contract Otherwise visible/high risk (website host, video equipment in the CEO’s office)
  • 112. The Vendor Manager role Who Centralized Distributed (with centralized management) Skillset and tools Time Requirements Accountability
  • 113. Tools Overview Vendor Management Policy Annual review checklist Critical Statistics Vendor Contract and SLA Vendor Management Records Open and Resolved Issues List Vendor financial and third party review reports
  • 114. Vendor Management Policy Describes the organizations beliefs, objectives, and general procedures related to vendor management/service provider oversight Key things in ours Required/recommended vendors Assignment of responsibilities Accountability Basics of annual reviews
  • 115. Tools –Vendor Contract and SLA Outlines the services provided and expectations of each entity Outlines recourse for resolving issues Where is the vendor contract stored Contract termination date Date or period of notice prior to renewal or termination Insurance coverage of the carrier Privacy and other regulatory expectations
  • 116. Tools –Vendor Management Records Records and reports of previous vendor management activities for this vendor Used to identify trends Reminder of concerns from prior reviews, have these been resolved?
  • 117. What Does It Mean To Healthcare? •Vendor Management = Risk Management •Managing Risk to patients –healthcare-associated infections account for an estimated 1.7 million infections and 99,000 associated deaths each year –13,779 TB cases (a rate of 4.6 cases per 100,000 persons) were reported in the United States in 2006. –Patient Privacy and Patient Rights •Security of the hospital and hospital property •Managing Conflict of Interest •Cost controls with proper device and medication approval processes
  • 118. Risk reduction •Access Controls –Cold Calling –Appointment setting –Medical mistakes due to interruptions Without Interruption With Interruption Procedural failure rate 69.6% 84.6% (with three interruptions) Clincal error (at least one) 25.3% 38.9% (with three interruptions) Estimated risk of major error 2.3% 4.7% (with four interruptions)
  • 119. Challenges Facing A Facility •Vendor Company –Financials •Bankruptcies •Liens •Judgments –Legal Standing •Involved with Anti-Kickback Legislation –Liability Insurance –HUB’s –Conflict of Interest •Vendor Representatives –Immunizations •MMR •TB •Varicella •Influenza –Cold Calling –Background Check –Conflict of Interest –Contact Information –Proper Training
  • 120. Choices Develop your own system Use a service Cost – Human capital – Design the system – Programming – Manage the information – Development time – Administer the program – Higher cost to vendor community  Cost –Normally at no or little cost to you –Administer the program –Lower cost to vendor community
  • 121. How fixnix helps to tackle this ?
  • 123. Approve or reject vendors

Notas do Editor

  1. 1
  2. 57
  3. 58
  4. 60
  5. 76