6. GRC TOOL USERS
3%
20%
28%
6%
7%
12%
24%
51% were
manager level
and above
49% were
director level
and above
Other
Professionals
Managers
Executives
Senior VP
VP
Director
7. ALIGNMENT OF TECHNOLOGY WITH
GRC NEEDS
27% •Aligned
70% •Unaligned
3% •Unsure
• Regulatory change in double in the
past five years
• Agile dynamic GRC information and
technology architecture is need
• Integrated system with content
feeds, advanced analytics and
distributed through out the
enterprise.
• Impacts on organization’s strategy,
performance, objectives and
integrity
8. ORGANIZATIONS SPENDING FOR
CURRENT GRC TOOL.
64% •Increased spending
14% •Decreased Spending
22% •No change in spending
10. ABOUT OUR COMPETITORS
40% Lack of
Functionality
Why
organizations
changing from
GRC solutions
17% Internal
move to one
platform
5% Reduction
6% Lower in Budget
cost
competitor
16% poor
customer
service
12. MARKET GIANTS VS FIXNIX
Market Giants
Rigid
Deployment over head
Complex workflow
No API integration
Cost dependent support plans
FixNix
Customizable and Configurable
Zero setup time
Tailor made work flow
APIs integration possible
End to End support (24/7/365)
13. FIXNIX’S GRC SUITE
Automate every step of your GRC process
Intuitive User-Interface
Easy to adapt
Multiple device compatibility
Extensible GRC Data Model
Integration with any API
Collaborate with all teams
Pricing
14. FIXNIX GRC SUITE CAN…
Increase analytics & rapid
visibility
Improve consistency of
information
Adaptability to regulatory
changes
Reduces price
Improved performance
53%
43%
41%
39%
39%
15. FIXNIX OFFERS
Automate boring task and see immediate ROI’s
Set rules for managing redundant tasks such as reports,
reminder, escalations and let the tool work for you
One click status and report generation
Customizable widgets & drill down dashboards for modules
Programmable Report generation
Advance search and filters
Integrated Dashboard for the whole GRC suite
Bring down human errors drastically
Full life cycle automated with tracking, notification and closing
Compatible with all standards and regulations
17. AUDIT MANAGEMENT TOOL
Audit Plan Calendar for whole of the audits
Automated Reminders, Escalations and Notifications
Simplified Workflows
Dynamic reports and dashboards
Web 3.0 standard drag and drop widgets
Per Audit Dashboards for giving deeper insights.
Supports both Compliance and Non Compliance Audits
Inbuilt Document Management
Designed for ISO27001, HIPAA, FISMA, PCIDSS, Legal and
Insurance Audits
18. RISK MANAGEMENT TOOL
Transform IT risk into business-relevant risk metrics
Visualize current risk exposure and analyze historical trends.
Design mitigation plans.
Prioritize remediation efforts based on business risk rather than
technical severity
Work with key business stakeholders to make consistent plans
for better security practices within their business and monitor
progress against these plans on an ongoing basis
Ability to define a virtual business asset based on key business
processes
19. RISK MANAGEMENT TOOL
Ability to group all IT assets that are associated with a virtual
business asset and apply and monitor controls for a targeted view of
IT risk posture.
Ability to set risk thresholds, alerts, and notifications on dashboards
to better monitor IT risk levels
Customize dashboards to illustrate different views of IT risks for
multiple stakeholders including business unit leaders, information
security and IT Operations managers.
Model risk reduction to facilitate evaluation of different
remediation options.
Ability to monitor risk reduction over time as scheduled
remediation activities take place.
20. ASSET MANAGEMENT
ISO Asset Management Workflows
ITIL Asset Management
Maintain CMDB
Asset Gap Analysis and Asset Protection Platform
Tag your assets with Incidents, Risks, Vendors and Contracts.
Get reminders and notifications for activities like software expiries, computer
audits and many more.
Instant calendar views for better control of your assets.
Single click bulk addition through CSV imports.
API Integrations with various asset discovery tools
Track all your assets in a single place and manage asset lifecycles
Drilldown dashboards & reports.
Define fair usage policies and communicate with asset users
Dynamic asset types
Asset discovery on LAN(Coming Soon)
21. POLICY MANAGEMENT TOOL
With FixNix Policy Management, you gain a meaningful
understanding of what governs your business and can formulate
policy appropriately to assist achieving corporate objectives and
demonstrating compliances.
Key Benefits
Reduction in the time and effort required to create and update
policies.
Mapping with standards and Control
Communication of policies are made easy.
Reports Generation
Dashboard with drill down charts
Version Management of policies are made in consistent manner
22. SECURITY INCIDENT MANAGEMENT
Incident Identification and Incident Logging.
Automatic Dispatch of Incidents
Incident Diagnosis & Escalations
Incident Resolution and Recovery
Incident Closure
Control of hours spent on tickets
Satisfaction Survey
Functional SLA
Programmable reports
Service Levels Management and Service Level Agreements
Restful API that let you integrate any system with Help Desk
through HTTP protocols
23. COMPLIANCE MANAGEMENT TOOL Single repository for regulations and standards
Centralized repository for compliance related organizational data
Allow for gathering of data from non technology sources such as people
Map compliance data to regulations and standards
Allow for generation of reports, export data for use with other systems within an
organization.
Add compliance packages on-the-go.
Custom compliance packages reflects in Audit, Risk and other modules.
Provide management dashboards for compliance status with the ability to drill
down across departments, geographies etc.
Allow for creation of custom compliance frameworks or modify existing ones
Provide reminders to people for addressing compliance related tasks in an optimal
manner
Manage exceptions and activities related to compliance
Provide an exhaustive audit trail for all compliance related actions through the
whole process.
24. WHISTLE-BLOWER
Anonymous reporting
Communicate directly with top management on violations, sexual
harassments and frauds
Improved anonymizing algorithms makes the identity impossible to
track.
Check the integrity of evidence documents with MD5 hash.
25. FRAUD MANAGEMENT
Fraud Management System (FMS) that allows you to analyze data from
any source{Eg: Whistle Blower}, investigate hypotheses to discover new
patterns and root causes, identify fraudulent activity in real time, and
manage workflows that eliminate threats.
Fraud Management Systems are used to automate the alerting and
prevention of fraudulent activities and to exclude the “human factor”.
Decrease fraud losses through real-time analysis.
Improve operational efficiency by automated processes.
Improve investigator efficiency with real-time analyses and metrics.
Maximize detection efficiency by early identification and prediction of
future risk.
Improve process efficiency through real-time monitoring.
Investigate, analyze and prevent fraud in ultra-high volume
environments
26. BUSINESS CONTINUITY
MImpAactN anaAlysGis, EMENT
Threat analysis
Impact scenarios for Resources
Identifies the most cost-effective disaster recovery solution
Identify and manage current and future threats to your business
Take a proactive approach to minimizing the impact of incidents
Keep critical functions up and running during times of crises
Minimize downtime during incidents and improve recovery time
Demonstrate resilience to customers, suppliers and for tender requests
Simulation of Table-Top Exercise
Defines Business Plan is Implementation status
Business model implementation phase helps policy changes, material acquisitions,
staffing and testing.
27. VENDOR MANAGEMENT
Software enabled through the use of FixNix Vendor Manager (a feature within the
tool)
Implementation of the software
Vendor risk assessment content from Shared Assessments program
IT Assessors that assist in evaluating responses from vendors/third parties from a
risk assessment perspective
Ability to point the vendor to our SAAS portal and have them complete an online
questionnaire.
Capability to collect evidence (policies, diagrams, etc.).
Capability to compel a vendor to answer every question or every required question.
Reminder feature with various escalation triggers.
Ability to start with up to 50 vendors in the short run and be able to scale up in
future, as needed.
Ability to support a manual or automated uploading of current vendors into the
tool.
Ability to start customize it based on type of vendor.
Ability to perform automated and assessor-driven risk ratings.
28. CONTRACT MANAGEMENT Manage contracts
Advanced Contract Search Engine
Import scanned signed agreement
Import of scanned old agreement
Contract Attachments
Contact Management along with Contact Template
Classification Management
Contract Repository
Contract authoring
Integration with ERP, CRP, SRM, and business intelligence tools
Track accountability with document controls
Auto generation of contracts, proposals, quotes and documentation
Automated notification system for important contract milestones or thresholds
Secure contract creation and editing
Improved customer/supplier relationships and commitment management
Full contract visibility and control.