|Customer value||Engagement model||Expertise provided||Billing method||Effort monitoring/ measurement by Client||Outcome rendered||Daily rate|
|Project-phase risks||Annual /Semi-annual contract – renewed||Gap-analysis of initial design, basic procedural controls, basic automated controls & security plan for perimeter, common areas, open/ building parking and elevator systems||Initial advance (equivalent to 4 mandays) and monthly invoice @rate of 8 mandays||Weekly review meet with Client facility /operations teams and procurement/ contracts dept.||Assessment and Recommendations report. Internal Controls deployment strategy & plan, Vendor due-diligence.||INR.25K|
|Acquisition, Expansion, Consolidation, Distribution phase risks||Annual contract - renewed||Perimeter controls and penetration checks, setting-up and running a software-driven risk assessment and incident management system (software operative 24x7x365), advanced electronic security control systems, training.||Initial advance (equivalent to 4 mandays) and monthly invoice @rate of 12 mandays||Joint analysis of real-time threat monitoring data and reports, study of exception data or red-flags, software analytics of cctv, intrusion and access control data.||Improved procedural and automated controls & policy document revision. Enterprise-wide training and awareness brochure design & recommendations.||INR.25K|
|BAU and Growth phase risks||Annual contract - renewed||Command centre capability – design, implement and validate. (software operative 24x7x365), Live console, risk and response controls data, risk analytics from Incident mgt system, Case mgt system, Compliance mgt system and Social media, half-yearly site risk assessment, audits & review, Counter-terrorism planning, Women safety and security planning, Training on relevant modules.||Initial advance (equivalent to 4 mandays) and monthly invoice @rate of 12 mandays.||Joint analysis & review of all risk data and response actions. Audit report gap analysis and action prioritisation & correlation with public responder data, open-source data on threats and mitigation.||High-level threat assessment & treatment plan & reports for management attention. Risk analytics dashboard and action-prioritization classification (with cost-data, where possible). Improved Incident & Crisis Mgt, Business Continuity & Resiliency planning.||INR.35K|
FAQ on Managed Security Provider (MSP) from Xpertisehub Risk Management Services, LLP.:
- Why is MSP important for business success? Today’s business environment is competitive and complex. Besides multiplicity of choices for the consumer, the short shelf-life of products and services, even shorter GTM (Go-To-Market) cycles available to the client, employee attrition & even more difficult exercise of right-sourcing of talent, regulatory and government compliance risks, fluctuating business & market cycles, tighter control on capital & banking norms, overseas business competition and investments ..etc, all make the operative environment in India highly demanding. One important item in our toolkit must be the strengthening of core business competency & sub-contracting of non-core business tasks to expertise providers who understand both business & outsourcing risks.
- How does Xpertisehub’s MSP work? As risk management services Co, Xpertisehub will first join client’s leadership and operational teams to assess growth aspirations, current business & market position, perceived and real gaps in delivery, change management challenges identified, transformational needs felt, current resource availability and use (deployment efficiencies & effectiveness will be measured), client’s optimisation objectives, financial objectives, human resourcing and staffing goals from the exercise, competitive benchmarking & brand impact from the sub-contracting task which client requests, statutory and regulatory compliances and its impact & overall phases of operationalization or duration of the project (business transformation time available). It is only after the assessment phase, we move to the contract and engagement phase.
- How is the MSP contract initiated & billed? We treat MSP program of Xpertisehub as a ‘Confidential and Transformative Engagement’ delivered with a ‘trusted co-worker’ attitude, every step of the journey. The first set of meetings for 2 business days (8 hours/ day) are free. Once we start preparing an AUP (Agreed-Upon-Plan – these are detailed email notes exchanged between the prospective client and Xpertisehub) to outline SoW (Scope of Work/ Statement of Work), we recommend use of a ‘labor contract hours software application’ or client’s own in-house labor hours recording tool to start the billing based on the ‘stage & progress’ of the engagement, as listed in the table here. All ‘expertise time’ will be billed as per our rate charts. Where the delivery will be T&M, we will raise separate tax invoices for ‘expertise time’ and the ‘material or software’ supplied. Before every billing cycle, a designated project or task steering team will assess the quality and sustainability of the work product and certify payment as per mutually agreed payment terms & conditions. In order to speed up a project delivery and reduce paper work or delivery cycle-time, we are also open to an Escrow account for seamless delivery of products and services with built-in quality and financial supervision, by an intermediary agency.