Ermis specializes in integrated solutions that go beyond simple checklists: • We conduct precise Enterprise Risk Management (ERM) and Risk Assessments. • We fortify your operations through detailed Third-Party and Physical Security Audits. • We build robust ESG Integration and Governance & Reporting structures. We empower you to see around corners, manage issues proactively, and build lasting resilience. Secure your assets, optimize your governance, and strategically position your future. Fractional Risk Leadership & Strategic Risk Intelligence - for Boards,CEOs & Regulated Organisations We help organisations in India, The US, UK, Europe, Singapore & GCCs strengthen governance, manage uncertainty, and make confident strategic decisions - without building large in-house risk teams. Book a slot Our Services Fractional Chief Risk Officer (CRO) Fractional Third - Party Risk Leader Board - level risk leadership on a flexible retainer - Governance | Strategy | Oversight Reduce vendor, outsourcing and ecosystem risk - TPRM | Regulatory readiness | Vendor oversight External Risk Posture Scan (48 hours) Operational Resilience & Crisis Readiness Independent, data- backed snapshot of digital & reputational exposure Prepare leadership teams for disruption -BCP | Crisis governance | Resilience frameworks Regulatory Readiness Sprint Scan to identify externally visible gaps regulators often spot first. - Inspection readiness | Evidence led remediation. View More Why Choose Ermis Advisory? 70 % Risk Control Maturity Improvement Delivered, Designed & Implemented Enterprise Grade Control Environments and raised risk maturity in past engagements 21 Years of Expertise Decades of Industry Insight at Your Disposal 35 % Reduction in Risk Exposure Proven Strategies to Mitigate Risks About Ermis Advisory ERMIS Advisory was founded to address a common gap: Organisations have risk processes but lack experienced risk judgement at the top. Led by Samit Khattar , former Executive Director - Enterprise Risk at a global organisation, ERMIS brings independent, Senior Risk Leadership to Boards and Executives navigating complexity. Our work is grounded in: - Practical experience, not theory - Independence of thought - Clarity over complexity. Who This Is For: * Boards & CEOs of scaling organisations * PE/VC - backed companies * Regulated enterprises (BFSI, Tech, Healthcare, Manufacturing) * Organisations facing regulatory scrutiny, rapid growth or transformation. If risk, governance or third- party exposure is slowing decisions or creating board anxiety- we step in. Read More

Connect with Us Ermis Advisory is dedicated to providing tailored solutions for your enterprise risk management needs. Whether you have inquiries, require assistance, or seek further information, please don't hesitate to contact us using the form below. We are committed to promptly addressing your queries and providing expert guidance. First name* Last name* Email* Phone How can we help you? Title* Message Submit

FAQs 1. Which industries do you serve? • Financial Services • Healthcare & Hospitals • Global Capability Centers (GCCs) 2. Do you serve international clients? Yes. We currently support organisations across India, UK/Europe, and the USA, offering both remote advisory and onsite project delivery. Ermis Advisory is dedicated to identifying opportunities for cost savings within your risk management strategies. Our tailored approaches and advanced analytics enable us to assist you in optimising expenses and enhancing overall financial resilience. 3. How can Ermis Advisory optimize cost savings for my business? Ermis Advisory ensures comprehensive support options, including personalised consultations and responsive assistance. We are committed to addressing your inquiries and providing guidance to maximize the value of our risk management services. 4. What support options does Ermis Advisory provide to clients? Ermis Advisory's professional risk management services are available through tailored service agreements to suit the unique needs of your organisation. Our offerings are designed to deliver exceptional value to support in enhancing your risk management capabilities. 5. Is Ermis Advisory's service available free of charge?

Core Services (Preview) In an era of rapid change, risk is your Strategic Growth Opportunity. The modern enterprise faces a complex array of challenges, from evolving global regulations and intricate Third-Party dependencies to crucial ESG scrutiny and persistent cyber/physical security threats. To succeed, you need a partner who ensures your Governance, Risk, and Compliance (GRC) framework is not just compliant, but fiercely competitive. Ermis transforms uncertainty into clarity. We specialise in providing integrated solutions that go beyond simple checklists. Fractional Chief Risk Officer - Board level risk leadership on a flexible retainer Fractional Third Party Risk Leader- Independent oversight of vendor, outsourcing and ecosystem. External Risk Posture Scan(48 Hours) - Rapid, data- backed snapshot of digital & reputational exposure Operational Resilience & Crisis Readiness - Leadership preparedness for disruption and regulatory expectations. FOR MORE DETAILS ON CORE SERVICES, SCROLL BELOW Trainings & Workshops We deliver executive training programs and customised workshops to build risk awareness and governance capability. Our sessions empower leadership teams to embed a proactive and resilient risk environment, thereby strengthening the organisational culture. Other Collaborations ERMIS Advisory partners with global institutions, chambers, and consulting firms to drive cross-border collaborations and thought leadership. These partnerships enable us to deliver comprehensive, future-ready solutions for our clients. Fractional Chief Risk Officer (CRO) Who This Is For: - Organisations without a mature risk function - Boards needed independent risk challenge - Companies scaling faster than governance. What we do: - Board & Executive Risk Oversight - Risk Appetite and Governance design - Monthly Board ready Risk dashboards. Outcomes: -Clear Top Enterprise risks -Risk informed Board decision making -Reduced Regulatory & Operational surprises Engagement model: *Retainer-based (3 -6 months) *Remote+ Board interactions Book Fractional CRO discussion Mail Fractional Third Party Risk Leader Problem we Solve: Third party failures are now one of the largest sources of regulatory and operational risk. Our Role: - Design regulator - ready TPRM frameworks - Rapidly assess critical vendors/suppliers - Design vendor risk oversight framework - Create Executive & Board reporting - Prepare for Audits and regulatory review s Ideal for: BFSI, Fintech, Healthcare & organisations with outsourcing or vendor ecosystems. Request TPRM Assessment Mail Operational Resilience & Crisis Readiness Why It Matters: Regulators and Boards increasingly expect demonstrable resilience, not static plans. We help you: - S trengthen operational resilience frameworks - Clarify decision roles and decision rights - Strengthen Continuity planning & Crisis Governance Triggers: * Regulatory expectations * Past Incidents * Business Transformation Discuss Resilience Readiness Mail External Risk Posture Scan (48 Hours) What It is: A rapid, non-intrusive scan publicly available, verifiable sources to assess how your organisation appears to regulators, attackers, partners and the market. What It Covers: - External risk score & summary -Key exposure findings Cyber& digital exposure, third party, regulatory & compliance visibility, Reputational & Operational indicators -ERMIS expert commentary -Actionable remediation roadmap Request your Risk Scan Report Mail Board Risk & Governance Advisory Independent risk & governance counsel for Boards navigating complexity, Regulation & Strategic uncertainty. When This Is Needed: -Risk Decisions lack clarity at the board table - Governance exists but isn't decision enabling -Boards need independent challenge and not management assurance -Heightened regulatory, investor or reputational scrutiny What We Do: -Work directly with Boards and Senior Leadership to clarify top enterprise risks -Strengthen governance structures, roles and decision rights -Align risk appetite with real strategic decisions -Provide independent risk challenge to Board risk reporting Engagement Model: Advisory| Retainer or Project based | Board & Committee Interaction . Request Regulatory Readiness Sprint Mail Regulatory Readiness Sprint Focused, time bound sprint to prepare leadership and governance for regulatory reviews. When This Is Needed: -Upcoming regulatory inspection or supervisory review. -Heightened regulator focus on governance, resilience or third party risk -Recent incident, audit finding, or enforcement action -Board concern around regulatory preparedness What We Do: - Assess governance, risk readiness against regulatory expectations -Identify material gaps across risk, third - party and resilience domains -Review evidence quality, not just existence -Provide clear remediation actions. Engagement Model: 2-4 weeks sprint| Executive & board facing | Rapid turnaround . Request Regulatory Readiness Sprint Mail

Ermis specializes in integrated solutions that go beyond simple checklists: • We conduct precise Enterprise Risk Management (ERM) and Risk Assessments. • We fortify your operations through detailed Third-Party and Physical Security Audits. • We build robust ESG Integration and Governance & Reporting structures. We empower you to see around corners, manage issues proactively, and build lasting resilience. Secure your assets, optimize your governance, and strategically position your future. Hello My name is Samit Khattar As Founder & Managing Director of ERMIS Advisory, I bring over two decades of global experience leading enterprise risk, governance, and compliance across organizations such as Principal Global Services, Citi, Barclays, and Hewlett-Packard and GE. I have successfully designed and executed risk strategies spanning financial services, technology, and shared services ecosystems. Previously served as Executive Director, Enterprise Risk Management, I have advised boards and CXOs on building resilient, high-integrity organisations and risk functions. At ERMIS Advisory, I combine strategic foresight with technology enabled solutions to help clients to strengthen governance, manage complex risks, and drive sustainable risk management processes with confidence. My Story Samit Khattar, Founder & Managing Director of ERMIS Advisory, brings over two decades of global experience across Principal, Citi, Barclays, and Hewlett-Packard. A recognised leader in enterprise and third-party risk management, Samit has guided boards and CXOs worldwide in strengthening governance, resilience, and strategic risk capabilities. Contact I'm always looking for new and exciting opportunities. Let's connect. info@ermisadvisory.com +91 8879789527

Core Philosophy At ERMIS Advisory, we strive to redefine how organisations view risk, not as a constraint, but as a catalyst for growth, resilience, and trust. We strongly believe that strong governance and well-managed risks form the foundation of sustainable success. Guided by integrity, insight, and innovation. We partner with Boards and Leadership teams, to embed a culture of Accountability and Foresight. Our philosophy is simple: Effective risk management empowers confident decision-making, safeguards reputation, and drives enduring value. Start Now Our Vision To be the trusted partner enabling organisations to thrive with resilience, integrity and foresight. Our Mission Guide organisations with responsible risk related to ERM, Third party, ESG and Governance solutions, that build trust and create long term value . About Ermis Advisory ERMIS Advisory was founded to address a common gap: "Organisations have risk processes - but lack experienced risk judgement, at the top." Led by Samit Khattar, former Executive Director - Enterprise Risk at a global organisation, ERMIS brings independent, senior risk leadership to boards and executives navigating complexity. WHAT MAKES ERMIS DIFFERENT Independent, Board - Level Risk Leadership ERMIS Advisory is built for organisations that need Senior Risk Judgement , not more templates. Whether you're a large corporation or a growing business, Ermis Advisory is happy to partner with you and support your needs to navigate the complexities of risk management with confidence. - Fractional CRO & TPRM leadership models - Board ready risk insight, not operational noise - Combines external intelligence+ Internal governance review - Led by former Executive Director - Enterprise Risk with a global experience. What Clients gain: - Clear prioritisation of what truly matters - Faster, more confident leadership decisions - Reduced regulatory and operational surprises. Our Commitment At Ermis Advisory, we are committed to redefining the way businesses perceive and address risk. Our mission is to equip organizations with the knowledge and tools essential for making well-informed risk management decisions, enhancing resilience, and securing long-term success. Join us in our commitment to transforming risk management practices and empowering businesses of all sizes to thrive in a dynamic environment.

Ermis Advisory is committed to ensuring that our website is accessible to people with disabilities. We are constantly working to enhance the accessibility and usability of our site to provide equal access to all individuals. Accessibility Statement This statement was last updated on [enter relevant date]. At Ermis Advisory, we strive to make our website accessible for everyone. We are dedicated to meeting the needs of all individuals, including those with disabilities. What web accessibility is An accessible site allows visitors with disabilities to browse the site with the same or a similar level of ease and enjoyment as other visitors. This can be achieved with the capabilities of the system on which the site is operating, and through assistive technologies. Accessibility adjustments on this site We have adapted this site in accordance with WCAG [2.0 / 2.1 / 2.2 - select relevant option] guidelines, and have made the site accessible to the level of [A / AA / AAA - select relevant option]. This site's contents have been adapted to work with assistive technologies, such as screen readers and keyboard use. As part of this effort, we have also [remove irrelevant information]: Used the Accessibility Wizard to find and fix potential accessibility issues Set the language of the site Set the content order of the site’s pages Defined clear heading structures on all of the site’s pages Added alternative text to images Implemented color combinations that meet the required color contrast Reduced the use of motion on the site Ensured all videos, audio, and files on the site are accessible Declaration of partial compliance with the standard due to third-party content [only add if relevant] The accessibility of certain pages on the site depend on contents that do not belong to the organization, and instead belong to [enter relevant third-party name] . The following pages are affected by this: [list the URLs of the pages] . We therefore declare partial compliance with the standard for these pages. Accessibility arrangements in the organization [only add if relevant] [Enter a description of the accessibility arrangements in the physical offices / branches of your site's organization or business. The description can include all current accessibility arrangements - starting from the beginning of the service (e.g., the parking lot and / or public transportation stations) to the end (such as the service desk, restaurant table, classroom etc.). It is also required to specify any additional accessibility arrangements, such as disabled services and their location, and accessibility accessories (e.g. in audio inductions and elevators) available for use] Requests, issues, and suggestions If you find an accessibility issue on the site, or if you require further assistance, you are welcome to contact us through the organization's accessibility coordinator: [Name of the accessibility coordinator] [Telephone number of the accessibility coordinator] [Email address of the accessibility coordinator] [Enter any additional contact details if relevant / available]

My Portfolio Welcome to my portfolio. Here you’ll find a selection of my work. Explore my projects to learn more about what I do.

Privacy Policy A legal disclaimer The explanations and information provided on this page are only general and high-level explanations and information on how to write your own document of a Privacy Policy. You should not rely on this article as legal advice or as recommendations regarding what you should actually do, because we cannot know in advance what are the specific privacy policies you wish to establish between your business and your customers and visitors. We recommend that you seek legal advice to help you understand and to assist you in the creation of your own Privacy Policy. Privacy Policy - the basics Having said that, a privacy policy is a statement that discloses some or all of the ways a website collects, uses, discloses, processes, and manages the data of its visitors and customers. It usually also includes a statement regarding the website’s commitment to protecting its visitors’ or customers’ privacy, and an explanation about the different mechanisms the website is implementing in order to protect privacy. Different jurisdictions have different legal obligations of what must be included in a Privacy Policy. You are responsible to make sure you are following the relevant legislation to your activities and location. What to include in the Privacy Policy Generally speaking, a Privacy Policy often addresses these types of issues: the types of information the website is collecting and the manner in which it collects the data; an explanation about why is the website collecting these types of information; what are the website’s practices on sharing the information with third parties; ways in which your visitors and customers can exercise their rights according to the relevant privacy legislation; the specific practices regarding minors’ data collection; and much, much more. To learn more about this, check out our article “Creating a Privacy Policy ”.