RM ( IT ) Conference - IT/BPR Department

RMs IT Conference - 201625th & 26th May, 2016 Venue: MUMBAI

1. CORPORATE GUIDELINES 2016-17 INFORMATION TECHNOLOGY/BUSINESS PROCESS REENGINEERINGObjectives • Increasing LIC’s Digital Presence. • Economy of operations by Optimization of resources. • Ensuring Quality and Delivery of Services. • Empowering people by providing them ability to do their work anytime, anywhere on any device. • Prompt Communication with Customers and within the organization. • Information into insight to top Management. • Ensure legal and Regulatory compliances • Ensuring Data Security and Information Security • Compliance to IRDA Regulations and other Regulations.Strategy:Though the concepts of Business Process Reengineering and Total Quality Management aremostly considered as competing ones, the current state of IT environment warrants thebalanced amalgamation of these two in formulation of strategy. On one hand, embracing ofnewer technologies is required to charm the younger generation and on the other hand, theorganisation cannot be so disruptive as to lose out on the traditional user base. Starting withenvisioning targeted improvements vis-à-vis available IT opportunities, existing IT processesand systems will be reviewed. Through explicit assigning of the Scope, time to deliver andcommunicating the expected results will ensure that the performance, goals are achieved.Implementation of adaptive processes and structures to provide for the increasing userrequirements ensuring agility and flexibility. All this would be achieved with a balance betweenthe Outsourcing and Insourcing of activities, the ultimate objective being to strengthen thecapabilities of our in-house resources. Adequate consideration will be given to the culturalaspects to ensure smooth migration to the new process, responsibilities and roles. Continuoustraining on the implemented solutions, to create awareness among the stakeholders.Planned Activities:Portal and ODS Upgrade of Portal Services:Portal will be redesigned and enhanced withvarious self-service (Service Request) functionalities, provide for online sale of policies andalso enhance the digital experience for our internal and external users.Secure Working Environment:Roll-out of the 2 Factor Authentication Solution ensuring asecure working environment for the employees by checking incidences of fraud involvingmisuse of passwords.eKYC Services:Various services using the Aadhaar Platform can be delivered, subject toclearance from the legal / statutory authorities. Some of the activities envisaged are AadhaarSeeding of Policies, Use of Aadhaar based eKYC for NB completion and Aadhaar based“Existence Certificate” for our Annuity Policies and Pensioners.Mobility:Deployment of New Mobile Apps on all three platforms viz. Android, Windows andiOS.Mini Offices:Service Request acceptance through Mini Offices.CORPORATE ACTIVE DATA WAREHOUSE: 1. Providing MIS solutions to the Top Management through Dashboards and on Mobile devices.

2. Providing refresher training to Business Intelligence tool users in Market Research Cell, CO depts., ZO & DO to enable them to create their own reports using Data Warehouse. 3. Providing Regulatory and Compliance support to the Organization. 4. Assisting CRM department in executing Customer servicing campaigns and regularly monitor premium receivables and that received. 5. Lead generation and conversion: Providing quality customer leads to all the marketing channels from our end. Tracking the performance / effectiveness of various campaigns and providing feedback to the user departments 6. Research activities: Providing data for Product Development & augmenting NB and analyzing Marketing channels’ / entities’ performance, undertaking research on critical business areas. 7. Enabling insight driven marketing campaigns and assisting Zones / Divisions to run their individual Marketing and Customer oriented campaigns through Data Warehouse.CAV and CMS:Procurement and Implementation of New Mailing System, new Bulk MailingSystem and File Server and AD and Password Management Tool.Network 1. Continuation of the review of network architecture, network strengthening, evaluation of WAN technologies for connectivity, compression techniques and bandwidth provided at each tier for supporting the new applications (like new centralized EDMS solution etc.). 2) Overall Network uptime improvement by at least 2% at the overall corporate level (from present 94.88% approx.) 2. Explore requirement of 10G LAN-switching at Datacenters and need based implementation. 3. Leveraging technologies such as IP-Telephony and Video-Conferencing for enhancing the quality of internal and external Corporate Communication and cost saving. Security and others 4. Pilot implementation of CDM (Cash Deposit Machine) i.e. the self-service terminals at Zonal Headquarters and few select cities to enable deposits and payment transactions in cash/cheque by customers and integrating it with the core-business application(s). 5. Modernisation of the gateway-level security to mitigate the newly evolved/evolving risks and vulnerabilities, protection from DDoS (Distributed Denial of Services) attack and support more internet facing applications with improved throughput. 6. Corporate vide trainings on the Information System audit and arrange Security (IT) awareness programs for all stake-holders for reducing risks. Enhance the employees Awareness of potential threats, Best Practices and the knowledge of “what they can do about it” - the key to safeguarding our information and our information systems.Hardware 1) Studying alternative options and trends in industry in place of current practice of purchase. 2) Implementation of Cloud Architecture for consolidation of all data centers in a phased manner. 3) Introduction of Hardware Performance Tool and IT Asset Management Tool for complete control over IT Assets - Implementation by 30.06.2016. 4) Implementation of e-tendering for all IT Procurements by 30.09.2016.New Initiatives1)Virtual Branch Office enabling self-servicing (service requests) capabilities through the Portal2) Sales Force Automation tools / Customer On-boarding Application3) Facilitating collection of Rent through online modes of payment on the lines of SSScollection.4) Employee Engagement – Currently, Officers have access to a few Modules like DOPA / P-Form / Promotion & Transfers / Property Returns Module etc. through the internet. However,

information relating to Salary, Leave, Provident Fund, Pension etc. are currently not availableto individual employees. An Employee Portal which renders Salary / Leave / RetirementBenefit related information can be designed and rolled out.5) Procurement and Implementation of Email Archival solution. 2. IT / BPR Highlights 2015-16 and Plan for 2016-17IT/BPR handles Data warehouse, ODS &Portal, Internet, Antivirus solutions,Mailing System, SMS, Jeevan Sanchar, Network, Hardware & IT Security2.1Corporate Active Data Warehouse Project LIC implemented the Corporate Active Data Warehouse (CADW) project in 2004 and later upgraded in 2008 & now new system is operational under OPEX model since Sept. 2015. Some CADW statistics: Data Size as on 31.03.2016: 23 TB compressed; CADW receives data from 15 different source systems including e-Feap. On an average we receive 1-2 crore transactions per day.2.1.1 Activities done in Year 2015-16:CADW Reports currently available for users: • CO, ZO & DO departments are users of CADW and have access to Business Intelligent (BI) Reports/ Dashboards. Ready-to-use Reports available to users • On Demand Reports available (ODR): 62 • Scheduled reports available: 59 • 10 Published reports and Market Share dashboard available to all CADW portal visitors.Report Development: • During last FY, CO IT/BPR department developed 1,014 adhoc reports as per request received from various users. 74% of the reports developed were for CO departments.Adhoc Reports Developed by CADW – 2015-16CO 745Depts 153 116ZO 1,014DeptsDODeptsTotal• Users can submit their report request through the Report Request Portal.

STATISTICS OF REPORTS DEVELOPED & REQUESTED BY DIVISION DURING 2015-2016Central Zone D R East Central Zone D R Easter Zone D R North-Central Zone DRCZ 4 7 ECZ 1 39 EZ 13 27 DEHRADUN 15GWALIOR 3 1 BEGUSARAI 0 5 GUWAHATI 20INDORE 4 0 BERHAMPUR 0 2 JALPAIGURI 1 0 FAIZABAD 50RAIPUR 2 0 PATNA-1 0 1 KOLKATA-1 6 0 HALDWANI 14SATNA 31 KOLKATA-SUB 2 0 VARANASI 09SHAHDOL 01 SILCHAR 0 2 ALIGARH 08 BONGAIGAON 0 2 AGRA 05 16 10 HOWRAH 0 1 KANPUR 02 KHARAGPUR 0 1 BAREILLY 01 0 1 MEERUT 0 23 1 47 9 57 NCZ 22 34North Zone D R South-Central Zone D R Southern Zone D R Western Zone DRAJMER 1 UDUPI 2 CHENNAI-1 4 3 MUMBAI-DO1 20AMRITSAR 1 1 MYSORE 6 SZ 3 6 MUMBAI-DO2 10BIKANER 4 2 BANGALORE-1 5 KOZHIKODE 0 4 MUMBAI-DO3 04DELHI-1 1 0 HYDERABAD 5 CHENNAI-2 0 1 MUMBAI-DO4 12UDAIPUR 3 0 RAICHUR 2 COIMBATORE 0 1 MUMBAI-SSS 10NZ 2 2 MACHILIPATNAM 1 MADURAI 0 1 NASHIK 14KARNAL 0 3 WARANGAL 1 RAJKOT 53LUDHIANA 0 2 SCZ 54 SATARA 33DELHI-3 01 THANE VADODARA 22 1TOTAL: 12 11 2 74 WZ 20Note: D - Reports Developed R - Reports Requested AHMEDABAD 2 48 KOLHAPUR 02 AURANGABAD 02 GOA 01 NAGPUR 01 PUNE-1 01 7 16 01 40 73Statistics of reports developed by trained users during FY 2015-16.CO Users Zones Zonal Users Division Users TotalsB&AC 15 NZ 2 10 12Direct Marketing 1 NCZ 0 99Marketing 4 12 16 10 CZ 13 9 22TOTAL: EZ 1 01 ECZ 0 22 SCZ 3 47 SZ 2 38 40 WZ 25 84 109 26• 135 (26 by CO & 109 by Zos)reports were developed by trained officials during 2015- 16. We continue to hand-hold all trained users post training, through a User Forum that guides these trained users in overcoming any difficulties encountered while developing reports.

Support to CO; Zonal & Divisional Departments:• Actuarial : Persistency & Renewal rate Reports: Reports are also provided to zones every quarter as per CO/Actl instructions.• F&A: For monitoring PMLA (Prevention of Money Laundering Act) violations. One report Weekly, Two Fortnightly, Three Monthly.• Marketing (all wings) : Field Force related reports. Reports for Regulators. The summary of Customer leads generated and distributed to marketing channels during the year 2015-16 is tabulated below Leads were generated using statistical and analytical tools. There were request for leads for 16 campaigns.• Requests for Leads received from Users and leads provided for following campaigns. New Business Acquired Lead Conversion Ratio in 2015-16Campaign Details Total Leads No of Custs. No of Policies Custs PoliciesAmritsar Jeevan Shikhar 6,660 88 96 1.32% 1.44%CZ FY Lapse Leads 191,253 1,785 2,229 0.93% 1.17%CLIA Campaign-age25 45 1,943,237 15,108 17,215 0.78% 0.89%No Jeevan Anand.CLIA Campaign -age25 45 309,159 4,692 5,647 1.52% 1.83%WITH NOMINEE WIFECLIA Campaign -age 50 60 381,782 2,867 3,236 0.75% 0.85%No Jeevan AkshayDirect Marketing Revival 71,247 858 1,065 1.20% 1.49%Campaign LeadsHealth for HNIs 70,670 4,735 8,002 6.70% 11.32%Jeevan Akshay ProspectiveDehradun 14,448 411 509 2.84% 3.52%Kanpur Division 150 17 38 11.33% 25.33%Relationship BuildingCampaignKarnal – BimaAnurodh - I 2,268 3 8 0.13% 0.35%Karnal - Jeevan Anand 2,484 44 50 1.77% 2.01%Karnal – Young Policy 1,784 1 1 0.06% 0.06%holders

Kozhikode Jeevan Akshay 8,955 38 40 0.42% 0.45%campaign 45,994 511 554 1.11% 1.20%Outstanding maturity and 57,732 1,235 1,897 2.14% 3.29%sb claim fy 2015-2016 30,211 0.79% 0.90%Dehradun Division 238 272Single Policy Customers-Goa DivisionVaranasi Division TarunShree CampaignTotals 3,138,034 32,631 40,859 1.04% 1.30%• CRM : Analytics reports, RTI queries;Reports for Regulators &ICMS Reports Reconciling Portal collection, Vigilance/SDM: Data for investigating reported frauds.Deduplication Activities: • Deduplication is the process of allotting customer-id by comparing existing policy data with NB data to ascertain whether NB pertains to an existing customer or a new customer. • Matching exercise is done based on certain parameters like Name, Address, Gender, DOB&Pincode.Deduplication cycle is run every fortnight after NB closing to ensure all new policies are allotted customer id within 15 days & included in single prem notice database. Customer breakup as on 31/03/2016 Inforce Policies All PoliciesPolicy band Customers Policies Customers Policies1 policy 190,506,953 190,506,953 378,207,644 378,207,64402-05 policy 34,297,431 87,230,966 69,958,329 179,080,10906-10 policy 1,844,452 13,322,467 4,461,064 32,170,08811-50 policy 661,950 10,815,620 1,323,661 21,301,80051-100 policy 3,098 203,487 6,977 454,213> 100 421 82,886 981 175,093Total 227,314,305 302,162,379 453,958,656 611,388,947• During the year the total New customer acquisition was 1.44 crores while the number of polices sold to existing customers were 48 lakhsDashboards: These are Graphical Representation of various key performance areas for a particular department/office. Various dashboards for different offices/ departments are created and made available to various users/ to all DW portal visitors as below:• Corporate Dashboard

• Marketshare Dashboard (based on IRDA Annual reports)• Branch Dashboard• Agency Enquiry DashboardEnhancing capabilities of Data warehouse. During the FY 2014-16, data from the following new sources were incorporated into the Data warehouse. • Mini Office Data -2.1.2 Plans for 2016-17 - Business Intelligence (BI) tool Business Object (BO) is being upgraded to the latest Release 4.01 from existing Rel.2.2.1.3 Expectations from ZO/DO: - Zones are requested to ensure that all their Divisions are guided and encouraged to make use of the CADW reports and dashboards. - Collect feedback on the reports/dashboards available in DW and inform us. It helps in improving data accuracy and understanding the reports’ usefulness. - Educating Divisions and relevant Zonal departments in o Search facility for customer policy number based on Customer Name & DOB provided to RM (CRM) and RM (IT). o For any change in DW records, the change has to be first effected in the servicing branch. The change will automatically be reflected in DW. o Policy record if available with DW can be viewed through Policy Status link available on our Portal. o Data request for RTI query to be addressed to ED (IT/BPR) along with a scanned copy of RTI applicant request letter.2.2 Online Data Store (ODS) Project (The Backbone for all our Online services) 2.2.1 Overview of ODS project • The purpose of the Project was to create a Centralized Online Database for operational purpose i.e. for OLTP type of transactions. • Data source to Portal. Abridged and not full master is available. • Online real-time updation for premium collection. • Batch loading done at night for other than Premium collection transactions (ex. Change of address, New Business, RFM, AFM etc.). • At present, ODS is handling two types of real time transactions through TIBCO i.e. Cash transactions (Renewal) and Premium history. • Whenever premium collection happens at branch office, FUP updation transactions reach ODS from the Servicing Branch and Premium transactions from the Collecting Branch in real time through TIBCO. 2.2.2 Database Volumes: • Policies in ODS - 48.05 crores (as against 45.46 crores as at 31-03-2015). • Agents in ODS – Total 51.03 lakhs all status (as against total 49.56 lakhs in last FY), Inforce and probationary agents– 10.30 lacs • Dev. officers in ODS – Total 30,360 (confirmed & probationary) as compared to 28,946 last year.

• Merchants in ODS: As on 31.03.2016 As on 31.03.2015 Growth % Empowered Agents 38,056 32,922 15,59 SBA Retired Employees 3,131 2,712 15.44 462 372 24.19• Enrolment Statistics: As on 31.03.2016 As on 31.03.2015 Growth % 2.48 crore 2.23 crore 11.21 Total enrolled policies 112.46 lacs 98.05 lacs 14.69 Online Registered Users2.2.3 Load at ODS: • On 28.03.2016, ODS supported collection of renewal premium payments of 7.70 lakhs transactions covering 9.15 lakhs policies and premium amount of 484.48 Crores through merchant portal. (Last year, highest collection in a day was on 27.03.2015, with 6.65 lakhs transactions covering 7.93 lakhs policies and premium amount of 385.43 Crores). • During the Financial Year 2015-16, ODS supported SMS gateway project for processing 36.48 crores SMS as against 9.54 crores SMS processed during FY 2014-15 (Growth rate is 382.14%). • Daily Batch (at night) of change Masters for Policies/Agents from all eFeap Data Centres. Nearly 50-60 lakhs change masters are handled at the ODS (including Micro Insurance policies) per day.2.2.4Major jobs completed at ODS during FY 2015-16 • Successful upgradation of ODS systems to Oracle Exadata Systems (Engineered Systems) and migration of database from Oracle 10g to Oracle 12c on 05-10-2015. • Database support for eServices initiative of CRM department for LIC customers. • Database support for displaying employees’ remuneration for the month of August 2015 on web (initiated by RTI department, CO). • Database support for displaying outstanding SB/Maturity claim on portal. • Data collected daily for SSS PA masters and loaded in ODS for the functionality of online collection of SSS PA premium. • Data related to Mini office MIS is provided daily to CADW for reporting and to SDC for CO-MIS. • Grievance Redressal for merchants, customers, agents & development officers. Functionality is developed for portal support team for merging missing policy master & premium history in ODS.2.2.5Scope of ODS • Customer/Agent/Development Officer/Corporate Portals • Integrated Grievances Management System (IGMS) • Collecting Banks/Financial entities • Management Information System (MIS) • Short Messaging Services (SMS)

2.2.6ROADMAP for 2016-17• Providing database support for new initiatives which will be taken up by EPS project as also other departments in the FY 2016-2017.• Database support to existing as also new Alternate Channels to increase the percentage of premium collection through Alternative Channels to 60% of total premium collection in number of transactions. 2.3.Enterprise Portal Solution2.3.1 Highlghts 2015-16 2015-16 2014-151. Portal based Collections (Excluding ECS): 13.10 12.59 Particulars 57632.03 52810.78 Number of Transactions (In Crores) 33.80% 32.48% Amount collected (In Crores) 37.86% 36.18% % to total Number of Transactions 4.05% 13.22% % to total Amount Collected 9.13% 18.99% Growth in Number of Transactions Growth in Amount Collected2. IRDAI Compliant LIC's e Services inaugurated on 1st February 2016 by Chairman IRDAI. System is being closely monitored and improved based on the feedbacks of customers and customer zones. LIC's e-Services provide Basic and Premier Services to the Policy Holders as per IRDAI guidelines for Insurance Repositories. Though IRDAI guidelines provide for charging the customer for Premier Services, LIC does not propose to charge policyholders for any of the Premier Services extended through the Portal. Every existing and prospective policy holder of LIC of India can register for free for these services. Customers who are already registered on LIC portal can directly register themself by using 3 simple steps. Policy holders who are still not registered on LIC portal will have to enroll their policy first, there after they can register for LIC’s e-Services by following the three simple steps available at the landing page after login to portal. An Individual can register for policies taken on his/her name or on policies of minor children (where he/she was the proposer) for LIC’s e-Services. Policy on name of spouse cannot be registered together in the same account now and should be registered in a separate account.3. Enhancing Digital Presence of LIC: As a first step to enhance the Digital presence of LIC, redesign of portal is proposed for which RFP was floated and the processing of the tender is in progress. The activity is aimed at : a. Deploying a simplified Portal with additional functionalities; b. New Mobile Apps for customer and field force and rolling out of a Sales Automation App. c. Leveraging the already upgraded Online Data Storage (ODS) in extending newer and improved functionalities through the Portal Applications.

4. Existing Portal: Consolidated view of leads of all agents provided on SBA Portal; new lead types also provided as per request of the user Department on SBA Portal. 5. Enablement of Merchant Invoice remittance at counter of Corporation Bank completed & testing completed with City Union Bank. 6. Control on Usage of portal & reconciliation of Portal Transactions:In order to ensure smooth transactions at Portal, unauthorized usage by some of the Merchants were tracked and action initiated against them. To monitor properly the volume of pending invoices and difference in accounting, data is provided to user departments for the same on regular basis. 7. Mini Office Portal: Additional functionalities provided to Mini Office Associates. Regular options like Loan and Surrender Quotations, Premium Paid Certificates, NEFT mandate registration fine tuned. MIS provided to SDMs/ZO/CO through CADW login to monitor all activities at Mini Office. 8. SSS PA remittance through Portal :Paying Authorities can now remit the SSS monthly invoice on line using the Portal to generate challans for payment. This has been implemented in Mumbai SSS Division. CRM Department will be issuing instructions for All India roll out. 9. Property ReturnsModule maintained by Portal Section caters to the needs of ER Department. 10. The Display of Unclaimed & O/S Amounts due to Policy Holders has been provided at our website www.licindia.in in the footer section as “Unclaimed Amounts of Policyholders”. Similarly an “Enquiry of Outstanding Claims for the Current Year” was also made available during the year end as per the requirements of CO CRM Department. 11. As per the requirement of CO Personnel Department, AAO Direct Recruitment Result Enquiry option was provided and made accessible through internet. 12. Provision has been made for collecting feedbacks from scholarship awardees under the Golden Jubilee Fund through the website. 13. Integration testing has been completed with City Union Bank (cash counters) for collection of renewal premium, the terms for the same to be finalized by PCMC before it is launched in production. Currently, Integration testing is being done with Axis Bank (ATM collections) for collection of renewal premium. 2.3.2 2– Factor Authentication (Biometric) Project Biometric Authentication – Integration and testing with e-Feap completed. System testing completed. All hardware and Software procured. The System is ready for Pilot to be followed by country-wide rollout - instructions from Personnel Departmentawaited for the implementation phases and timelines.2.3.3E-meeting solution A green Initiative, currently deployed and running on i-Pads for use of Board members thereby eliminating the use of paper for Board Meetings. A Total 20+ meetings of Board and its sub-committees has been successfully completed using the solution 2.3.4 Plans for 2016-17 : IT/BPR Department now aims to shift its status from a mere “IT Service Provider” to “Business Enabler” by proactively aligning its activities accordingly with focus on faster delivery by

engaging in house as well as outsourced resources leading to a smooth and friendly user experience. Our Goals for 2016-17: 1. Award of contract to the selected bidder under the RFP for Portal revamp. Going live with the new Customer Portal and rolling out of the Sales Automation App. Secured System with sufficient provision for preventive action would be designed to avoid misuse of facilities provided to Merchants viz. outstanding invoice remittances, accessing the portal applications through third party applications, etc. Standard procedures & process for reconciliation of merchant collections and for recovering from defaulters would also be designed in consultation with concerned departments. 2. Rollout of the second factor (biometric) authentication solution integrated with the eFeap systems across our offices with the concurrence and guidance of CO Personnel Department. 3. Use of eKYC for NB proposal data capture and existence certificate for pension policies subject to regulatory / legal clearance. 4. Supporting Micro Insurance Department in extending collection of Micro Insurance premium through all existing Premium Points to achieve their targeted growth in collections for year. 2.3.5 Expectations from Zonal/ Divisional Offices : • Make IT/BPR your valued technology partner by maximum usage of the IT Infrastructure and providing requirements, suggestions and feedbacks. • All Zonal / Divisional Offices to continuously monitor the data flow from various Data Centers to ODS so that data at Data Centers and ODS will be in sync and grievances will be reduced. • To assist in increasing adoption of the Portal by field force through user education and sending feedbacks and suggestions to Portal Team. • Ensuring financial discipline of the merchants by ensuring that the collections made by them are remitted within the prescribed time limits to LIC. Information on defaulters provided by Portal Team to be made use of for the purpose of monitoring. 2.4 Corporate Antivirus (CAV)Antivirus or anti-virus software is used to prevent, detect, and remove malware, including butnot limited to computer viruses, computer worm, trojan horses, spyware and adware.2.4.1Infrastructure and ArchitectureDesktop Protection – OSCE (Office Scan Client/Server Edition) at CO and Zones andUpdate Agents at DO. Scanning of desktop files for viruses, worms, spyware etc through OSCEand Data Leak Prevention(DLP) -32000 Windows desktops & laptops • Email & Groupware Protection -SMEX (Scan Mail for Exchange) at CO and ZO. Scanning of email traffic within licindia.com domain for viruses , content etc through SMEX (Scan Mail for Exchange ) • Email Gateway Security -IMSVA–(Interscan Messaging Security Virtual Appliance) at CO – 3 servers with MX entries of domain licindia.com from multiple ISP-Public IP addresses. Scanning of email traffic to and from external domains for virus , phishing, spam, content etc and Data Leak Prevention through IMSVA • Internet Gateway Protection –IWSVA (Interscan Web Security Virtual Appliance ) at CO- Scanning of traffic to and from internet for virus , web reputation and Data Leak Prevention etc through IWSVA

• Mobile Security-TMMS • Management – TMCM (Trend Micro Control Manager) • Services – DCS (Damage Cleanup Services) • Infrastructure- 33 servers and 354 update agent PCs in Divisional offices • Desktops added to domain Active Directory-31096 desktops2.4.2 Activities undertaken in 2016-17 1. Implementation of Mobile Security Server - Trend Micro Mobile security server is installed and We can secure smart phones and tablets on a broad range of platforms including iOS, Android, Blackberry, Windows, and Symbian connecting to LIC network through wi-fi or through Active Sync to the Exchange mailing system. Trend Micro mobile security client application is available on this link http://mobilesec.licindia.in:8080/mobile for download, For Apple iOS, it is available on \"TMMS for Enterprise\" i.e. ENT Security in iTunes App Store. All mobile /tablet users (whether personally owned or organization provided) connecting to LIC network through wi-fi or through Active Sync to the Exchange mailing system would be required to register on the mobile security server which willprovide mobile antivirus and mobile device management. BYOD policy regarding the above is in process of being approved. HTTPS sites Decryption Implemented as a pilot on two Proxy servers and will be implemented on other proxy servers. IWSVA closes the HTTPS security loophole by decrypting and inspecting encrypted content. We shall define policies to decrypt HTTPS traffic from selected Web categories. While decrypted, data is treated the same way as HTTP traffic to which URL filtering and scanning rules can be applied. For better user experience for accessing https sites, IWSVA digital certificate is required to be installed on all browsers which will be distributed to all users to be installed on PCs having internet access. Email encryption- Trend Micro Email Encryption integrates with IMSVA to protect sensitive email content by encrypting inbound and outbound email messages according to specific policies.IMSVA can also scan encrypted messages for threats. By encrypting all email messages leaving a network administrators can prevent sensitive data from being leaked. This feature is implemented for email messages exchanged with swiss-re.com and other mailing domains which accept the encryption handshake. Data leak prevention and Regulatory compliance support - IMSVA provides support for regulatory compliance in data leak prevention policies. Policies configured ON IMSVA as of now in monitoring mode 1. Compliance HIPPA 2. Compliance Source Code 3. Compliance Medical Terms 4. Compliance Credit Card Information.

Data Flow Analysis with data identifiers is being collected from all Depts. What data is to be prevented from leaking –User departments have to provide this information with data identifiers etc. for recognition by DLP module. 2.5 Corporate Messaging (Mail) Solution 2.5.1. Infrastructure and Architecture:Existing infrastructure CO and ZO: 48 servers,17 Storage, At ZO: 3 servers –Mailbox, HUB & CAS, AD and storage.Status of current contract with WiproThe present RFPis extended with M/S Wipro till 14.03.2018 and DELL servers and Storageboxes which were under warranty are now under AMC with Wipro till 14.3.2018.Revamp of present infrastructure, into a centralized infrastructure with additionalfeatures like collaboration, social networking etc. is planned for current yearExchange system is used for sending automated transactional mails to policyholdersand agents by SDC, besides user mails.Statistics for Mail Flow on Corporate Mailing Solution-Exchange ,Email Gateway-IMSVA Automated transactional mails for the day - 31st March (thru licindia.com) 1,22,321 Automated Total automated transactional mails for the 5,42,06,196transactional and year(thru licindia.com) 84,11,742 Bulk mails Bulk promotional mails for the year (thru webmail-Netcore) Number of mails for day March31st -Outgoing 1,60,152 Number of mails for day March31st -Incoming 1,51,130 Outgoing and Total mails processed at Email Gateway for theIncoming mails through Email day 31 st March 3,11,282Gateway (IMSVA) Number of mails for the year -Outgoing 6,52,54620 Number of mails for the year -Incoming 4,96,36,212to/from licindia.com Total Number of mails processed at Emaildomain Gateway for the year 11,48,90,832CMS -Exchange Number of mails processed by Exchange 66,29,36 system for day -31st March 12,73,03560 Number of mails processed by Exchange system during year

2.5.2.Web based bulk Mail Services:Web based mass/bulk mailing services are implemented for better and faster informationsharing and publicity exercises. The present contract with M/S Netcore is extended till 31March 2017. Direct Marketing, CO-CC ,CO-CLIA ,CO-CRM are regular and effective users ofthis service.2.5.3New projects to be implemented during 2016-17A) Corporate Mail Service (CMS):1)Revamp of existing mail infrastructure:Current decentralized mail infrastructure isproposed to be replaced by a new centralized mail infrastructure which will support higher emailflow, create DR for existing zonal mail boxes and enable creation of bigger mail boxes.2) Email Archival:It is proposed to implement email archival.B)Corporate Anti Virus (CAV):1) Implementation of Data Leak prevention (DLP) system:It is proposed to implement DLPin phased manner for protection of LIC's data on Email, Web Gateway and Endpoints. Mailswith sensitive data would be quarantined or blocked if going to unauthorized outsidelicindia.com domains. USB blocking, Print screen blocking would be enabled at endpoints.2) Fine-tuning of IWSVA functionalities i.e. https decryption:It is proposed to fine-tuneIWVSA functionalities for better management of internet access. Trend Micro certificateinstallation is required at Pcs given internet access.3) Laptop Disk Encryption:It is proposed to implement laptop full disk encryption in a phasedmanner for all laptops. Licenses already part of Trend Micro license suite. This will prevent dataloss in the event of laptop being stolen or lost.C)Active Directory:Further policies to be implemented in 2016-17Enforcing complexity of passwordScreen Saver PolicySoftware restriction policyLocking the local admin workgroup user id of PCs in domain with a common master passwordto be in custody of CO-Hardware2.5.4Expectations from Zones1) Ensure that every Windows PC is installed with Corporate Anti-Virus2) Ensure that all Windows PCs are part of Active Directory domain i.e. users logs in to PC withemail id3) Ensure security awareness about password policy and setting complex passwords for emailids

3) Ensure that when https decryption and control of https sites is implemented, PC of internetusers are installed with IWSVA digital certificates for smooth internet access4) Support implementation of blocking use of USB drives on PCs to prevent data leak andensure that USB drives are not used on PCs5) Ensure the smooth implementation of laptop disk encryption on laptops6) Create awareness in division about information security and security policies in general7) Ensure disablement of email ids of exit employees of division by providing data to Zone8) Create awareness about use of official email ids for official purpose only and to not usepersonal email ids (gmail, yahoo etc) for official work & Create awareness about downloadingmails to pst folder on PC2.6SMS Gateway, Corporate Website, Intranet (Jeevan Sanchaar)2.6.1. Achievements of Last Year:1. SMS Gateway:-a. SMS Gateway services are being used to send messages to policy holdersregarding Premium Due, Default, Claim intimation, Premium paid intimation andother alerts generated through eFEAP system.b. SMS Services are being used by C.O. departments, ZO Marketing departmentsand SDMs for sending messages to Agents and Development officers regardingdifferent events, marketing campaigns and competitions held at Zonal & Divisionaloffices.c. All the messages land into Centralized SMS server situated at Mumbai, eitherusing http API services (like premium intimation, batch mode) or SMS Desktopversion (AXIOM) used by CO Departments, ZO Marketing and SDMs. Then thesemessages are escalated to the vendor’s Gateway Server at Noida. The messagesare further handed over to SMSC servers of telecom service providers.d. No. of SMS handled during the current financial year as compared with theprevious financial year is as follows:- Current Year (2015-2016) Last Year (2014-2015)Month No. of SMS Month No. of SMSApr-15 1,23,98,930 Apr-14 21,47,360May-15 1,43,42,815 May-14 30,68,880Jun-15 1,21,82,317 Jun-14 29,27,521Jul-15 2,29,13,838 Jul-14 35,85,279Aug-15 1,21,33,044 Aug-14 45,17,270Sep-15 2,77,87,289 Sep-14 59,20,878Oct-15 2,95,99,367 Oct-14 69,16,013Nov-15 3,46,03,752 Nov-14 91,53,282

Dec-15 6,30,10,104 Dec-14 1,09,25,268Jan-16 3,92,20,012 Jan-15 1,41,29,692Feb-16 3,17,33,731 Feb-15Mar-16 5,86,52,982 Mar-15 96,29,629 35,85,78,181 1,42,70,780 8,71,91,852e. 311% increase in SMS messages handled for the year as compared to last year.f. Automated Bulk upload & processing of SMS in CSV files from eFEAP module was implemented.g. SMS Application (AXIOM) was upgraded to version 3.5 on 15th March, 2016. The current version is benchmarked to handle 200 TPS for DB Picker and 150 TPS for HTTP receiver. (TPS: SMS transactions per second)h. SMS Services are being used to receive information by policy holders regarding Premium Due, Maturity date, Loan amount, etc. by SMS PULL services.i. Policyholder can send request by using LICHELP and ASKLIC keywords to LIC’s Long code 9222492224 or Short code 56767877 and get requisite information.j. Policy holders can send the following text message to 56767877 or 92224 92224 :- \"ASKLIC <space><POLICY NUMBER ><space> PREMIUM / REVIVAL / BONUS / LOAN (ANY ONE)\"2.6.2 Corporate Website:- a. Contract Agreement for Modernization of Corporate Website (www.licindia.in) was signed with M/s. Planet E-Com Solutions on 20/04/2015. b. User Acceptance testing sign-off was given by ED (CC) on 27/11/2015. c. Requisite hardware has been provided in April-2016 for the production site and the website ready for Go-Live2.6.3 Intranet (Jeevan Sanchaar) a. All Central Office Departmental main pages are converted to bi-lingual format available in English & Hindi. b. Marquee module provided for insertion of marquees on main page by respective department users c. Circular module provided as single placeholder for sharing of circulars released by different Central office departments. The provision is provided to respective department user to upload the circular. 2.6.4 .Plans for 2016-2017: 1. Preparation & Release of RFP of SMS Gateway and selection of vendor/s. Revamp of the SMS gateway service to handle time-critical messages and also to ensure prompt delivery of SMS to intended mobile numbers within 60 secs. 2. Go-Live implementation of Corporate Website project. 3. Making Jeevan Sanchaar compliant to guidelines issued by OLI department.2.6.5.Expectations from Divisional Offices: 1. Ensure that All Zonal / Divisional Offices optimise the use of SMS application to send more alerts/test messages to policyholders, agents, development officers, employees, etc.

2. Ensure that Zonal & Divisional intranet websites also comply to the guidelines of OLI department. To maintain a consistent look & feel at all levels.3. Promote & publicize the revamped Corporate Website both amongst the internal users as well as external users.Zone -wise usage of SMS Gateway Services during the year 2015-2016Zonal cz_marketing cz_zmsectl ecz_zmsectl ez_marketing ncz_marketingoprn nz_zmsectl scz_zmsectl sz_zmsectlDepartmentsTotal SMS sent 2 16,729 4,181 195,130 4,994,302 137,465 2 334,031Division-wiseusage of SMS Gateway Services during the year 2015-2016SN Divisions Total SMSes SN Divisions Total SMSes SN Divisions Total SMSes sent sent sent 6,1101 sdm.surat 2,218,463 39 sdm.bardhaman 146,910 77 sdm.warangal 4,193 2,4332 sdm.indore 1,474,695 40 sdm.delhi-do3 144,527 78 sdm.jamshedpur 1,696 1,6003 sdm.nagpur 1,445,797 41 sdm.vellore 139,996 79 sdm.patna2 1,2604 sdm.mumbai-do3 1,096,269 42 sdm.varanasi 138,629 80 sdm.aurangabad 920 4455 sdm.ajmer 1,069,684 43 sdm.pune2 137,437 81 sdm.salem 300 1366 sdm.jabalpur 919,463 44 sdm.vadodara 133,316 82 sdm.gandhinagar 19 107 sdm.amritsar 918,225 45 sdm.rajkot 107,227 83 sdm.kottayam 48 sdm.jalpaiguri 798,614 46 sdm.bangalore-do1 99,684 84 sdm.gwalior 4 29 sdm.jaipur2 796,244 47 sdm.agra 95,982 85 sdm.shimoga 2 110 sdm.shimla 751,738 48 sdm.coimbatore 94,495 86 sdm.belgaum 1 -11 sdm.kolhapur 730,818 49 sdm.howrah 88,829 87 sdm.shahdol - -12 sdm.ludhiana 703,005 50 sdm.bhavnagar 83,928 88 sdm.trivandrum - -13 sdm.guwahati 677,326 51 sdm.delhi-do1 77,577 89 sdm.bareilly - -14 sdm.kozhikode 676,473 52 sdm.asansol 76,191 90 sdm.patna -15 sdm.kolkata-sub 605,011 53 sdm.muzaffarpur 73,301 91 sdm.faizabad16 sdm.amravati 603,075 54 sdm.delhi-do2 72,049 92 sdm.mumbai-do117 sdm.thane 557,542 55 sdm.dharwad 62,464 93 sdm.karimnagar18 sdm.ernakulam 556,544 56 sdm.chennai-do1 56,243 94 sdm.nellore19 sdm.allahabad 542,780 57 sdm.bhubaneswar 55,422 95 sdm.ahmedabad20 sdm.thanjavur 537,538 58 sdm.bilaspur 52,395 96 sdm.aligarh21 sdm.tirunelveli 519,076 59 sdm.lucknow 42,010 97 sdm.bhagalpur22 sdm.raipur 488,624 60 sdm.bongaigaon 37,122 98 sdm.dehradun23 sdm.thrissur 387,197 61 sdm.secunderabad 32,408 99 sdm.gorakhpur24 sdm.kharagpur 362,443 62 sdm.cuttack 31,927 100 sdm.haldwani25 sdm.jorhat 354,485 63 sdm.satna 30,917 101 sdm.jalandhar26 sdm.kolkata-do2 336,104 64 sdm.mysore 29,920 102 sdm.kanpur

27 sdm.kolkata-do1 335,825 65 sdm.berhampur 28,462 103 sdm.mumbai-do2 -28 sdm.jaipur 277,138 66 sdm.hyderabad 28,391 104 sdm.mumbai-do4 -29 sdm.jodhpur 272,787 67 sdm.nashik 27,706 105 sdm.mumbai-sss -30 sdm.chennai-do2 264,881 68 sdm.hazaribagh 26,396 106 sdm.nadiad -31 sdm.silchar 218,231 69 sdm.machilipatnam 22,989 107 sdm.pune1 -32 sdm.bhopal 209,480 70 sdm.goa 19,241 108 sdm.raichur -33 sdm.bikaner 197,833 71 sdm.sambalpur 12,141 109 sdm.rajahmundry -34 sdm.cuddapah 196,015 72 sdm.karnal 11,157 110 sdm.satara -35 sdm.chandigarh 194,935 73 sdm.meerut 10,379 111 sdm.srinagar -36 sdm.madurai 193,322 74 sdm.begusarai -37 sdm.nanded 189,811 75 sdm.bangalore-do2 8,926 112 sdm.udupi -38 sdm.udaipur 158,226 76 sdm.rohtak 7,221 113 sdm.visakhapatnam 6,610HARDWARE SECTION2.7.1 Learnings from last year1) RFP for AMC of Hardware floated to have competitive quotes from the vendors.2) Extension of Hardware Refresh Period by one year thus saved Rs.54 Cr3) Developed MIS Module to know the position of assets in any location at any point of time and made available as a WEB based module4) Procured Digital Signatures for CO and all RMs placing Purchase Orders.as earlier the purchase orders were being placed through mails which is not valid as per IT Act.5) Initiated Cloud Technology – in the first phase proposed for consolidation of servers of all CO Departments to move to Private Cloud Set Up. The data regarding the applications being used by CO departments are called for POC. The draft RFP is being prepared.6) Asset Schedule submitted through e-Feap.7) Implementation of Hardware Website in Hindi.8) All Payments to vendors through NEFT9) User Guide uploaded on site about enabling Hindi Typing in Linux PC.10) POC conducted for evaluation of performance of assets and in the process of purchase of Utility Tool for better asset management.2.7.2 Objectives for Current Financial Year • All India Hardware RFP – Assessing the hardware requirements of all Offices; Study the latest roadmap in technology and finalize the technical specifications of hardware; Finalize the RFP and complete all related activities by 30/9/2016; • Switch over to Cloud Technology in a phased manner with the study of latest technology in the market and cost effectiveness.

NETWORK SECTION2.8.1 Learning’s/Achievements from the last Financial Year 2015-16: 1) Network Architecture Revamp- The present Network Architecture was finalized in the year 2009 in anticipation of e-FEAP and different types of links were procured as per feasibility and commercials provided by our network service provider, i.e. BSNL. Now more types of technologies are available with cheaper commercials. Following major changes in network architecture have been done : i) Migration of Links at SOs from Leased Links to MPLS Links. Earlier, all Satellite Offices were connected through leased (Point to Point) links to its Parent Branch Offices. The Connectivity of SO’s was dependent on the PBO’S. In case of link failure at PBO the SO used to get isolated. By providing MPLS links, SOs are now independent of its parent BOs as SO can directly connect with Data Centre. Out of 1239 SOs for which Advice Notes are issued by BSNL, 978 SOs have been migrated to MPLS ii) Migration of backup links at all locations to VPNoBB(Virtual Private Network over Broad Band) The ISDN technology was no longer supported by BSNL and had ceased to be an effective backup link. All ISDN links are being surrendered and being provided with a much more reliable and effective backup link – VPNoBB. About 1300 VPNoBB links have been commissioned. iii) Up gradation of MPLS links at ZOs and DOs. All eight Zonal Offices have been provided with 100 Mbps MPLS links by upgrading the same from 8 Mbps to 100 Mbps. Also, all DO MPLS links have been upgraded to 45 Mbps from 2 Mbps. This will facilitate enhanced network performance including Video Conferencing experience.2.8.2 Rollout of New Technologies- During the FY 2015-16, following new technologies havebeen rolled out – Wireless LAN: Wireless LAN (WLAN) has been implemented at Central Office, five zonal Offices, Divisional Offices (limited), six ZTCs and MDC. All the officers in the Cadre of ADM and above can make use of Wireless LAN using their Laptops, I Pads, and Mobile Phones. IPSec (encryption at network level) implementation: Network level encryption called IPSec has been rolled out in two zones on pilot basis. Encryption being done at network level; IPSec will facilitate security of data apart from compliance to requirements under IS Audit. Rollout of Prime Tool: Prime tool has been installed for centralized management of all network devices.

2.8.3 Network Reach- Network connectivity to all locations (3405 locations in all) of the Corporation has been provided by using following technologies. Efforts have been made to harness Wireless technology for WAN connectivity. i) Leased links ii) MPLS links iii) VPNoBB links iv) VSAT links v) WiMAX links (The links are procured on the basis of feasibility and commercials)2.8.4 Network Management- Today all applications run using the network connectivity, as such Network has become critical for all business operations of LIC. The entire network management is coordinated using the following tools- i) Network Dashboard- Network Dashboard has been developed in- house. The dashboard shows the live status of all India LIC’s Network ii) Network Devices-There are 11,825 network equipments (Routers, switches) and around 31,000 component (cards, modems owned by LIC) as well as around 5000 equipments installed by BSNL. iii) HP NNM (Network Node Manager) Tool works as automated trouble detector on 24 x 7 bases. iv) HP SM (Service Manager) – The tool performs the functions of automated call-logging, alerting, escalation and tracking of the network related calls logged on the tool. v) Fluke tool (Network traffic analyzer) – This tool analyzes the traffic flowing over the network and helps to generate various reports such as bandwidth utilization, user/IP-based traffic flow etc. Outputs of this tool are used in traffic segregation and design of policies for the network for prioritization of business-critical applications. Objectives for current Financial Year: 1) Provide better Network uptime for offices and optimum network performance for the users. 2) Provide secured network connectivity to all users (LAN) and offices of the Corporation (WAN). 3) Align network to meet the core/business application requirements. 4) Explore procurement of WAN links from alternate service providers from the point of view of BCP. 5) Create a strong and robust gateway security setup to meet the security threats.2.8.5 Strategies and directions to be adopted for current year (2016-17):1) Rollout of IP sec, the network level encryption at all tiers i.e. SOs, BOs, DOs as well as ZOs and CO in all Zones.2) Rollout and stabilization of WLAN at remaining locations.

3) Migration of 512Kbps MPLS links (SOs) under Managed Network Services to 2Mbps MPLS (Silver). 4) Up gradation of existing Cisco Unified Call Manager (CUCM) from existing 7.x version to the latest updated CUCM 10.x 5) Revamp of Network Delivery, Installation and Payment Module in tune with the new network RFP’s terms and conditions and complete automated process of payments of links and based on feedback from users. 6) RFP for alternate means of WAN (backup link) connectivity, including an option of alternate service-provider. 7) RFP for procurement of new Internet Leased Link with enhanced bandwidth and DDoS to meet the requirements of portal ,proxy and mail services 8) RFP for new firewall setup. 9) RFP for consultancy on security.2.8.6 Expectations from zones:To ensure the following through IT personnel – Monitor Network and HPSM tool on regular basis. Monitor the progress of ongoing projects (IPSec, Wireless LAN etc.) Commissioning of MPLS and VPNoBB links (If pending) Regular meetings with network vendor. Constant Liaison with BSNL/MTNL. Create a culture of Information Security Alertness among employees through training sessions. 2.9 Integrated Complaint Management System (ICMS)2.9.1 Learnings from Last Year/Current Status ICMS, developed in house with open source resources, is live since 2010-2011 in compliance with and integrated with IRDA’s Integrated Grievance Management System. The customer is kept informed through automated mails and SMS at all stages of the complaint life cycle. There exist elaborate MIS reports and dashboards for monitoring by the controlling offices, as well as respective higher offices. Some regulatory reports are also provided

through the system. Continuous improvements based on the feedback from the user offices id done. More than 65000 complaints in FY 2015-2016 were resolved through ICMS. Provision of Query/Complaint initiation through SMS using keyword “LICHELP”. The system automatically forwards these to respective customer zones who in turn call back the customer to resolve queries/complaints. More than 58000 SMSs were received in FY 2015-16. Introduction of LICHELP also saw reduction in customer complaints.2.9.2 Objectives for Current Year Minimization of sync errors with IRDA. Maintenance of near zero downtime for the system. Addition of provision for customer feedback on resolved complaint. MIS Generation tuning to make them faster. Changes to mitigate security risks as pointed in Security assessment.2.9.3 Strategies & Directions for Current Year All ICMS users should ensure that they enter meaningful full sentence remarks in the system. They should take care not to cut and paste from format-rich documents which cause insertion of special characters which become part of communication with customers and cause sync errors with IRDA. 3. Cash Deposit Machine (CDM) Project3.1 Objectives for Current Year Finalizing Draft and publishing of RFP. Implementation of the CDM Project. 4. Information Security Management System4.1 Learning’s from Last Year/Current Status 1) Active testing and assessments of LIC critical systems and data is the way to identify security holes and configuration issues, while maintaining system integrity and flexibility.

2) Safeguarding information by ensuring confidentiality, integrity, and availability of this information within an environment of increasingly sophisticated security threats requires a strong, enterprise-wide information security program. 3) Security assessments shall include the operations, processes and technologies associated with defending against interruption, interception, modification, and fabrication to the network, information systems and information operations.Objectives for Current Year 1) Initiated for ISO 27001 certification for Vile-Parle Data Center 2) Vulnerability Management of servers, desktops, databases, web and application servers, application security, and secure code review 3) Penetration Testing of 25 public IP addresses 4) Review of secure network architecture 5) Implementation of Business continuity management system for 13 CO Departments 6) Implementation of Data flow analysis 7) Review of Policies and procedures 8) Information Security review of IT department of one zonal office, IT departments of one Divisional office, one branch with one SO under 3 different Zones in the following domains: i. Physical access and Environmental controls ii. Antivirus (AV) Measures iii. Configuration management iv. software license v. Backup Procedure vi. Review of IT Infrastructure operations - Hardware, IT Asset Management, logging and monitoring vii. User id / password management and Logical access controls viii. Call logging, Support, Problem escalation, resolution and incident management ix. Network Administration4.2 Strategies & Directions for Current Year 1) To comply to various findings detected during Information Security review by the respective stakeholders 2) Emphasis on user awareness training