IT Auditor
PricewaterhouseCoopers
Total years of experience :14 years, 0 Months
Largest Express Delivery, Courier & Shipping Services Company, India - Third Party Information Security Review
Project Scope:
•Identification of key business processes and supporting IT applications of the infrastructure
•Domains included in scope of work are: Physical & Environmental Security, Risk Assessment & Mitigation, Regulatory Compliance, Human Resources Security, Code of Conduct, Protection and Privacy of Information, Access Controls, Change Management, Incident Management, Asset Management, Network Configuration & Management, Systems Monitoring and Logging, Business Continuity, Media Handling, Security in Software Development.
•Identification of applicable domains according to the business operations
•Identification of compliance level through interviews, validating sample data and visual inspection
•Performed third party review in different vendor locations which include Mumbai, Bangalore, Hyderabad, Chennai and Kolkata
Largest Conglomerate in India, Gurgaon - Formulation of IT & IS policy and processes
Project Scope:
•Formulation of corporate IT & IS policy which can be applicable to all the group companies
•Policy document to include individual policies for different applicable areas which includes Asset Management Policy, Human Resources Security Policy, Physical & Environmental Security Policy, Operations Management, Access Control Policy, IT Service Continuity Policy, Information Systems Acquisition, Development & Maintenance Policy and Email Security Policy
•Formulation of IT Organization Structure which will be applicable for all group companies
•Formulation of different IT processes
Largest Bank in Switzerland, Hyderabad (Secondment) - ODC Governance Management
Project Scope:
•ODC Governance of different ODC’s across the globe
•Preparing quarterly dashboard health check report for multiple outsourced vendors of the client
•Coordinating with multiple stakeholders across the globe to ensure report is generated on time
•Constantly identifying ways to improve the existing process
•Ensuring all the vendors are compliant with client’s Information Security guidelines
Telecom Giant, KUWAIT - Network Operations & Maintenance Audit
Project Scope:
•Review of policies & procedures for network operations
•Review of network operations reporting, SLA monitoring, KPI monitoring
•Review of network alarm management process including visit to NOC center, reconciliation of alarms with outage & incident reports
•Review of network preventive & corrective maintenance which included review of maintenance schedule, identifying gaps in process effectiveness
•Review of network monitoring & security to identify gaps in physical security of cell sites
•Review of inventory of spares for network to ensure adequate inventory is available in warehouse at all times & to check for compliance of contract with the warehouse inventory
•Review of accounting of network maintenance expenses to ensure all payments made to different vendors are in accordance with the work done & penalties are charged for SLA deviations.
Food & Beverages Leader, Gurgaon- IT Risk Assessment
Project Scope:
•Review of internal IT general controls by conducting process walkthroughs and gathering evidences for the execution of test scripts
•Modification of process workflow in MS Visio to meet the global guidelines of the company
•Creation/modification of test scripts to align them with global company guidelines
•Risk assessment of complete IT landscape of the company with respect to their applications & various processes which includes incident management, change management, problem management, disaster recovery, backup & recovery, system security and many more
Application development and support
Application development and support