IS Auditor
IndusInd Bank Ltd
Total years of experience :14 years, 0 months
Review of Application Controls for critical applications of the bank.
Review of various Processes within the bank.
Discussing gaps with the respective stake holders and in turn reporting to Audit Committee Board of the bank.
Conducting ITGC Audits for various clients which includes review of following Processes -
Compliance to Information Security policy
Backup Procedures
Change and Incident Management
Physical and Logical Access Controls
Data Centre Security
Patch Management Process
Disaster Recovery Planning
Email Security
Facility Management System
Application Controls
Got the client ISO 27001:2005 recertified.
ISO 27001:2005: Perform periodic reviews and re-assessments of policies and procedures.
Performed the Desktop Audit to keep them compliant with ISO 27001:2005.
Performed Asset identification and risk analysis for individual assets.
Follow up on incidents and maintenance of Incident Database.
Implementation of Corrective and Preventive actions.
Several Awareness training for users on ISO 27001 and Information Security.
Security policy compliance audit.
SOP adherence audit.
Follow up of incidence and maintenance of Incidence Database.
Implementation of corrective and preventive actions.
Delivery of Information Security awareness trainings.
Procedures and forms review.
Monthly user access review.
Handling and follow up action on Security risks treatment.
Handholding during ISO 27001, ITGC, Third Party, internal and external audits
ACADEMIA • 2005 - 2009 -Bachelor of Engineering in Information Technology. Graduated with First Class. St. Francis Institute of Technology, Mumbai.
* 2003-2005 - Higher Secondary Certification (H.S.C) Mithibai College of Science, Mumbai.
* 2003 - Secondary School Certification Children's Academy, Mumbai. COMPETENCIES OVERVIEW