Ishita Kundu

• Consultant responsible to set plan for complete review of Information Security Regulation control implementation for major clients for ISO 27001:2013 / PCI DSS / GDPR

• Consultant required reviewing & assessing all departments’ adaptation of applicable Information Security Regulation on it, and ensuring completeness of the implementation
• Consultant to identify any GAP within each department and ensure compliance

• Consultant required to ensure enhance the effectiveness within each department after the risk assessment

• Consultant to submit complete audit report per the assessment / audit on wasl and Dubai Golf implementation status with recommendation to mitigate any GAP
• Consultant responsible to ensure client readiness for the official Government audit DESC.

• Assist the department in implementing the regulatory controls

• Evaluation of the security tools and provide report to the management

• Development of the awareness plan and providing awareness across the organization

• Provide SME support in Incident Management, Change Management and other security related events and exceptions

Information Security, Risk & Compliance

• Working for the implementation of the ISO 27001:2013 / PCI DSS / GDPR for major clients

• Performing internal Audits for major clients before the third party risk assessment

• Information and Security Awareness programme for external clients

• Vulnerability assessment which involve scanning of the network, detecting its risks or vulnerabilities and thereby mitigating the same through various systematic procedures.

• SOC assessment for major banks

• Secure configuration management support for major clients

Information Security, Risk & Compliance
● Ensuring the ISO 27001 controls / clauses are correctly implemented and
complied with by conducting a thorough internal audit every year prior to
external Re-Certification and CAV audits
● SSAE16 (focusing specifically on Management of SLA, Change Request, Data &
Security) clauses are correctly implemented and complied with by conducting a
thorough internal audit every year prior to external Re-Certification
● Assisting leads in information security policies, procedures review - updated &
approved at least annually
● Performing asset valuation for all information, software and hardware assets
● Conducting asset based risk assessments and risk treatment plans and
implementation of ISMS across functions
● Mapping information security controls and compliance requirements for client
projects & reviewing and gathering information security requirements from client
contract agreements, Statement of Work, Master Service Agreements
● Conducting Contract Compliance internal assessments on delivery projects to :
o Measure current project compliance to contractual requirements as per
CC tracker
o Determine whether controls over contract compliance provide with
reasonable assurance to the management
o Provide input in to the effectiveness of the Project Contract Compliance
Management
PMO
● Maintains information security Database
● Reporting of project health on weekly and monthly basis to quality assurance
team
Business Continuity Management
1. Coordinating the BCP integrated facility level simulation exercises
2. Providing SME support to projects for BCP implementation
Event Management
1. Planning and organizing logistics for external audits
2. Executing and planning meetings and conferences with senior management
3. Coordinating with the Leadership Team/ HR Team & various delivery units for
planning and execution of external audit
4. Performing responsibilities like maintaining Accenture policies and procedures
during client visits and external audit
5. Managing all external audits for Kolkata delivery center of Accenture single
handedly.