Senior - IT Risk Consultant
Ernst & Young Dubai
Total des années d'expérience :10 years, 10 Mois
Assisting the onshore partner for SOX ICFR - project (IT and Business)
Post Implementation Review (PIR)
AWS Audit, Cloud risk assessment
GAP Assessment
GDPR Implementation
Building the Risk & Control Matrix for CSA Star Audit
NIST Assessment
PAAS gap assessment
SOC 1 and SOC 2 (Type I and Type II) Assessment and Audits, SSAE18
HIPPA Audit and Compliance.
PCI Audit and Compliance
Performing the Fraud Corrupt Practices Act audit (FCPA).
Assisting the onshore partner for SOX ICFR - project (IT and Business)
Post Implementation Review (PIR)
AWS Audit, Cloud risk assessment
GAP Assessment
GDPR Implementation
Building the Risk & Control Matrix for CSA Star Audit
NIST Assessment
PAAS gap assessment
SOC 1 and SOC 2 (Type I and Type II) Assessment and Audits, SSAE18
HIPPA Audit and Compliance.
PCI Audit and Compliance
Performing the Fraud Corrupt Practices Act audit (FCPA).
Part of Internal Audit and Advisory Service (IAAS) Team.
Performing Internal Audit ICFR - SOX, SOC - SSAE 16 and MAR.
Ensuring organization is compliant to ISO 27001:2013
Conducting test of Design and Implementation and operative effectiveness of controls
Leading walkthrough with other stakeholders for conducting ToD(Type I) & ToE(Type II).
Implemented the India Companies Act 2015 project.
Building the Risk & Control Matrix and Framework for UHG entities
Manage Regulatory and Compliance to reduce risk and manage audit findings
Initiate remediation actions to resolve deficiencies pointed out as part of audit fieldwork.
Validate the Action Plan for the audit findings
Working on eGRC tool for Audit and Compliance Management.
Delivering the SOX, SOC and MAR deliverable
Gap Analysis within the process and remediation.
Working with American Express Technologies, Risk Management, Compliance and SOX Audit teams that
Leads the periodic SOX Audit Checks/Reviews, IT Control Tests and periodic User Entitlement/Access reviews.
Responsible for ensuring that Company’s information assets are adequately protected against unauthorized access. Provide feedback to Business Units on incomplete or inappropriate segregation of duties as per Information Protection guidelines.
Periodic cleanups based on the weekly/monthly or quarterly reports received from Information Integrity.
Ensure adherence to Sarbanes Oxley (SOX) guidelines in order to mitigate risks of any SOX Failure(s) related to Quarterly SOX Testing and LAAP - Leader Access Approval Process guidelines.
UAC - User Access Certification
UTC - User Termination Certification
Ensure User Access Certification is completed periodically for the administered applications in accordance with American Express standards.
Assist interim projects related to application clean up on the administered applications in alignment with the SOX, financial policies and organizational IT security standards.
Ensure PRSA audit is successfully completed by collecting and providing necessary evidence as a part of Audit support for the administered applications in accordance with American Express audit guidelines.
M.Sc IT
B.Sc IT
(Regular). -
(Regular). -