Senior Consultant - Business Consulting Risk
Ernst and Young LLP
Total years of experience :3 years, 7 Months
• Led the Technology Risk team performing ISAE 3000 and SSAE 18 audits for a major client in the Information Technology industry as a Project Manager.
• Managed the overall project and ensured timely delivery of the reports.
• Performed System and Organization Controls (SOC) audits and Readiness Assessments for clients across multiple geographies and industries such as Information Technology, Financial Services, Loyalty Management, Debt Management, Printing, Artificial Intelligence, RPA etc.
1. SOC 1/ ISAE 3402 for key business processes that impact the financial statements.
2. SOC 2 / ISAE 3000 for assessing the impact on Security, Confidentiality, Availability, Processing Integrity, and Privacy.
3. SOC 2+ for key business processes covering GDPR and CSA.
• Performed reviews of information systems design and implementation, identified gaps and helped frame controls to mitigate the risks.
• Tested the Information Technology General Controls (ITGC/ GITC) over applications, network and infrastructure.
• Led and mentored team members to enhance professional development and also ensured delivery of objectives outlined in the Project Charter with various clients.
• Tested ITGC and Application controls for SOX and other Statutory Audits for clients across various industries like Healthcare, Banks, MSMEs, Chemical Manufacturers, etc.
• Performed SOC 1, SOC 2, and SEBI Audits for clients in the Mutual Fund Transfer industry.
• Assisted the team in performing VAPT, Cyber Security Audit and ITAC Audit for clients across various industries like Information Technology, Financial Intermediation, Healthcare, Banks, MSMEs, Chemical Manufacturers, etc.
• Handled key clients and assisted the team in ensuring quality and timely deliverables.
1. Dissertation on Application of ISO 27001 in AI Based Systems • Explored various Risk Management Techniques, Risk Management Frameworks, Existing and Draft Statutes, and Standards specific to Artificial Intelligence for the purpose of regulating the AI-based systems. • Also, mapped the control domains of ISO 27001: 2013 to AI-based systems and discussed on the possible setting of accountability 2. Published a paper on 'Vocaloid and Intellectual Property Rights (IPR) Issues in Indian Law Review in Nov 2021 3. Placement Coordinator for the MCLIS 2018 - 2020 Batch.
1. Published a paper on 'Audio Transmission Using Li-Fi' in International Journal of Advanced Research, Ideas and Innovations in Technology in May 2018 2. Associate Coordinator of the Parivendhar Tamil Student Community for the Faculty of Engineering and Technology, SRM University, Ramapuram Campus