IT Auditor
Accenture - India
Total years of experience :15 years, 8 Months
1. Currently managing a team size of 22 FTEs to deliver IT Audit service for a large US based banking client. 2. Handled IT Audit service for a large US based Insurance client. 3. The IT Audit scope covered IT Application controls, ITGC controls, IT Automated controls (ITAC), Cyber security controls, IT Operations controls, Business continuity and Disaster Recovery, Cloud Security, DevSecOps and Third party risk related controls 4. Performing audit activities which involves coordinating with business auditors, understand the business process & IT process flow through walk throughs, creating the process and data flow diagram, defining the audit scope, preparing IT audit plan, conducting IT risk assessment, identify the IT controls, defining the test steps, conduct test of design (TOD) and test of operating effectiveness (TOE), prepare the audit report and verify closure of the findings. 5. Provide control consulting services to the client in identifying opportunities for process automation and redesigning the controls that will enhance the efficiencies and effectiveness of the controls environment. 6. Acting as a key contact point for the client and appraised the audit progress and issues to the management 7. Performing other activities including conducting and also facilitating the knowledge sharing sessions within the team and conducting interviews for junior resources
1. Conducted internal IT Audits for all the sections within the IT dept. covering Application Development and Maintenance, Change
management, IT security unit, IT service continuity unit, Network operations unit, user support services and IT operations unit
which includes Data Center operations, System Administration, Database Administration, Password management and Virtualized
environments 2. Performed continuous monitoring audits for various key strategic devops projects like Core Banking, Automated Cheque clearance, E-Gov payment system, CBK Website, GCC RTGS, etc., 3. Managed the project to implement Kuwait National IT Governance framework (Regulatory Framework defined by Kuwait central
agency for IT based on CoBit, Nist, ISO 27001, PCI-DSS and CIS Controls) by conducting process maturity Gap assessment against
the framework, developed IT process documentation to address the identified gaps, performed periodic internal audits and
monitored the compliance. 4. Coordinated and participated in the annual Risk Assessments performed by the vendor and enhanced the IT controls framework. 5. Performed third party risk assessment for all the IT vendors of the bank
6. Managed ISO 9001 and ISO 27001 certification project for the IT department
1. Managed a work stream of large process transformation project for a leading banking client in middle east by defining ISMS
Strategy, ISMS processes for their IT Sector inline with ISO 27001 requirements. 2. Developed and managed QA and ISMS processes for a large program in UK for a Banking sector client which involves infrastructure
setup, application enhancements & development and Data migration. 3. Performed Quality manager role in a large program for UK Government sector client. 4. Managed 3 service transition projects. 5. Performed QA audits for 2 large telecom clients