Associate Consultant – Lead Quality Auditor
TATA Consultancy Services
Total years of experience :13 years, 7 Months
Designation: Associate Consultant - Lead Quality Auditor Tenure: October 2022 - Present Client: French Pharma Company
• Lead Auditor for Life Sciences Industry where performing quality audits based on regulatory requirements of pharma industry for computerized systems.
• Executing third party quality audits for client basis GxP requirement such as quality management system (QMS) to review the areas of Org. chart, quality process, training management, documentation management, internal audits, corrective action and preventive action (CAPA) and supplier management.
• Review third part service providers' software development life cycle (SDLC) process where deep dive into the planning, user & functional requirement, development practices, testing including validation and verification of USR/FRS, bug management, and release management.
• Review customer support processes such as Incident and Problem management, Change Management, Backup/restoration and BCP-DR process for cloud as well on-prem solutions.
• Review information security aspects such as security controls, data privacy, access management, physical and logical controls, data center controls.
Client: French Oil & Gas Company
● Executing advisory, consulting engagements around regulatory risk & compliances such as SOX ITGC, ITAC, Data Privacy etc.
● Execute information security assessment, business continuity assessment, risk assessments pertaining to clients IT environment.
● Single point of contact to support the engagement level corporate and client audits.
● Document policies and procedures, meeting the regulatory compliance and risk management requirements.
● Monitoring of IT infrastructure alerts pertaining to daily and weekly health check reports and publishing the daily, weekly and monthly dashboard to client and HCL management.
● Performing risk assessment and maintaining the risk register in Archer tool.
Client: Telecom Company
● Act as single point of contact for initiating and reporting the pre-audit compliance to the management.
● Act as the point of contact for all the IT Audit, ensure timely data availability for all audits, facilitates alignment and availability of all auditees required for audit.
● Lead and facilitate the Management responses to the Observations/control deficiencies identified and track the closure.
● End to end tracking of all IT observations for timely closure and submission of closure evidences.
Client: Leading US Bank
● Executed Information technology application controls (ITAC) assignments, includes effectiveness testing for interfaces (for completeness and accuracy), validation, configuration, authorization and edit checks.
● Executed IT general controls (ITGC) testing in the areas of Program change management, SOD (Segregation of Duties), User access management (logical and physical access), Computer operations and Policy review.
● Performing SOX testing, maintain SOX test plans and revise it for effective control testing as per COBIT framework.
● Responsible to lead walkthrough meetings with COSO onshore team to test the effectiveness of ITAC controls.
● Responsible for the coordination of IT control assurance reviews, interacts with external auditors and internal delivery personnel to ensure timely and accurate delivery of audit evidence/control testing.
Client: State Government
● Third party auditor for state govt. projects related to state level IT initiatives.
● Executed review for Data center and e-Procurement portal for state government along with SLA audit on a monthly basis.
● IT Infrastructure reviews, review of the operational and security controls implemented for Access Management, Backup & Restoration, Physical and Environmental Security procedures, Inventory and Asset Management review.
● Security and compliance audit which includes policy and procedure effectiveness testing and reviewing processes as per defined in ITIL and ISO 27001.
● Responsible for drafting and reviewing the audit reports for monthly and quarterly audits afterwards release the draft and final audit reports to client.
● Responsible for end-to-end Audit delivery and payment.
● Responsible for the coordination of creating pre-bid queries against the RFP released for any new projects.
Designation: Consultant Tenure: August 2016 - April 2017 Client: Retail Client, Nordic Region
• Executed IT general controls (ITGC) testing in the areas of Program change management, SOD (Segregation of Duties), User access management (logical and physical access), Computer operations and Policy review.
• Experience with IT Controls testing/auditing for Service Organization Controls Reporting (SOC2 -
Type 1 and 2 reports).
• Performing SOX testing, maintain SOX test plans and revise it for effective control testing as per COBIT framework.
• Review audit evidence when received to verify accuracy and completeness and provide a status report to audit lead, IT controls lead, and external auditor field lead with status of evidences obtained.
Designation: Software Engineer (roles: Site Incharge, IT Auditor & SQL Developer) Tenure: October 2010 - August 2016 Client: Domestic Manufacturing Companies
• Managed IT operations and compliance for the client.
• Closely worked with one of the client's CFO to assess the IT risk and prepare for the security and compliance audit.
Vijay Pandey IT Audit GRC CISA
• Supporting internal audit and quality team for the adherence of Change Management, Incident Management and SLA monitoring for the client.
• Performed Audit on Helpdesk tickets mainly for Incidents and Service Requests (SR).
• 02+ Years of relevant experience as Oracle Apps Technical Consultant, hands-on experience on PLSQL and SQL.