Shadab Pattekari

• Performed IT general controls testing related to logical access • Performing review and testing IT controls such as Logical Access, incident management, change management, segregation of duties. • Performed internal audit for Access reviews for highly privileged user accounts (HPA) and Non-highly privileged user accounts (non-HPA) for applications. • Reviewing the systems for IT general controls, risk and compliance with policies and regulations. • Maintain transparent communication channels with all relevant stakeholders and promptly respond to requests from stakeholders in relation to risk management actions, tasks, and quality of outputs. • Coordinated with external auditors and documented process reviews. • Review the progress and any findings and work with different teams to manage remediation of control gaps from the assessments and audits. • Advises Senior Management on risk issues that are related to information security and recommends actions in support of the organization's wider Risk Management Program. • Monitors information security trends and evolving technologies as well as keeps Senior Management informed about related information security issues and implications for the organization. • Establish and maintain an information security strategy in alignment with organizational goals and objectives to guide the establishment and ongoing management of the information security program

• Escalate any issues in a timely manner to your Team Lead or Subject Matter expert. • Evaluated the effectiveness of information security policies, procedures, and controls • Interviewed business owners to understand needs and explain audit scope. • Followed established auditing processes to meet internal and regulatory requirements. • Performing review and testing IT controls such as Logical Access, incident management, change management, segregation of duties. • Assist in developing scope, performing testing and developing findings under the direction of Internal Audit management • Develop detailed work papers to provide sufficient evidence of work completed in the execution of the audit program including testing and analyzing results.

• Followed established auditing processes to meet internal and regulatory requirements. • Successfully implemented ISO 27001 information security management system (ISMS) for the client • Maintain transparent communication channels with all relevant stakeholders and promptly respond to requests from stakeholders in relation to risk management actions, tasks, and quality of outputs. • Assist in Influencing stakeholders and related affiliates to implement necessary process modifications to meet regulatory needs. • Coordinated with external auditors and documented process reviews. • Performing review and testing ITGC controls such as Logical Access, incident management, change management, segregation of duties. • Develop detailed work papers to provide sufficient evidence of work completed in the execution of the audit program including testing and analyzing results. • Execute risk assessments on processes or specific issues and define risks with proposed mitigation actions. • Reviewing BCP/DR Policies and procedure. • Publish and present timely and quality audit reports. • Provide assistance or prepared Vendor review checklist covering the entire Lifecycle of the Vendors starting from planning till termination. • Identification of gaps/observations, risks, opportunities and improvement of policies, processes, procedures, and standards. • Performing regulatory mandated Cyber Security and System audits mandated by SEBI and RBI. • Direct and educate junior team members on implementation and auditing techniques. • Assist in assessing risks associated with current processes and systems and work with management to identify/implement controls to address identified risks. • Perform assessment and controls testing to evaluate the design and operation of global IT and security controls like ITGC’s / IT Application Controls to determine the effectiveness of controls, identify gaps and implement the plan of action to remediate gaps.