JINESH KUMAR K

• Designed and performed IT general controls testing for Sarbanes-Oxley 404 compliance • Developed and recorded development lifecycles for every individual transition project and projecting the improvement to onshore project Managers • Coordinating with Application owners and Developers and transitioning the compliance controls • Preparing SOPs for newly transitioned controls and ensuring the signoff in timely manner. • Perform internal system audits and risk assessments of in scope Sarbanes Oxley (SOX) applications • Identification of key risks by executing Information Technology General Controls (ITGC), performing process gap analysis. • Steering walkthroughs, risk assessment and documenting the procedures • Understanding the business processes of the application to analyze the job scheduling and job monitoring controls. • Ensure ongoing internal controls certification by designing adequate management testing procedures and working with application owners to remediate deficiencies • Determine effectiveness of internal controls in accordance with Sarbanes-Oxley (SOX) regulations and company policies and procedures. • Communicate audit results and prepare written documentation/reports as it relates to SOX disclosing all deficiencies to senior management. • Carrying out Security, Maintenance and operations Controls as part of Information security audits and integrated 404 SOX audits • Carrying out User Access Management (UAM) and Segregation of Duties (SOD) reviews • Execute Controls and report on quarterly SOX testing • Ensure the accurate and efficient input of quarterly results into SOX tool. • Work directly with Control and Process Owners to ensure understanding and knowledge of SOX process and procedures. • Testing SOX Controls in collaboration with Ernst & Young based on SOX 404 Act. • Research internal control issues and collaborate with the business on appropriate remediation • Assist with developing training materials for Control Owners and Process Owners. • Monitor Internal Audit corrective action plans and Monitor implementation of related SOX control • Coordination/communication with Internal Audit Testers for both business and application access controls. • SOX testing (planning stages) - control activity walkthroughs in process; formal documentation to be submitted to SOX PMO

• Managing of SOX in scope controls for client. Work with the operations team to identify any changes to the controls scope • Make sure the SOX controls are executed per the defined SOX calendar. • Work with the control owners in identifying the remediation plan. Review and monitor the remediation plan is implemented as per the agreed timelines. Ensure that SOX in scope processes defined by client organization are followed and implemented. • Planning & conducting information Security audit using best practice audit guidelines in compliance with ISO 27001 standards. • Performing all stages of the audit including, planning preparing the audit program, fieldwork executing, reporting and follow up. Conducted walkthrough, formulated test plans, documented gaps, tested the results and exceptions. Document and communicate the audit findings to management and stakeholders. • Conduct the security gap assessment of a custom agent portal based on NIST/ISMS framework. • Audits –Handling the audit evidence request from internal auditors, external auditor (EY/PWC/KPMG) by coordinating with different team& review evidence • Worked on end to end transition from client Information Risk Management. Managing risk for overall in-scope ITG control for Change Management, Incident Management. • Worked on periodic controls for User Access Management, database controls and application controls and managing SLA’s. • Preparation of Audit checklist for internal control testing. • Performed security compliance and control testing for the organization. Ensured organization’s subsidiaries adhere with centralized IT security policy and controls