Karishma Agrawal

Responsible for identifying, evaluating vulnerabilities & IT risks in the existing heterogeneous environment ❖ IT Service continuity management of the IT Infrastructure. Consulting user access management and security governance ❖ Managed and configured firewall, intrusion detection system within the company as a prevention and detection measure ❖ Effectively developed user privacy and maintained security policies for firewall (Cisco, Fortinet, SonicWall) ❖ Managed effective authentication and access control system by use of UTM features & application control for clients which helped the organization to achieve the adequate security of their assets and resources ❖ Successfully implemented & monitored the IPsec & SSL-VPN client portals and compliance with the security rules and best practices

Independently conducted various complex engagements on IT general controls and Business automated controls process reviews for financially critical applications and information systems (ERP: SAP, Oracle, Navision, Orion, JD Edwards, PeopleSoft) ❖ Review of IT landscape and end to end business process controls related to Purchase and Sales operations, Inventory management, HR, supply chain, payroll, data analytics and interpretation relating to various reports ❖ Reviews for controls pertaining to logical access, data backup & restoration, incident & problem management, operating system, database, network & operations, disaster recovery, BCP, physical access security and environmental security controls ❖ Performing IT Risk Consulting & Auditing, reporting the gaps and recommendations to the stakeholders as part of Statutory IT Audits (FAIT), Sarbanes Oxley (SOX) 404, and Internal Financial Control (IFC) audits for multiple clients across industries ❖ Identifying and executing managed service engagement for large global clients to provide their technology function with a ‘First Line of Defense’ control testing capability for Sarbanes Oxley controls. ITGC SOX engagement which included review of IT process controls for a leading Electrical & Tire manufacturing company with operations in India, Japan, Europe, USA, Israel. Responsible for designing, evaluating adequacy and effectiveness of controls, testing internal controls and suggesting recommendations to remediate deficient controls ❖ Information security review and pre-certification audit based on standards for leading infrastructure & large pharmaceutical company ❖ Due diligence and risk assessment to identify gaps in the existing technology landscape as well as applications ❖ Analyzed system design, current operating practices and assessed compliance with financial reporting using a ‘risk-based’ approach ❖ As part of lead role, demonstrated in supervising of audit activities, engagement planning, resource management, billing, proposal preparation, designing detailed scope of work and solution documents, researching for client pursuits, identifying opportunities in business development activities for multiple potential clients, preparing effort estimates, conducted trainings and mentoring team members.