Manish
About Candidate
Overall, I have 5.2+ years of experience in IT Industry and 4+ as an Internal Auditor.
Experience in leading teams to execute IT/audit/Risk Management within stipulated timeline
along with high quality deliverables.
IT general controls concepts in the areas of change management, computer operations and access to
programs.
Conduct test of design and test of control operation over ITGC / company level controls and effectively
document the results ensuring that conclusions, findings and recommendations are adequately supported.
I have worked on controls like User Provisioning, User deprovisioning, Password Parameters, High
Privileged Access (HPA) and User Access Review (UAR), Job Monitoring, Backup and Recovery
Build and maintain client relationships by understanding and being responsive to
client needs and ensuring high quality of deliverables.
Participated on IT compliance projects and ensures team members are provided with timely and accurate
project information and status updates.
Interfaces with the business and IT teams where required to apply IT controls and improvements to the
existing IT controls.
I am also part of walkthrough calls and perform interim and roll forward testing for the projects
I have knowledge on Risk Assessment and SOC Report as well
Coordinating and responding to Internal and External audit requests.
Testing operating effectiveness, as part of IT Audits, by taking samples from Production
Systems to ensure continued compliance with section 404 of the Sarbanes-Oxley Act of 2002
- Communicating the observations or gaps identified during the controls Review/IT
Audit to the senior auditors and managers.
Preparing Remediation plan and management responses for observations identified and share the
Risk Control Matrix with team leaders.
In Incident Management mainly inspect whether the tickets were solved as per the SLA’S (Service
Level Agreement) or not
If I identify any deficiencies, I will mark it as observation and exception and also perform exception
handling for those failed samples, if required will do substantial testing for the control
Collaborates with other stakeholders to develop and implement consensual decisions. As necessary,
partners with business continuity partners to create ways to improve efficiency
submit the final testing document before client deliverables.
Education
Work & Experience
Perform control testing to support the IT Audit plan, and the SOX 404 internal control assessment. Conduct test of design and test of control operation over ITGC / company level controls and effectively document the results ensuring that conclusions, findings and recommendations are adequately supported. Carry out wide range of assignments primarily related to conducting IT audits of affiliates and production sites. Information processing facilities audit to evaluate an organization's ability to produce applications even in disruptive conditions. Perform Risk Assessment, identification, and Evaluation of Controls, prepare and document the same in Risk Control Matrix. I am also part of walkthrough calls and perform interim and roll forward testing for the projects Documenting test results and any issues identified while also providing recommendations to management. For testing the control, I will listen to walkthrough calls, gather evidences, validate Completeness and Accuracy (C&A), Then pick samples based on frequency and risk also as per sampling guidelines and methodologies as well I worked on control testing for audits such as SOX, SOC 2, or similar audits; Broad audit across various areas of IT, including IT security, IT infrastructure, access management, IT application controls and IT general controls; Ability to meet deadlines and daily cut-offs with satisfaction in the requirements. As an internal auditor I provide reasonable assurance that the organization is in compliance by following rules, regulations, policies and procedures Consulting business and technical partners to improve business effectively protecting information and other projects and duties focused on efficient operations and effective risk management Planning and conducting ITGC audits to ensure compliance with regulatory requirements and internal policies. Collaborating with IT and business teams to identify control weaknesses and recommend improvements. Leading or participating in risk assessments and control gap analyses. Conduct risk assessments on operational IT processes, procedures, and policies. Reviewing and analyzing IT policies, procedures, and documentation for accuracy and completeness. Evaluating the effectiveness of IT systems and processes, identifying vulnerabilities and proposing mitigation strategies. Keeping up-to-date with industry trends and best practices in ITGC. Communicating audit findings and recommendations to management and stakeholders. Mentoring and training junior auditors, sharing insights, and providing guidance.
