Ranjeet Singh

: Worked on Privilege access Mgmt, BIA, Risk, Compliance, Information Security, Vulnerability Mgmt, Various Security Projects controls based on ISO 27001, Compliance Audit, Change Mgmt, Problem Mgmt, Incident Mgmt, Zero-day attack implementation, Control Testing on BYOD, Control Implementation & Testing on DLP.

PCI-DSS 2 cycle 3.1 & 3.2V), Testing of ITGC Controls, Drafting Audit work paper with Big4, Worked on Change control, Problem & Incident Mgmt, Access Mgmt review, Infrastructure security review, Corn Job review, Unix/Mainframe access review, worked on SASSE 16, SOC 1/2/3 compliance for capgemini and with client vendors, worked on SAP certification for Capgemini (specific requirement from SAP could module to cloud Service broker) coordination with apps team and external Auditors

Part of Internal Audit team, third line of defense, Risk based Audit approach for all the assigned Audit missions, design testing steps based on initial diagnostic meetings to check control effectiveness, mapping control based on Cobit 5 framework and Basel II, performing risk scoring for various entities located in various geographic location, planning of next year audit, issued statement of findings after investigation/testing phase, reviewed Audit work paper part of QA, follow up on findings and tracking of remediation as per issued recommendation, review of Audit work performed by other auditors (QA).

Part of Internal Audit team, (3rd line of defense), Risk based Audit approach for all the assigned Audit Work, Preparing Terms Of Reference, Worked with IT Auditors (business Auditors in integrated Audit) and Data Analytics team guide them and assist with initial discussion/walk through of Business associated Applications and Infrastructures, understand the process and underline key risk area, prepare Control Test Matrix (CTM) to assess design of control operating effectiveness, mapping control based on Cobit 5/Base III framework and applying Industry best practices, review Audit workpaper and discuss finding observations with stakeholders. Prepare Audit report and discuss final report rating based upon materiality of observation/findings and an agreement. Follow up on findings and tracking of remediation action and re-performing of test before closure