Sajith M

• Implementor & Auditor for ISO 9001, ISO 27001 & ISO 27701. • Planning and conducting Internal Audits. • Acted as a Representative for External Audits. • Provide reports and continual improvement plans, including root cause intended correction and corrective actions. • Follow up with respective teams to close the audit findings. • Good Documentation skills (SOP’s , Frameworks , Policies , Procedure , Process , etc ) • Conduct periodic awareness sessions related to to new joiners & existing employees. • Plan & facilitate the business continuity plan (BCP) & work towards it. • Risk Assessment – Identify & mitigate the risks (Provide solutions to address those risks to the management & client according to the standard) Page 2 • Data Privacy Impact Assessments. • Ability to draft KPI’s according to each function/process & verifying whether we could achieve our goals. • Conduct MRM Meetings at frequent intervals with the management to discuss on the process gaps , risk areas & audit results. • Evaluate & prepare Incident Management Reports.

• Maintained compliance frameworks, policies, and documentation to support audits. • Maintained and revised policy procedures for general operation of compliance program. • Organized training programs to educate company staff on benefits and consequences of complying or defying regulations. • Stayed abreast of applicable laws and state or federal regulation to report violations. • Developed systems to track and monitor compliance with regulatory requirements and internal policies. • Established internal controls and processes to support compliance through project management and engagement of key stakeholders. • Carried out assessments to identify privacy-related risk. • Carried out initial and periodic privacy impact assessments. • Identified vendor to support Privacy Implementation in the organization. • Conducted Vendor/Sub contractor compliance assessments for vendors associated with the organization. • Reviewing RFP on Compliance requirements. • Maintained detailed database of compliance data, activities and actions taken. • Performed Post Contract Compliance assessments and produced reports outlining assessments completed and follow-up recommendations.