Uttara Kumar Raju Chodraju

Performed system evaluation and audit of IT processes as a part of SOX 404, SSAE 18 in accordance with PCAOB/AICPA guidance. • Reviewed testing strategies and methodologies; evaluated the adequacy and effectiveness of policies, procedures, processes, initiatives, products, and internal controls. • Create documentation for both Test of Design (ToD) and Test of Operating Effectiveness (ToE). • Single Point of contact for External Auditor w.r.t ISO 27001, SOC2 , SOX404, CSA Star Attestation's. • SOX ITGC Risk Assessment for various engagements ensuring that the SOX controls are designed and implemented in place and carrying out Applications and SOX Controls testing for operations and effectiveness. • Experienced in Walk-through activities (Audit request lists, SmartSheet template preparation), Reporting (Weekly and Monthly status updates, Escalations and Activity trackers). • Scheduled kick-off calls with vendor’s contact or security team for assessment process walk through and validation of vendor’s technical controls. • Conduct third party security risk assessments for all new vendor relationships and annually for existing vendor relationships. • Preparation of vendor assessment reports which will include an analysis of the business profiling questionnaire and due diligence questionnaire of the vendor, review supporting documentation, performing a research on the operations and other relevant information about the vendor/supplier. • Managing Third party Security Team and Tier vendors based on Data classification, Data Elements and Risk Rating. • Ensure third party relationship adhere to company's policies and compliant with regulatory guidelines and industry best practices. Interface with Business units, vendors to discuss findings and remediation process as part of findings Management.