Vaishali Suresh Giri, Associate Consultant Mobile:+91- 9022860698

Email : [email protected]

• Currently employed with KPMG India as Associate Consultant, with around 3.3 years of professional
experience in the area of core, services focused on ITGC, ITAC, Risk Management, ISO 27K, SOX controls,
specialized in Governance & Compliance and Internal Audits.
• I am managing project that spreads across Access Management audits and assessments, Internal Audit
for all SOX, critical, & ISO 27001 scoped applications.
• Have sound knowledge and exposure in IT SOX compliance, Control Testing and Proficiency in ITGC (IT
General Controls) and Applications Controls.
• Change management process and Incident management process.
• Have experience in performing process compliance checks and internal audits for project management.
• Ability to meet deadlines and daily cut-offs with satisfaction in the requirements.
• Flexible to learn new systems, programs and procedures.
• Address the complexities of compliance by rationalizing risk management, controls, and the underlying
enabling technology
• Enthusiastic and have capability to learn new technology and business domains quickly.
• Good experience in client interaction with global leaders during requirement specifications and project
implementation phases.
• Excellent capability to explore, learn and understand newer business domains and technologies.

Key Skills

▪ Functional: Strategic/Tactical Planning, Business Analysis and Development, Excellent

Communication, ITGC Control Testing, SOX 404 IT Regulatory Compliance Audit, ISO 27001, Risk
Management, Internal Audit.

• Technical: MS Office tools, RSA Archer, SQL, SAMS IAM Tool, Oracle plsql.

Work experience
Current organization: KPMG India.
Current designation: Associate Consultant
Started: Jan 2024 to till date.

Previous organization: Prodapt Solution PVT LTD

Previous designation: Software Engineer
Started: Oct 2021 to Jan 2024

Project Experience
Project: “Cyber Technology and Risk” and “IT Governance and Access Management”
Environment: Support Central, Service Now, SAMS IAM, RSA Archer

Role/Title: Security Consultant

Responsibilities:
• Performed IT General Controls (ITGC) review of applications (Cloud and On-Prem) for a US based
Client across all the domains.
• Reviewed change management testing for normal and emergency change, incident monitoring,
auditing software development lifecycle and business continuity management
• Conducted internal audits and SOX testing; to include compliance with policies and procedures and
assessing the design and operating effectiveness of the internal control structure.
• Ensures appropriate treatment of risk, compliance, and assurance from internal and external
perspectives
• Working with asset owners and to collect evidence documents for IT SOD reviews, Monthly
Termination reviews, Termination accounts, Unidentified accounts, HPA OS Defects, Privileged User
reviews, Baseline reviews, Preliminary Scope, Campaign report and Extraordinary Campaign Report.
• Working with Compliance leaders, we will create query and pull the report from ServiceNow (CMDB)
for the list of applications (critical and non-critical) in scope to include in the System Inventory.
• Quarterly Application Inventory Validation, send templates to Compliance Leaders in order to update
the data of their applications in CMDB.
• Training and follow up with Compliance Leaders and Application Owners.
• Ensure compliance of Monthly and Quarterly SAT review requirements
• Coordinating with the application IT owners and application supporting team and performing the audit
covering the IT Control (Ensure System Security) over the SOx and financial applications.
• System Access Testing Audit (SAT), reviewing and validating the Critical Application for a specified
frequency as set by the client (Monthly/Quarterly/Annually). Documenting the Test Document, TOD
(Test of Design) and TOEs (Test of Evidences) for reviewed applications.
• Maintaining trackers and reports that supports the audit review
• Creating and updating client specific support manuals, user manuals on client specific action on domain
specific areas of SOX Compliance.
• Verifying all the defects identified via review is remediated in a timely manner with proper approvals.
• Performing periodic security and Privacy control evaluations across the functions to ensure effective
implementations controls/security Measures against the applicable frameworks.
• Assessing all the vendors should be aligned with the current GDPR 2018 Act Regulations.
• Identifying the gaps and providing recommendations to comply with current GDPR

Highlights
✓ Acted as SPOC in knowledge management & initiated team members to publish useful and project
related documents in the portal.
✓ Recognized for efficiently handling the IAM (Identity Access Management) program independently as
playing a lead role for new resources.
✓ Got appreciations directly from clients and internal management through mails and status calls for
timely support and resolving the various issues as well as achieving 100% accuracy.
✓ Acquired “IEVOLVE KAIZEN” Certificate for completing innovation – ‘IT SOD-Documentation’.
✓ Actively participated in activities conducted by GE BU Employee forum and act as a team leader for
conducting many activities like Project AKSHARA (Distributing books to schools in all areas of
Chennai).

Higher Education
B. Tech (ELECTRONICS & TELECOMMU) Mahapatra Institute of Technical Academy of engineering,
PUNE, 2020-
7.23 CGPA

DECLARATION:

I, Vaishali, hereby declare that all the above information furnished by me is true to the best of my knowledge
and belief.
Vaishali Giri