Aayush Kumar

Comprehensive experience of implementing and delivering privacy, Business Continuity and cyber security consulting related to ISO 27001:2013,ISO 27701 and ISO 22301:2019 standards.

CIPP/E

Data Privacy

• Conducted end to end privacy implementation for client on ISO 27701,
• Performed current state gap assessment for ISO 27701
• Developed Privacy framework from scratch and managed end to end implementation for entire entity
• Conducted PIA's (Privacy impact analysis) for the critical processes of the clients
• Formulated the qualification criteria for performing the PIA's (Privacy impact analysis)
• Ensuring the state of art methodologies for the implementation of Privacy Framework
• Reviewed and created Records of processing activities for clients(ROPA)
• Experience with internal and external audits for multiple clients
• Carried out PIMS awareness campaigns for the entire client organization
• Created Data flow diagrams using the visio applications
• Worked with Service based clients on performing end to end gap assessment on Thailand PDA

• Conducted ISMS controls review covering areas like Security Governance, Access Management, Change Management, Incident Management, Backup & Restoration Management
• Performed the current state gap assessment for the client in line with the ISO 27001:2013
• Performed Site audits for multiple client locations
• Proactively creating well defined Audit plans for Internal and External audits
• Conducted risk assessments across the organization and developed a risk treatment plan for ISO 27001 and ISO 22301
• Gained understanding of the client's cyber environment and assessed their cyber maturity by using the Integrated approach
• Identified probable threats and provided solutions by deploying the preventive and detective controls
• Supervision and management of on going client for end-to-end support on Information Security and helping to grow the Information security control for the client

• End to end support for BCMS (Business Continuity Management System)
• BCMS (Business Continuity Management System) exercising to ensure industry compliance with best practices
• Documentation management- Creating policies, SOA's, Procedures, SOP's, guidelines, Version control from scratch for the clients
• Implementing end to end BCMS for the clients and providing solutions based on the financial limit
• Conducting Business Impact Analysis (BIA's) for the critical functions identified by assessing the CIA triad
• Conducted BCP Table top exercises for multiple clients
• Communication Cascading- Conducted Call tree exercising using manual approach

• Conducted VRM for clients by ensuring due diligence using checklists for newly onboarded clients
• Ensuring compliance for the renewal of the vendors by following up on compliance standards
• Ensuring the data transfer between the vendors and the organization is protected and ensures Confidentiality Integrity and availability

• Managing multiple teams to ensure the Monthly cadences
• Intricately understand the client's requirement to create RFP's\
• Resource management and and meeting stakeholders to ensure quality staffing on Clients projects