ASHWINI PARCHE

Client - Aditya Birla Capital

• Conducting risk assessments and due diligence for third-party vendors.
• Monitoring vendor compliance with regulatory standards and internal policies.
• Developing and implementing risk mitigation strategies for high-risk vendors.
• Managing vendor lifecycle, including onboarding, monitoring, and termination.
• Collaborating with internal teams to ensure adherence to Vendor Risk Assessment (VRA) protocols.
• Creating checklist as per vendor criteria with adhering the ISO 27001:2022 controls.
• Keeping close track on DPDPA activities follow up with the respective members.
• Good knowledge of ISO 27001, ISO 27017, NIST CSF and Information Security principles.
• Cloud security logs monitoring and analysis.
• Performing risk assessments of vendor's data processing system to ensure functioning of data processing activities and security measures.
• Ensuring vendor due diligence questionnaires are appropriate to each engagement.
• Working with Sourcing Managers or directly with business SPOCs to conduct due diligence efforts for high risk vendors.
• Coordinating on-going annual risk reviews and controls assurance activity.
• Ability to develop and maintain internal and external customer relationships.
• Reviewing all the documentation such as policies, procedures, contracts, agreements, MSAs, SLAs, etc. for verifying the compliance to the requirements.
• Overall monitoring of the vendor performance and compliance throughout the engagement.
• Carrying out the onboarding process with defined and secured process or termination of the contract.
• Client - Aditya Birla Capital
• Rank 4 in IT infrastructure Management
• Rank 5 in IT Project Management

CyberNX Technologies - Internal

• Conducting Gap assessments for various standards and regulatory requirements.
• Handling and managing SEBI CSCRF guidelines and requirements.
• Policy documentation creating and update ad per Standard requirements or Regulatory requirements.
• Experience in ITGC assessments and documentation.
• ITGC Control implementation and policy creation.
• Worked on RBI MD, SEBI CSCRF, ITGC, ISO 27001:2022, etc. implementation and documentation.