HARSHA Vardhan
BANGALORE,KA
Summary
Proficient and experienced IT Auditor with experience in Information Security and related functions such as SOX testing and ITGC controls. Hands-on experience in testing Access management and Change management related controls along with knowledge in Incident management, and IT operation management related to SOX ITGC.
Overview
4
4
years of professional experience
Work History
Consultant
DXC Technology
BANGALORE
08.2021 - Current
- Performing ITGC testing as Internal auditor for access management,change mangement,incident management,IT operations.
- Collaborated with control owners to perform detailed walkthroughs and understand testing requirements.
- Performed Test of Design (TOD) and Test of Effectiveness (TOE) for ITGC Controls based on sampling picked using Sampling methodology.
- Test operational effectiveness to ensure continued compliance with section 404 of the Sarbanes-Oxley Act of 2002.
- Follow up on remediation action plans for issues raised during the SOX audits.
- Maintained up-to-date knowledge of industry regulations (SOX) and actively contributed to process improvement and compliance initiatives.
- Prepare remediation plans and management responses for identified audit observations, including development of a Risk Matrix, and share with relevant team leaders.
- Support management in developing Management Action Plans (MAPs) to resolve control issues and mitigate risks.
- Maintain positive, collaborative relationships across corporate IT, business unit IT, and other key stakeholders while coordinating audit activities.
- Assess IT General Controls (ITGCs), including application controls, computer operations, program development, and program change management, to identify control gaps.
- Assist in collecting and documenting security-relevant evidence for external audits.
- Coordinate with IT teams for the extraction of audit evidence and evaluation of security controls.
- Support IT teams with remediation efforts and provide guidance to close identified audit issues.
- Evaluate mandatory requirements prior to release of software packages/production changes.
- Facilitate and lead weekly meetings to update change status and track remediation progress.
- Participate in functional studies of applications, analyze test cases, and validate business requirements.
- Identify test scenarios and test cases from functional specifications.
- Report defects to developers and track them through resolution.
Education
B.E. -
Anna University
01.2021
Skills
- ITGC Testing
- SOX
- SOX Audit
- SOX Controls
- Internal Auditor
- ITIL
- SOC 2
- Data Privacy
- Incident Management
- Change Management
- Risk Management
- COSO
- COBIT
Professional summary
Degree
June 2017 — July 2021
B.E
- Having overall 4 years of experience out of which I have 3 years in IT Security & Compliance
- Part of Test of Design (TOD) and individually handledTest of Effectiveness (TOE).
- Good experience on ITGC Domains like AccessManagement (AM), Change Management (CM),Incident Management (IM)& IT Operations.
- Conducting in-process reviews, validation, and/or audits of project, task, or work products.
- Continuously provides improvement recommendations to CM, Developer, tester, and Dispatcher.
- Worked on controls like User Provisioning, Deprovisioning, Password Parameters, User Access Reviews (UAR), High Privileged Access (HPA).
- Advising the project managers and configuration managers on the project/task CM requirements.
- Coordinating and responding to Internal and External audit requests.
- Testing operating effectiveness, as part of IT Audits, by taking samples from Production Systems to ensure continued compliance with section 404 of the Sarbanes-Oxley Act of 2002.
- Communicating the observations or gaps identified during the controls Review/IT Audit to the senior auditors and managers.
- Maintain positive and collaborative relationship between corporate IT, business unit IT departments while working with all these teams.
- Need to evaluate the mandatory requirements before releasing the packages.
- Facilitates Weekly Meeting and update change status.
Timeline
Consultant
DXC Technology
08.2021 - Current
B.E. -
Anna University
Similar Profiles
Syed NadeemuddinSyed Nadeemuddin
Professional 2 Networks at DXC Technology (Was transitioned from AT&T to DXC)Professional 2 Networks at DXC Technology (Was transitioned from AT&T to DXC)
Henry Arthur VincentHenry Arthur Vincent
Client Capability Lead at DXC Technology, DXCClient Capability Lead at DXC Technology, DXC
Nikhil C TNikhil C T
Business Analyst / Manual QA Tester at DXC Technology/Fidelis Technology Services Pvt LtdBusiness Analyst / Manual QA Tester at DXC Technology/Fidelis Technology Services Pvt Ltd
Kate BeentjesKate Beentjes
Project Manager at DXC TechnologyProject Manager at DXC Technology
Akhil Purushothaman PillaiAkhil Purushothaman Pillai
Value Stream Leader in Regional Service Centre at FESTO India Pvt LtdValue Stream Leader in Regional Service Centre at FESTO India Pvt Ltd