Summary
Overview
Work History
Education
Skills
Certification
Languages
Personal Information
Timeline
Generic

Indu Rani

Summary

Tech professional with 6+ years in Risk Advisory, ISMS Auditing, and Governance, Risk, and Compliance (GRC). Proven ability to conduct thorough risk assessments and resolve compliance challenges while collaborating with management on risk mitigation strategies. Expertise in Third-Party Risk Management (TPRM) and Vendor Risk Management, ensuring adherence to industry regulations and best practices.

Overview

9
9
years of professional experience
1
1
Certification

Work History

TPRM Analyst

Fairview Health Services
09.2024 - Current
  • Conducted in-depth vendor risk assessments targeting security, compliance, and operational performance.
  • Utilized Censinet Tool for distributing security questionnaires, gathering essential data for evaluations.
  • Collaborated with internal teams and vendors to mitigate risks, enhancing compliance and security protocols.
  • Directed vendor onboarding processes ensuring adherence to HIPAA, GDPR, ISO27001:2013, and SOC 2 standards.
  • Authored comprehensive risk assessment reports presented to senior leadership for informed vendor management decisions.
  • Reviewed vendor performance metrics to ensure service delivery aligned with established standards.
  • Implemented ServiceNow, Censinet, and Peoplesoft as integral tools in risk management workflows.
  • Developed management review reports summarizing findings and collaborated with cross-functional teams to enhance operational efficiency.

Technical Lead

Happiest Mind Technologies Ltd.
Noida
08.2023 - Current
  • Initially worked as a TPRM Analyst for Uber Technologies Inc., managing and supporting third-party risk management (TPRM) initiatives for the organization’s vendors.
  • Later transitioned to Fairview Health Services, where I continued managing TPRM activities, conducting risk assessments, and implementing remediation strategies to strengthen security, compliance, and risk mitigation for third-party vendors.

Technical Lead- TPRM

Uber Technologies Inc.
08.2023 - 09.2024
  • Engaged with the client (Uber Technologies Inc.) and its vendors (~2k+) to perform third-party risk management.
  • Assessed and monitored the TPRM lifecycle activities.
  • Provided guidance to business relationship owners, client audit team, and other risk partners.
  • Reviewed the vendor intake form and completed the inherent risk assessment for all newly submitted third parties/vendors.
  • Assessed the operational fitness of the third parties utilizing the SIG questionnaire and Shared Assessments.
  • Performed end-to-end risk assessment and reviewed artefacts submitted (SOC 2 Type 2 Report, ISO 27001 Certification, and all other security policies, etc.).
  • Documented key third-party risks identified in a closure report, escalated control gap findings as necessary to management, presented reports, and made recommendations to key technologies and business process stakeholders to promote awareness and determine the mitigation controls and remediation requirements.
  • Analysed ongoing monitored alerts and recommended necessary subsequent action or escalation.
  • Tools used: ServiceNow GRC and Coupa.

Vendor Risk Analyst

Wipro Ltd.
Gurugram
10.2022 - 08.2023
  • Conducted third-party risk management assessments for Blackstone Inc. and over 50 vendors, ensuring ISO 27001 compliance.
  • Liaised with clients to manage stakeholder expectations across multiple departments.
  • Performed comprehensive risk assessments focused on personnel, processes, and technology.
  • Reviewed empirical data for each vendor, evaluating internal control effectiveness.
  • Incorporated financial health, regulatory risks, and industry compliance into vendor evaluations.
  • Monitored vendor risks, addressing issues and gaps with timely mitigation plans.
  • Maintained an updated Vendor Management repository, including due diligence documentation and contracts.
  • Utilized Process Unity, Coupa, and Oracle tools to enhance vendor management efficiency.

Senior Analyst

FIS Global Business Solutions India Pvt. Ltd.
Gurgaon
09.2019 - 10.2022
  • Ensured strategic objectives of risk management program are met for 80+ Clients and their 4000+ Vendors including the execution of risk assessment activities, coordination of risk response, and program testing and validation.
  • Supported the various requirements towards compliance for ISO 27001 and other second-party audits. In coordination with Internal Audit guidelines, conduct routine audit checks to verify the compliance to the RISC Policy and Procedures.
  • Performed the pre-SSAE 16/18 (SOC 1 and SOC 2) review for International Products and Business as per client requirements using customized Control Survey forms and various Intake Form.
  • Leveraged strong relationships and networks to increase company presence and opportunities by Implementing 4 Clients on our VRM (Vendor Risk Management) platform. Established clear and competitive goals, growth roadmaps and strategic business plans.
  • Tools Used: RAAS ( Risk as a Services)

Forensic Trainee

BDO India LLP
Gurgaon
02.2019 - 08.2019
  • Assisted in performing fraud investigations and forensic audits.
  • Contributed to compliance advisory services, forensic technology, and expert witness services.

Calibration Engineer

Belz Instruments Pvt. Ltd.
Faridabad
09.2016 - 07.2017
  • Performed assessments according to ISO/IEC 17025:2005 guidelines.
  • Conducted audits on calibration processes, ensuring top-quality assessments and verifications.

Education

B.Tech - Instrumentation Engineering

Kurukshetra University
Kurukshetra

MBA - Forensic Accounting

National Forensic Sciences University
Gandhinagar

Skills

  • Third-party risk management
  • Business risk intelligence
  • ISO 27001 audit
  • SOC 1 and SOC 2 reviews
  • IT risk management
  • Due diligence
  • Sanctions checks
  • Vendor risk management
  • Risk assessment
  • Compliance auditing

Certification

Certified Regulatory Vendor Program Manager

Languages

  • English
  • Hindi

Personal Information

  • Father's Name: Rajinder Kumar
  • Date of Birth: 12/28/92

Timeline

TPRM Analyst

Fairview Health Services
09.2024 - Current

Technical Lead

Happiest Mind Technologies Ltd.
08.2023 - Current

Technical Lead- TPRM

Uber Technologies Inc.
08.2023 - 09.2024

Vendor Risk Analyst

Wipro Ltd.
10.2022 - 08.2023

Senior Analyst

FIS Global Business Solutions India Pvt. Ltd.
09.2019 - 10.2022

Forensic Trainee

BDO India LLP
02.2019 - 08.2019

Calibration Engineer

Belz Instruments Pvt. Ltd.
09.2016 - 07.2017

B.Tech - Instrumentation Engineering

Kurukshetra University

MBA - Forensic Accounting

National Forensic Sciences University

Similar Profiles

  • Suraj Ramesh PednekarSuraj Ramesh Pednekar

    Risk Assessment Lead (TPRM) at Atlas SystemsRisk Assessment Lead (TPRM) at Atlas Systems

  • Adam HaleAdam Hale

    VP.O (Vice President Officer) - Sr. Cybersecurity TPRM Consultant (IC-Level 7) at M&T BankVP.O (Vice President Officer) - Sr. Cybersecurity TPRM Consultant (IC-Level 7) at M&T Bank

  • EMMANUEL PETEREMMANUEL PETER

    Cybersecurity / GRC / TPRM Analyst (Contract) at Washington Tech Solutions (WTS)Cybersecurity / GRC / TPRM Analyst (Contract) at Washington Tech Solutions (WTS)

  • Samuel AdeigbeSamuel Adeigbe

    GRC Analyst at Vertex Pharmaceutical IncGRC Analyst at Vertex Pharmaceutical Inc

CREATE PROFILE
Indu Rani