Dynamic Associate Consultant with expertise in ISO/IEC 27001 Lead Auditing and Third Party Risk Assessment at Pricoris LLP. Proven ability to develop robust Information Security Management Systems and enhance organizational resilience. Strong analytical skills combined with effective communication foster collaboration and drive security initiatives. Committed to delivering impactful solutions in information security.
ISMS (Audit/ Implementation) - ISO 27001:2022 & ISO 27001:2013,
Upgradation of ISO 27001:2013 to ISO 27001:2022., Reviewed and modified all policies and procedure., Conducted Business Impact Analysis, Risk Assessment, and Internal Audits., Composed MRM documents with corrective actions.
PIMS (Audit/Implementation),
Identified processes and amended Data Inventory., Identified Data Privacy controls., Prepared Record of Processing Activities (ROPA) based on various processes., Conducted Privacy Impact Assessments (PIA) based on Qualification Criteria., Reviewed and updated policies and procedures. BCMS (Implementation),
Identified IT applications and reviewed policies based on ISO 22301., Conducted BIA and Risk Assessments for critical applications., Developed strategies and Business Continuity Plans.
Third Party Risk Management (TPRA),
Classified third-party vendors by risk level, data sensitivity, and access requirements., Conducted risk assessment, due diligence, and audit., Implemented continuous monitoring and auditing processes., Managed incident response, on-boarding and off-boarding processes with secure data disposal.