Summary
Overview
Work History
Education
Skills
Certification
Accomplishments
Languages
Personal Information
Timeline
Generic
Lavanya Lakshmanan

Lavanya Lakshmanan

Bengaluru,KA

Summary

Self-driven Information Security professional with 11 years of Risk Management, Finance and experience in a wide range of industry/sectors, passionate to be a part of Governance, Risk and Compliance teams.

Overview

10
10
years of professional experience
1
1
Certification

Work History

Manager

EY INDIA LLP
06.2023 - Current

    EY INDIA LLP - CBA Project moved to CBA permanent role on Dec 2023 ( June 2023 to Present)

    • Working on Pillar 3 control for bank regulatory framework
    • Completed QA review for 3 ITGC controls assigned
    • ITAC testing for the business banking controls
    • Ensure to conduct walkthrough for the allocated control for the month
    • Assist the Senior analysts for any doubt or clarification they need during the walkthrough or while documenting the controls
    • Worked on critical controls - Pillar 3 regulatory controls (Input validation, interface controls and filtering rules controls)
    • Ensure to connect with the stakeholders to assist in the planning for testing during every quarter
    • connect with the team on regular basis to get an understanding on the blocks and report it to the BB team for further assistance
    • Prepared the Tier 1 , Tier 2 deck for presenting to the management
    • Control upliftment - Work on uplifting the control wording if its not appropriately created in the Risk in site and ensured the L1 risk team is also informed about the same.
    • Identified gaps in the process related to the controls testing and failed the controls with proper approval from control owner
    • Nominated and awarded for the Risk Rakshati award for 2023

Flextronics Shared Service Centre
02.2024 - 10.2024
  • As a member of the Internal SOX audit committee, ensured the SOPs (Standard Operating Procedure) for all process are as per the latest template and if they have been documented with the adequate level of approval in the appropriate folders
  • Reconciliation of the supplier account for SOX audit compliances and preparation of checklist for compliance
  • Handled invoice processing for production and non-production invoices, & customs payment
  • Debit balance follows up
  • Analyzed and reconciled the errors in payments to various vendors, by effectively utilizing ERP tool – BAAN
  • Preparing and issuing of weekly/monthly review reports on the vendor payments
  • Reviewing the invoices generated by the data entry team and resolving errors by liaising with the respective teams.

TCS E-serve
07.2024 - 10.2024
  • Administrated Hedge fund accounting by means of cash reconciliation, cost and position breaks
  • Booking of income and expenses for the funds and settling them on the due date
  • Bookings and rectification of Dividend accrued on due date and settling them with reference to the information analyzed from the Bloomberg
  • Administrating corporate actions like Stock splits, Mergers and Acquisitions etc
  • And making the necessary changes for the portfolio of funds
  • Pricing of Securities, Options etc
  • During the market valuation and thereby calculating the total value of the portfolio of Assets
  • Responsible for calculating GAV (Gross Asset Value) for each Hedge Fund Portfolio (Functions of portfolio accounting - Valuations, Pricing, Reconciliation & Trade bookings)
  • Calculating the buy to cover and short sell actual values for the month
  • Extracting the Bloomberg FX rate, Ask price & Bid price for GAV calculation
  • Financial executive.

Capgemini India Private Ltd
05.2020 - 06.2023
  • SOX ITGC testing
  • Assisted in the Sox testing planning and preparing the SOX ITGC workbook for testing
  • Conduct walkthrough with the external auditor, application team and respective team for control testing
  • Schedule walkthrough calls with respective team members
  • Provide elaborate details each control testing for that application
  • Conducted database, OS and application-level walkthroughs
  • Controls tested Access Management, Change Management, IT SOD, backup controls, Job monitoring, authentication controls
  • Document the testing results in the workpaper and upload the same for external auditor verification
  • Coordinating and facilitating internal & external audits; following up on audit issues, responses, action plans & remediation
  • Plan, perform, and manage field work to evaluate the effectiveness of key internal controls for financial reporting
  • Prepare and report control deficiencies, provide recommendations to address the root cause of issues and report on the status of implementation of management remedial actions
  • Follow-up on remediation activities for deficiencies identified to ensure control gaps are successfully resolved
  • ITAC testing
  • Testing of IT Application Controls to evaluate the Business Process controls within the application and to identify the risk in application level
  • Testing of IPE Controls to evaluate the completeness and accuracy of the custom transaction codes used in the Organization for the Business Process Controls
  • Conducted testing for purchase to pay and order to cash transactions in the applications
  • SDLC testing
  • SDLC compliance reviews – conducted the kick off meeting, collecting the evidences, provide certification for the application and worked on the remediation for any gap identified
  • Review conducted for the Sox application which are migrating to cloud and documenting the evidences required for the same
  • Additional supported for the Query validation process for the access review automation.

Vortexa Technologies- PricewaterhouseCoopers project
03.2019 - 05.2020
  • Working for ISO27001 Audit phase one for all IT employees in Marvell Semiconductors
  • To Prepare risk register and matrix for management reporting
  • CFIUS compliance requirement and audit conducted with the IT team
  • Reconciliation of the user list with the HR data and access list for access management
  • Patching management and changes management Gaps addressed and reported to management
  • SOX compliance requirement, planning document and defining the controls
  • Creating posters, teaser and banners with cyber security theme
  • Schedule and run Phishing campaign for targeted audience and all employees of organization
  • Constructing phishing reports for management on analysis and studying the organization structure
  • Vendor risk assessment initialed the RPQ and VRQ to all business owners and prepare the process workflow for streamlining the process.

Trigent Software solution - Wipro Technologies
07.2018 - 02.2019
  • Worked as part of GRC team in Wipro for SABIC project
  • Performed Training Need Analysis with respect to Information Security for the IT team of a Multinational Petrochemical Organization
  • Responsible for content development of Information Security Awareness materials
  • Performed Risk assessment for access control, input validation and session monitoring and updated the same in risk register
  • Contributed to 2019 planning in terms of road map, resource and cost requirement for Information Security awareness
  • Co-Facilitated Organization Wide Information security awareness ambassadors meeting and responsible for tracking and monitoring open action items from the meeting
  • Support security documentation, development, policy development and maintenance for customers
  • Access management review and risk register maintained for the SABIC organization.

Assistant Manager

HSBC Global Finance Center
08.2014 - 11.2017
  • Performed BCP Analysis and Security Assessments
  • Performed SOP-(Standard Operating Procedures) and process Analysis
  • Conducted Workshop for Team Users for Risk Management
  • Liaised with Delivery teams to identify, roll out security compliance processes as part of Identity Access Management
  • Facilitated Risk Workshop for France team for identifying and prioritizing process related risks
  • Performed Risk Assessment for cloud application as per ISO 27001 standard
  • Performed Asset Management by identifying assets in process and mapping to CIA matrix
  • Study and Review of process for Security exceptions to the policies & Standards and analyzing
  • Facilitating Process Automation initiatives – documenting functional requirements gathering and Performing Process Analysis
  • Reconciliation of supplier account for SOX audit compliances and compliance checklist
  • Conducted Awareness trainings for delivery team
  • Flash Report with Highlights and Lowlights
  • Dashboard reporting for Process functional areas; resourcing
  • Skilled in preparing various dashboards and monthly reports for management
  • Familiar on the information security and compliance standards like ISO27001, ISO31000, GDPR, PCI DSS and SOX compliance.

Education

Company Secretary Inter -

ICSI
01.2017

MBA Financial - undefined

Anna University
01.2012

B.Com - undefined

Madras University
01.2009

Skills

    • Financial Management
    • Performance Management
    • Policy Implementation
      • Business Administration
      • Business Planning
      • Verbal and written communication

Certification

  • Certified Lead Implementer Professional for BS ISO/ IEC 27001:2013
  • ISO 27001:2013 Lead Auditor from IRCA (The International Register of Certificated Auditors)
  • ISO 31000: 2018 Certified Risk Manager
  • Certified Sarbanes Oxley Act Implementer (CSOXI)
  • Certified IT General Controls Practitioner (CITGCP)
  • GDPR trained - Proficient in GDPR regulations

Accomplishments

  • Team Award for development and implementation of Standard Reports
  • Client Award for consistent on-time delivery.
  • “Team of the Quarter Award “for Q2 2013 for development and implementation of standard reports as part of MI Simplification.
  • Rewarded by client for ensuring on-time delivery consequently. As a token of appreciation, this was published in the TCS monthly newsletter.

Languages

English
Hindi
Tamil

Personal Information

  • Date of Birth: 09/07/89
  • Gender: Female
  • Marital Status: Married

Timeline

TCS E-serve
07.2024 - 10.2024

Flextronics Shared Service Centre
02.2024 - 10.2024

Manager

EY INDIA LLP
06.2023 - Current

Capgemini India Private Ltd
05.2020 - 06.2023

Vortexa Technologies- PricewaterhouseCoopers project
03.2019 - 05.2020

Trigent Software solution - Wipro Technologies
07.2018 - 02.2019

Assistant Manager

HSBC Global Finance Center
08.2014 - 11.2017

Company Secretary Inter -

ICSI

MBA Financial - undefined

Anna University

B.Com - undefined

Madras University
  • Certified Lead Implementer Professional for BS ISO/ IEC 27001:2013
  • ISO 27001:2013 Lead Auditor from IRCA (The International Register of Certificated Auditors)
  • ISO 31000: 2018 Certified Risk Manager
  • Certified Sarbanes Oxley Act Implementer (CSOXI)
  • Certified IT General Controls Practitioner (CITGCP)
  • GDPR trained - Proficient in GDPR regulations

Similar Profiles

  • ASWIN RAJ SR

    ASWIN RAJ SRASWIN RAJ SR

    Senior Consultant - Risk Consulting at EY India LLPSenior Consultant - Risk Consulting at EY India LLP

    View Profile
  • Abhinandan Momaya

    Abhinandan MomayaAbhinandan Momaya

    Senior Consultant at EY India LLPSenior Consultant at EY India LLP

    View Profile
  • Ankush Chavan

    Ankush ChavanAnkush Chavan

    Senior Consultant at EY India LLPSenior Consultant at EY India LLP

    View Profile
Lavanya Lakshmanan