Mayura Yaotkar

Management Systems (ISMS), ISO 27001:2022, and Privacy Information Management Systems (PIMS), ISO 27701:2019. The role involves developing policies, conducting gap analysis, delivering training, and coordinating audits, both internal and external. The individual also demonstrates skills in vendor management, compliance monitoring, and awareness program development.

• Developed and maintained ISO 27001:2022 policies, procedures, guidelines, and manuals.
• Conducted gap analyses for ISO 27001:2013 and ISO 27001:2022 standards.
• Delivered ISMS awareness training to new joiners, third-party resources, and project teams.
• Planned, coordinated, and executed ISO 27001:2022 internal audits.
• Facilitated internal audit finding closure and prepared meeting minutes (MOM).
• Conducted opening meetings for ISMS internal audits and prepared Root Cause Analysis (RCA) reports.
• Prepared for ISO 27001:2022 external audits, including updating objective documents and reviewing project-related controls.
• Conducted Onshore Development Centre (ODC) Physical Assessments.
• Coordinated ISO 27001:2022 external audits.
• Developed information security awareness decks and conducted awareness sessions for JDU and non-JDU employees.
• Organized security awareness quizzes (October 2024).
• Collaborated with prospect vendors for ISMS services.
• Developed Standard Operating Procedures (SOPs) for ISMS standard processes.
• Maintained ISMS and PIMS compliance checklist in the intranet portal.
• Initiated discussions with project SPOCs for preparation of ISMS internal assessments.
• Conducted internal audits for critical projects.
• Conducted and monitored monthly compliance checks for corporate functions and projects.

• Developed and implemented information security compliance policies and procedures to ensure adherence to relevant laws, regulations, and policies.
• Conducted risk assessments to identify non-compliance areas and devised corrective actions.
• Created and delivered compliance training for employees and interested parties, focusing on ISO induction and data privacy.
• Collaborated with cross-functional teams (IT, Admin, Legal, HR, and Delivery) to integrate information security into all operational aspects.
• Managed relationships with external auditors and regulators, providing support during audits and compliance reviews.
• Developed internal audit scope and plans for the Information Security Management System (ISMS) and Privacy Information Management System (PIMS).
• Conducted periodic compliance reviews in line with international standards (ISO 27001:2013, ISO 27701:2019).
• Performed internal audits and prepared audit reports for various projects, sharing findings with stakeholders.
• Analyzed and evaluated audit reports from consultants, informing relevant parties.
• Maintained all ISMS/ISO compliance documents.
• Periodically prepared, reviewed, and updated ISMS and PIMS documentation in consultation with project stakeholders.
• Conducted Management Review Meetings (MRMs) to discuss audit observations.
• Continuously followed up with interested parties to close audit gaps.

• Developed and implemented information security compliance policies and procedures to ensure adherence to relevant laws, regulations, and policies.
• Conducted regular audits and risk assessments to identify non-compliance areas and devised corrective actions.
• Created and delivered compliance training for employees and interested parties, focusing on ISO induction and data privacy.
• Collaborated with cross-functional teams (IT, Admin, Legal, HR, and Delivery) to integrate information security into all operational aspects.
• Managed relationships with external auditors and regulators, providing support during audits and compliance reviews.
• Developed internal audit scope and plans for the Information Security Management System (ISMS) and Privacy Information Management System (PIMS).
• Conducted periodic compliance reviews in line with international standards (ISO 27001:2013, ISO 27701:2019).
• Performed internal audits and prepared audit reports for various projects, sharing findings with stakeholders.
• Analyzed and evaluated audit reports from consultants, informing relevant parties.
• Maintained all ISMS/ISO compliance documents.
• Periodically prepared, reviewed, and updated ISMS documentation in consultation with project stakeholders.
• Conducted Management Review Meetings (MRMs) to discuss audit observations.
• Continuously followed up with interested parties to close audit gaps.

• Served as a dedicated Internal Auditor for three years, auditing National board of Accreditation (NBA), National Assessment and Accreditation Council (NAAC), and National Institutional Ranking Framework (NIRF).
• Developed internal audit scope and plans for academic improvement initiatives.
• Acquired, analyzed, and evaluated research documentation as a research coordinator.
• Designed industry-oriented syllabi for select subjects.
• Taught over 8 subjects and practical courses.
• Worked as a paper setter, examiner, evaluator, and subject expert for Savitribai Phule Pune University.
• Prepared and presented audit reports reflecting results, and documented processes for course files.
• Conducted training under the Bosch CSR BRIDGE program to train trainers for establishing training centers.