Namarta Kumari

SOX Testing

SOX Remediation Testing - Worked in the capacity of an internal auditor to review the SOX remediation testing and impact assessments for the SOX Audit for tools such as CyberArk, Imperva, Splunk, Azure AD and IaaS infrastructure of a leading Pharmaceutical giant based in the UK.

Disaster Recovery Plan Development

DR Plan Development - Developed an IT Disaster Recovery (ITDR) Plan by conducting Business Impact Analysis (BIA), Risk Assessment (RA), and Tabletop Exercises for a leading petrochemical giant in Saudi Arabia.

SDLC Review

Delivered a comprehensive report for an America-based apparel company's SDLC review. Ensured compliance with IT SOX requirements during the integration into the current ERP system.

Cybersecurity Maturity Assessment

Conducted a cybersecurity maturity assessment for a Saudi Arabia-based banking client. Identified vulnerabilities and recommended security enhancements.

SOC Auditing and CUECs Review

• SOC Reporting - Delivered SOC 1 and SOC 2 type 1 and type 2 reports for a leading Dubai-based Cloud and Hosting Services provider company.
• SOC Reporting - Delivered a SOC 1 Type 2 report for a firm based in India, focused on providing procurement services to clients.
• Complementary User Entity control review - Performed a detailed CUEC review for a pharmaceutical client for AWS and Microsoft services utilized by the client.

Financial Audit IT Integration

• FAIT Secondment to EY Muscat, Oman - Performed IT regulatory compliance reviews for 25+ Oman-based companies across industries.
• Enhanced security posture through detailed assessment of 50+ key applications and evaluated business control.
• Leading end-to-end integrated financial audit for multiple Middle East clients.
• Determined project tasks, risks, and challenges, work hours, etc.
• And performed a detailed review of work performed by junior colleagues to ensure quality deliverables.

SOC Reporting

• SOC-1 Type-2 Report for Multinational Companies - Collaborated on the SOC-1 Type-2 Report for a leading multinational travel and meetings program management company.
• Contributed to a similar report for an American multinational professional services company across regions including India, Philippines, Bulgaria, Asia-Pacific, Europe, and America.

Information Risk Management in External Audit (IRMeA)

• Information Risk Management in External Audit (IRMeA) - Engaged in multiple IRMeA projects for Indian clients in diverse sectors.
• Focused on IT General Controls and IT Application control testing and documentation.
• Gained insights into standard ERP applications, databases (Oracle 11G, 12C), and operating systems (Windows OS, UNIX OS).

SOX Testing

Worked on SOX Audit for a client in the financial services industry, focusing on controls for access management, change management, IT infrastructure, and IT operations for various SOX-related applications.