Prashish Kumar

SOC 1 & 2 Audit

• Worked on SOC 1 reporting for an Indian leading technology solutions company spanning across multiple locations.
• Worked on SOC 1 & 2 Engagement for a global IT consulting firm spanning across multiple locations.
• Performed physical and virtual walkthroughs for pan India and global locations for various processes and domains such as Admin, HR, IT Server, IT Network, IT Asset, ISMS, Project Planning, and Management, etc.
• Verified the evidence as per different domains and worked on attestation documentation for report releasing.

Data Privacy

• Conducted data privacy assessment based on EU GDPR for an Indian global automotive and mobility ecosystem company spanning across multiple locations.
• Developed strategic plan for the clients, outlining key controls required for prioritizing the implementation.
• Conducted assessment for the different applications used on the client's premises and developed suggestions for improving data privacy accordingly.

IT General Controls.

• Performed internal audit for enterprise application for multinational cybersecurity software company.
• Prepared risk assessment and control matrix, drafting observations and recommendations.
• Reviewed the company's business processes and applications, and developed a detailed corrective action plan for any discovered weaknesses.
• Offered suggestions concerning controls, detected anomalies, and corrective strategies.

IT Audit

• Performed Internal Audit (IA) for a major IT solutions company.
• As part of the engagement, conducted assessments in the following domains: Incident Management, HR, Project management.
• Prepared risk assessment and control matrix drafting observations, implications, and recommendations.

Client Information Security Assurance

• Acquired comprehensive knowledge of the company's information and cybersecurity infrastructure, policies, and procedures to ensure a secure operating environment.
• Delivered assurance to both prospective and current clients on the company's robust security posture.
• Conducted detailed onsite assessments and participated in various audits to validate the integrity of peripheral and internal logical and physical security measures.