Prateek Duvedi

Senior SOC Reporting Analyst working with the Risk and Compliance team at Finastra Software Solutions for over 1.5 years. For the outstanding performance, my team was acknowledged by VP, Risk as the "Most Efficient" across Finastra land.

Key Roles and experience in

• SOC1 and SOC2 Reporting: Worked as a bridge between the external audit firm and the product side for SOC1,2 assessments for banking and financial applications. My role including Project management lifecycle, from risk assessments, controls' re-certification process to deviations' tracking and resolution.
• Findings Management: Completed post-audit findings management tasks; from findings' registration to resolution and adoption.
• TPRM and Due-Diligence: Leveraging my experience from BlinkIt, I was given the additional responsibility to undertake Third-party Risk management (TPRM) and complete due-diligence for the sales department.

Assistant Manager in the Risk Advisory practice at PricewaterhouseCoopers (PwC) India with working on IT Audits, FAIT reviews and SOX engagements.

Adopted key roles and experience in

• SOX Reviews: handling multiple engagements, handling teams of 8-10 members, understanding and performing end - to - end testing of business processes for IT infrastructure. Auditing the design and operating effectiveness of the controls covering the endpoints, networks, database, servers etc.
• SOC (1&2) reporting: worked on SOC1,2 assessments inline with the SSAE18 standards for finance and technology clients, conducting ITGC testing, ITAC testing and infrastructure reviews.
• Audit Tools handling: Worked on adoption and implementation of audit management tools like Auditboard working closely with external stakeholders.

Transitioning from EY to BlinkIt, I joined them as a Technology Analyst, during the year-end external audit. Getting the experience of being at the client's side and managing the audit since my day 1 at BlinkIt was a challenging task but a learning one as well. At BlinkIt, I single-handedly managed the internal audit in accordance to SOX404 compliance requirements. After an year at BlinkIt, I was promoted to IT Governance Head and was handling 3rd-party risk assessments; due-diligence for incoming investors and onboarding on new IT service partners. Additionally, I worked with the finance department to automate the financial reports for payouts to the different categories of vendors.

Starting my career with a firm like EY, I got to the learn the basics of auditing and risk management in a very detailed manner. The need to understand the business process before moving onto the controls associated with it, is a learning that EY inculcated in me and I have been carrying it till date. Handling end-to-end engagements conducting walkthrough meetings with process owners; performing Infrastructure Reviews for operating systems and databases and undertaking ITGCs, ITACs testing and risk analysis.