Priya Jaiswal
IT Auditor
Navi Mumbai
Summary
Dedicated and results-driven IT Auditor with a proven track record of ensuring robust information technology controls and compliance within dynamic organizational environments. Proficient in IT General Controls (ITGC), IT Application Controls (ITACs), IPEs, Sarbanes-Oxley (SOX) compliance, COSO framework, ISAE3402, and SSAE18 standards (SOC). Possesses interpersonal, problem-solving and analytical skills to provide advice and expertise to client organizations improving business performance.
Overview
3
3
years of professional experience
5
5
years of post-secondary education
1
1
Certification
Work History
Consultant- Business Consulting
Ernst and Young LLP
10.2022 - Current
- Developing audit plans and strategies to efficiently allocate resources while ensuring alignment with audit objectives
- Proficiently engaging with business stakeholders through interviews to grasp their requirements and effectively communicate the audit scope
- Identifying control gaps in processes, procedures and systems through in-depth research and assessment and suggested methods for improvement
- Mentoring new team members on project protocols, including IT general controls testing, application functionalities, and maintaining audit standards
- Overseeing IT general control projects for both onshore and offshore clients by overseeing planning, project progress, and facilitating audit review meetings to relay findings and suggest areas for enhancement to client leadership
- Successfully managing SOX audits for a leading UK telecom company, resulting in consistently favorable annual audits and timely reporting
- Executing audit fieldwork autonomously in accordance with audit work programs for ISAE 3402/SSAE 18 engagements in accordance with COSO frameworks.
- Collaborating with IT and business teams to implement remediation plans, addressing control deficiencies and improving overall control effectiveness
- Conducted testing of application controls, encompassing both logical and physical access. Evaluated the effectiveness of these controls to ensure robust functionality, accurate reporting, and seamless interface integration. This involved verifying security measures, assessing the integrity of data flows, and ensuring compliance with industry standards and best practices.
- Experienced in complex migration testing to ensure risk related activities
- Possesses knowledge of cybersecurity principles and practices.
- Experience in testing IT application controls, including configurable and non-configurable aspects, interfaces, and IPEs.
- Exhibiting strong attention to detail in crafting comprehensive documentation, including audit programs, work papers, and reports, ensuring precise and transparent documentation of audit procedures and outcomes
- Collaborating closely with managers to develop client proposals, kick-off, Statements of Work (SOWs) and project status presentations.
Associate Consultant- Business Consultant
Ernst and Young LLP
10.2021 - 09.2022
- Conducted ERP and non-ERP ITGC for telecommunication clients
- Performed audit fieldwork (walkthrough, control testing, reviewing/analyzing audit evidence and work papers), and reporting of issues noted during audit (defining issues and recommendations)
- Executed analysis of risks and identifying risk mitigation strategies
- Collaboration with team members to achieve target results.
Analyst- IT Audit and Assurance
KPMG
12.2019 - 9 2021
- Assessed IT control elements to mitigate risks regarding the confidentiality, integrity, and the availability of business information
- Performed assessments of application controls and IT general controls such as access control, change management, operations, disaster recovery, incident management and job scheduling
- Performed audit fieldwork (walkthrough, control testing, reviewing/analyzing audit evidence and working papers), and reporting of issues noted during the audit (defining issues and recommendations)
- Tested application controls, including both logical and physical access, controls to ensure the effectiveness of functionality, good reporting, and interfaces
- Performed IT Automated control testing around access provisioning and user security, system configuration management in various SAP modules such as Material Management, Sales and Distribution, Payroll and BASIS
- Detailed knowledge of reviewing SOC 2 reports aligned with General IT Control testing
- Conducted IT Audits for SAP ECC, SAP S/4HANA, and Non-SAP applications which consists of General IT Controls covering Operating system and Database controls, IT automated control testing, Security reviews and SoD reviews
- Performed SAP Risk and Control review on understanding the requirements and needs of clients, team for the preparation of proposals and projects plans
- Planned and managed SOC 1 and SOC 2 Type 1 and Type 2 audit using best practice audit guidelines in compliance with COSO for Multinational IT companies, business process management company and U.S
- Based multifunctional shared services company
- Assessed controls over logical and physical access management, change management, incident management, system development, batch jobs and backup management, information security and awareness, operating system and database, password management, segregation of duties and environments, human resource (HR) management, infrastructure and logistics, network management and data centre management along with business process controls
- Performed Attestation engagements covering domains such as contractual requirements, asset management, application security, data classification, network and database security, policies and standard operating procedures, privilege access management, business continuity management (BCM), disaster recovery (DR), offshore development centre (ODC), vulnerability assessment and penetration testing, anti-virus and patch management, data encryption
- Performed task in accordance to Quality Performance Review (QPR), worked on queries raised and communicated by QPR reviewers.
Education
Master of Commerce - Commerce
Mumbai University (IDOL)
06.2019 - 05.2021
Bachelor of Commerce - Bachelor of Commerce
SIES
07.2016 - 05.2019
Skills
IT General Controls
IT Application Controls
SAP ECC
SAP S/4 HANA
SAP GRC
Microsoft Dynamics 365
Microsoft Navision ERP
Oracle-EBS
Oracle NetSuite
SSAE18, ISAE3402 Reports
COSO framework
Cybersecurity principles and practices
Operating System security control testing for Windows, AIX, Linux and RHEL
Database security control testing for Oracle, MS SQL, HANA, DB2
Personal Information
- Relocation: Ready to relocate
- Notice Period: 90 days
Certification
Pursuing CISA
Timeline
Consultant- Business Consulting
Ernst and Young LLP
10.2022 - Current
Associate Consultant- Business Consultant
Ernst and Young LLP
10.2021 - 09.2022
Analyst- IT Audit and Assurance
KPMG
12.2019 - 9 2021
Master of Commerce - Commerce
Mumbai University (IDOL)
06.2019 - 05.2021
Bachelor of Commerce - Bachelor of Commerce
SIES
07.2016 - 05.2019
Similar Profiles
Adit BhatiaAdit Bhatia
Associate Consultant at Ernst And Young LLP (EY LLP)Associate Consultant at Ernst And Young LLP (EY LLP)
Adit BhatiaAdit Bhatia
Associate Consultant at Ernst and Young LLP (EY LLP)Associate Consultant at Ernst and Young LLP (EY LLP)
Akshay NagareAkshay Nagare
Sr. Consultant-Technology Consulting at Ernst and Young LLPSr. Consultant-Technology Consulting at Ernst and Young LLP
Dilpreet SinghDilpreet Singh
Project Consultant at Ernst and Young LLPProject Consultant at Ernst and Young LLP
SUSHANT KUMARSUSHANT KUMAR
Sr Manager- CNOC Team at Reliance JioSr Manager- CNOC Team at Reliance Jio