Ravindranath Reddy Marpula
Hyderabad,TG
Summary
Results-driven professional with 13 years of experience in Governance, Risk, and Compliance (GRC), IT General Controls (ITGC), and Sarbanes-Oxley (SOX) compliance. Expert in designing GRC frameworks, conducting ITGC assessments, and ensuring regulatory adherence. Skilled in SOX process documentation, control testing, and remediation to meet financial reporting standards. Adept at collaborating with IT, finance, and audit teams to enhance compliance and operational efficiency. Proficient in COSO, COBIT, and NIST frameworks, with strong analytical and risk management skills.
As GRC Analyst at Wipro I support the customer organizations governance, risk, and compliance initiatives, helping maintain a secure and compliant environment. working closely with cross-functional teams, I assist in ensuring compliance with industry standards and the development of risk management frameworks.
proactive leader, delivering projects on time while fostering a culture of compliance and continuous improvement in dynamic environments.
Overview
13
13
years of professional experience
1
1
Certification
Work History
Lead ITRO - Governance , Risisk and Compliance
Wipro Technologies
07.2024 - Current
- Contribute to the development and updating of information security policies, procedures, and related documentation, ensuring alignment with ISO 27001 and other regulatory frameworks.
- Conducted comprehensive risk assessments to identify vulnerabilities, assess threats, and prioritize remediation efforts, reducing organizational risk exposure
- Led compliance audits for regulatory requirements (e.g., Essential 8,ERM audit, SOC 2), achieving 100% compliance through effective policy enforcement and documentation.
- Designed and maintained risk management programs, integrating risk registers and mitigation strategies to support business objectives while safeguarding critical assets.
- Identify and document security risks, help to assess their impact on the organization, and support the development of risk mitigation strategies.
- Implemented continuous monitoring programs to track compliance with cybersecurity frameworks, reducing non-compliance incidents.
- Authored and updated information security policies, ensuring alignment with evolving regulatory requirements and industry best practices.
- Developed and implemented business continuity plans (BCP), integrating cybersecurity risk management to ensure operational resilience and compliance during disruptions. and Conducted risk assessments and tabletop exercises for BCP, enhancing organizational preparedness and reducing recovery time
- Facilitated cybersecurity awareness training for employees, improving organizational security culture and reducing human-related security incidents.
- Utilized GRC tools like ServiceNow, Archer to streamline risk management, compliance tracking, and audit processes, increasing operational efficiency.
- Led incident response planning and tabletop exercises, ensuring rapid recovery and compliance with regulatory reporting obligations.
- Monitored and reported on key risk indicators (KRIs) and key performance indicators (KPIs) to senior leadership, providing actionable insights for strategic decision-making.
- Coordinated with internal and external auditors to ensure timely resolution of findings, maintaining compliance with regulatory and contractual obligations.
- Supporting and maintenance of ISO 27001:2022 standards by assisting in ensuring compliance with security controls and helping prepare for internal and external audits.
- Participate in the monitoring and review of security controls, supporting efforts to enhance their effectiveness and alignment with business objectives.
- Collaborated with cross-functional teams to develop and enforce security policies, procedures, and controls, enhancing organizational resilience against cyber threats.
- Ensure a customer-centric approach, understanding client and stakeholder needs while delivering solutions that add value.
- Evaluated the effectiveness of existing controls through regular testing and recommended adjustments as needed.
Deputy Manager
Deloitte
03.2023 - 12.2023
- Implemented EBCE, a risk-based approach, to identify, evaluate, and prioritize risks across the organization.
- Ensured operational risk data collection, documentation, and reporting processes complied with the bank's Data Governance Policy and Programs.
- Identified operational and financial risks, assessing their impact on the company's financial reporting accuracy, operational efficiency, and legal compliance.
- Evaluated the effectiveness of existing controls through regular testing and recommended adjustments as needed.
- Tested IT General Controls (ITGC), including security, change management, and operations, producing evidence in a centralized repository as per control frequency requirements.
- Created detailed work products such as audit analyses, correspondence, and other documentation to present findings and results.
- Gained deep knowledge and experience in testing ITGC and Business Process Controls, including ITACs (IT Automated Controls) Testing.
- Executed security and maintenance controls as part of internal audits and integrated 404 SOX compliance.
- Analyzed and reviewed SOC1 & SOC2 reports and vendor agreements, ensuring appropriate complementary user entity controls were in place within the bank.
Assistant Manager
TATA Consultancy Services
08.2016 - 02.2023
- Planned and scoped compliance-related and control environment tests by assessing applicable laws and risks, leveraging knowledge of business areas or processes to develop appropriate review scopes.
- Reviewed the company's Risk Control Matrix (RCM) and previous year's documentation to understand business processes and key associated risks.
- Conducted SOX 404 Readiness Engagements, including walkthrough, updating and documenting process flow charts and narratives, identifying risks, implementing and testing IT General Controls, and reporting issues to the IT Controller.
- Worked on ITGC domains including Logical Access, Change Management, and Operation Controls.
- Prepared and presented reports on ITAC Testing results, highlighting areas of risk and providing recommendations for improvement.
- Executed fieldwork by obtaining and analyzing information to make informed, objective determinations on the adequacy of controls and regulatory compliance.
- hands on experience in Vulnerability management & Identity and Access management
Assistant Manager - Finance
Hetero Labs Ltd.
06.2012 - 07.2016
- Managed accounting operations, including general ledgers, accounts payable/receivable, financial statements, and evaluated reports for the organization.
- Prepared and evaluated dashboard and business reports.
- Finalized accounts through monthly book closings, general ledger scrutiny, trial balance analysis, and preparation of schedules.
- Assessed monthly fluctuations in financial statements, including trial balance, P&L accounts, balance sheets, and cost center-wise expenditure reports.
- Worked closely with internal auditors to ensure compliance with organizational standards and policies
- Capitalized fixed assets, managed depreciation accounting, and maintained the fixed assets register.
- Moved tax-related matters, both direct and indirect.
Education
MBA - Finance
Osmania University
Hyderabad, India06-2012
CMA Inter - Accounting and Business Management
Institute of Cost Accountants of India
06-2010
B.Com. - Accounting and Finance
Acharya Nagarjuna University
03-2007
Skills
- GRC
- Internal audit management
- Compliance management
- Risk management assessment
- IT governance control evaluations
- SOX Compliance
- Continuous process evaluation
- Audit Conflict Resolution
- MS Office
- Communication
- Leadership
- Analytical
- Presentation
Certification
CISA | 2024
Languages Known
English
Telugu
Hindi
Tamil & Telugu
Software
GRC tools - RSA Archer, Service Now
Vulnerability Management - Rapid 7, Service Now, Microsoft defender, Intruder,
IAM Governance - Cyber Ark
For Project Managemnt , Reoprting & Changemanagement - Jira Confluence
Timeline
Lead ITRO - Governance , Risisk and Compliance
Wipro Technologies
07.2024 - Current
Deputy Manager
Deloitte
03.2023 - 12.2023
Assistant Manager
TATA Consultancy Services
08.2016 - 02.2023
Assistant Manager - Finance
Hetero Labs Ltd.
06.2012 - 07.2016
MBA - Finance
Osmania University
CMA Inter - Accounting and Business Management
Institute of Cost Accountants of India
B.Com. - Accounting and Finance
Acharya Nagarjuna University
Similar Profiles
SAI SUSHMA INDRANI KANISETTYSAI SUSHMA INDRANI KANISETTY
Project Engineer at Wipro TechnologiesProject Engineer at Wipro Technologies
Praveen RPraveen R
Senior Project Engineer at Wipro TechnologiesSenior Project Engineer at Wipro Technologies
Rishikesh AmateRishikesh Amate
Exchange Administrator at Wipro TechnologiesExchange Administrator at Wipro Technologies
Saravanan RengarajanSaravanan Rengarajan
Account Delivery Manager at Wipro TechnologiesAccount Delivery Manager at Wipro Technologies
Manoj GuduguntlaManoj Guduguntla
Principal Consultant at NgSupplyChain Solutions Pvt LtdPrincipal Consultant at NgSupplyChain Solutions Pvt Ltd