Sanjay Palle

- Conducting Internal ISO 27001 Audits and Handling External Audits for the Organizations and projects.

- Managing external client IT audit engagements at Deloitte, ensuring client needs are met throughout the process.

- Identifying Potential Risks: Threats, vulnerabilities and risks that the system might encounter. Natural occurrences such as calamities or power outages should be taken into consideration in addition to malware attacks.

- Perform vendor risk assessments (includes AWS, Azure, GCP), addressing security questionnaires, assessing the adequacy of policies, procedures, processes, and compliance and operational controls in a significantly large and complex organization.

- Implementation of ISO 27001.

- Effortlessly adheres to Information Security Practices under ISO27001 framework and identify risks and executing Business Continuity Plans to avoid Business Disaster.

- Demonstrated abilities in conducting Information Security Audits, Security Planning and Management for streamlining Information Security Operations.

- Mapping Risk assessments reports to Confidentially, Integrity and Availability, NIST frameworks ISO27001-ISMS standards and controls.

- Review SOC reports, penetration test reports, BitSight reports, ISAE reports

- Responsible for Security Awareness

- Responsible for answering client questionnaires

- Led clients through successful IT External Audits, ensuring all requirements were met on time.
- Guided clients in preparing for IT External Audits, helping them achieve timely completion within compliance frameworks.

- Contributed to the development of well-organized and easy-to-understand IT External Audit reports for clients.
- Drafted clear and concise IT External Audit reports, effectively communicating findings to stakeholders.

- Global process lead for Patch Management, Vulnerability Assessment

- Defining Policies and Ensuring relevant process/procedures are adopted by the teams.

- Ensuring corporate & program risk registers up to date with accurate information.