Sarthak Gulati

GRC Exception Analyst

· Conducted exception analysis for a major Oil and Gas company, focusing on identifying and addressing deviations in business controls

· Analysed exceptions raised by quarterly continuous control monitoring jobs across P2P, O2C, R2R processes

· Engaged with business owners to discuss control operation deviations and collaborated on remediation plans

· Successfully closed exceptions by implementing remediation plans based on thorough assessment of observations

Risk Facilitator

· Integral member of the Assurance team working on Risk and Control Self-Assessments (RCSA) for a major US Investment bank to support the organization’s first Line of Defence (LoD) by facilitating comprehensive risk evaluations and enhancing control processes

· Responsible for facilitating risk assessments and understanding the control environment and related processes

· Created detailed risk reports from different data sources like CCM metrics and reviewed control effectiveness

· Engaged with key stakeholders to align on risk frameworks and mitigation controls

Compliance Analyst

· Performed a SOX audit engagement for an Oil and Gas Major, focusing on IT General Controls and Security controls across 15 SAP ECC and GRC Applications

· Conducted thorough design and operating effectiveness testing for IT and security controls, including segregation of duties, change management, client procedures, access reviews, incident management, and user account management

· Executed detailed testing and documentation for IT general controls and security controls, ensuring compliance with SOX requirements

· Executed IRMeA audit, focusing on IT General control (ITGC) and IT Application Controls (ITAC) for various custom applications

· Involved in auditing cloud-based (AWS) and web-based applications, assessing controls like cloud access management, segregation of duties (SoD), and data backup controls

· Performing testing of Information Provided by Entity (IPE), ensuring accuracy and reliability of audit evidence

· Served in the RPA audit team, developing a risk control framework for UiPath RPA BOTs used in Finance, HR and Customer Experience functions

· Crafted a risk control matrix and conducted design-level control testing, documenting critical findings to bolster IT governance and BOT security

Compliance Automation Engineer

· Assisted several clients and audit teams to automate end to end control testingprocedures using Power Platform, UiPath, etc. enhancing efficiency and accuracy in Firefighter, Access and Change Management

· Conducted comprehensive analysis of the current business state, developed business flow diagrams, and identified automation opportunities to streamline control testing processes

· Designed future state workflows and exception handling protocols, ensuring robust control mechanisms and compliance

· Utilized Power BI to create visual reports, presenting results of phishing campaigns to global senior management, aiding in cyber awareness

· Created and deployed a Power Apps-based User Access Review Control system, automating user data extraction and review processes with evidence generation for audit trails

· Innovated an RPA-driven integration for data exchange between SAP GRC and SNOW IRM, leveraging UI automation for data extraction and API end points for data synchronization

· Led the design of solution architectures for Power Platform integrations, driving automation in internal applications and mentoring developers on best practices

RPA Developer - Involved in BOT Development on UiPath for Background Verification Process (BGV)

• The Process involved end to end data extraction from various vendor's BGV website and using the extracted data to create new cases in Forensic team's BGV website for data -processing
• Automating various process touchpoints using web and windows-based automation, email monitoring, excel functionalities, file content management, PDF and word functionalities
• Implemented status logging and rules for the flow of the automation

Voice triggered and Chatbot triggered Automation

• Worked on a mechanism to trigger RPA bots using voice and chatbot based commands
• Voice assistant/chatbot takes input from user and makes API call to RPA bot and perform actions based on user input

Data Classification Automation

• Served in team who delivered end to end automation where RPA bot takes user inputs and triggers data classification model based on user inputs