Summary
Overview
Work History
Education
Skills
Certification
Professional Expertise
Timeline
Generic

Shibani Kapoor

Digital Risk Consultant
Gurugram

Summary

Results-oriented Senior Consultant with extensive experience in IT risk management, audit, and compliance. Proven ability to manage complex digital transformation and technology risk initiatives across diverse sectors and geographies. Skilled in delivering IT internal/external audits, SOX 404 compliance, ICFR, SOC 1/2 reporting, and cybersecurity assessments for global clients.

Overview

9
9
years of professional experience
7
7
years of post-secondary education
2
2
Certifications

Work History

Senior Consultant

Ernst & Young LLP
Gurugram
10.2023 - Current
  • Managed high-impact FAIT and internal audit engagements across UAE, Egypt, US, UK, Canada, South Africa, Singapore, and India, leading teams of 5–8 members and delivering comprehensive IT risk assurance
  • Managed complete delivery lifecycle for Internal and External audits, covering internal audits, statutory audits, and remediation planning—serving as a single point of contact for client stakeholders and senior leadership
  • Managed SOX 404 compliance programs for Fortune 500 clients, aligning with auditors, SOX compliance leads, and CTOs to execute ITGC, ITAC, IPE, and remediation testing
  • Executed IT General Control reviews (ITGC) and configuration testing for SAP, Oracle and legacy in-house systems as part of financial audit support across healthcare, agrochemicals, manufacturing and banking and insurance
  • Assessed and validated application and IT-dependent controls (ITAC) across finance, procurement, payroll, and other modules—enhancing automation and reducing reliance on manual testing
  • Performed SOD and user access reviews (UAR), and supported RACM design and risk mapping across critical systems and processes
  • Managed internal audits covering IT operations, data center governance, IT asset lifecycle, disaster recovery, cloud environments, and third-party/vendor risk
  • Oversaw access control testing and remediation, including privileged access reviews and policy compliance checks via tools like SAP GRC, ServiceNow, CyberArk, and Archer
  • Validated backup procedures, disaster recovery controls, and job scheduling logs (e.g., SAP SM36/SM37), ensuring alignment with business continuity protocols
  • Led cross-industry audit trail compliance initiatives across India, providing strategic oversight and expert guidance to client teams on remediation efforts, while ensuring full adherence to evolving regulatory frameworks and industry standards
  • Planned and delivered client-centric PMO activities, including resource planning, budgeting, documentation tracking, and audit issue management
  • Presented dashboards and risk intelligence to leadership teams, facilitating CTO-level insights and actionable remediation strategies
  • Contributed to successful proposal development and RFP responses, helping secure new clients and drive account growth across key sectors
  • Received recognition a Business Extraordinaire Award (Q1 2024) for high-quality work that adds value for all stakeholders
  • Promoted normatively from Associate Consultant to Senior Consultant 2 within 4+ years for consistent performance, technical depth, and early leadership demonstration

Team Lead – Operational Analysis

Compare & Connect
Melbourne
10.2016 - 04.2021
  • Planned, coordinated, and directed quality assurance programs; formulated and implemented quality control policies
  • Conducted compliance audits in collaboration with the Training Manager to assess and improve the handling of customer complaints
  • Maintained and analyzed compliance data from the Compliance Manager portal to support strategic goal setting
  • Managed and mentored a team of 10–15 members as part of KPI-driven leadership responsibilities

Education

Master of Professional Accounting -

Kaplan University
Melbourne, Australia
01.2016 - 01.2017

MBA - Accounting

Deakin University
Melbourne, Australia
04.2014 - 01.2016

Bachelor of Arts - Economics

Delhi University
New Delhi, India
01.2011 - 01.2014

Senior Secondary -

St. Mary’s School
New Delhi, India
01.2010 - 03.2011

Skills

  • Financial Audit IT Integration (FAIT)

  • Internal Controls over Financial Reporting (ICFR)

  • 11G Audit Trail Compliance

  • SOX 404 Compliance & Remediation

  • Cybersecurity Risk Assessments & Control Reviews

  • Operating System & Database Security Configuration Reviews

  • SDLC & Change Management Reviews

  • Vendor & Third-Party Governance Reviews

  • Regulatory Compliance (ISO/IEC 27001, NIST, COBIT)

  • General Controls (ITGC) – Internal & External Audit

  • IT Application Controls (ITAC), Key Report Testing & IPE Review

  • IT Risk Management, Risk Register & RACM Development

  • Policy & Procedure Review (IT, Security, Governance)

  • Backup Management & Disaster Recovery Testing

  • IT Risk Management, Governance and Compliance

Consulting

Certification

ISO 27001 – Certified

Professional Expertise

  • Financial Audit IT Integration (FAIT)
  • Internal Controls over Financial Reporting (ICFR)
  • 11G Audit Trail Compliance
  • SOX 404 Compliance & Remediation
  • Cybersecurity Risk Assessments & Control Reviews
  • Operating System & Database Security Configuration Reviews
  • SDLC & Change Management Reviews
  • Vendor & Third-Party Governance Reviews
  • Regulatory Compliance (ISO/IEC 27001, NIST, COBIT)
  • General Controls (ITGC) – Internal & External Audit
  • IT Application Controls (ITAC), Key Report Testing & IPE Review
  • IT Risk Management, Risk Register & RACM Development
  • Policy & Procedure Review (IT, Security, Governance)
  • Backup Management & Disaster Recovery Testing
  • IT Risk Management, Governance and Compliance

Timeline

Senior Consultant

Ernst & Young LLP
10.2023 - Current

Team Lead – Operational Analysis

Compare & Connect
10.2016 - 04.2021

Master of Professional Accounting -

Kaplan University
01.2016 - 01.2017

MBA - Accounting

Deakin University
04.2014 - 01.2016

Bachelor of Arts - Economics

Delhi University
01.2011 - 01.2014

Senior Secondary -

St. Mary’s School
01.2010 - 03.2011
Shibani KapoorDigital Risk Consultant