Sourabh Raikwar
Summary
Experienced IT Auditor and Controls Specialist with over 2 years of expertise in IT audit, ISO 27001, and IT controls, including in-depth knowledge of the Sarbanes-Oxley Act (SOX) and IT General Controls. Skilled in conducting walkthroughs, developing process diagrams to identify control attributes, and testing control effectiveness. Proficient in assessing the completeness and accuracy of reports (IPE/IUC) used for audit evidence or control execution.
Overview
3
3
years of professional experience
1
1
Certification
Work History
IT Auditor
KRITSOL
Hyderabad
01.2025 - Current
- Conducted ISO 27001:2022 Gap Assessments, evaluating the effectiveness of Information Security Management System (ISMS) controls and identifying non-compliance areas.
- Assessed organizational and people-related controls, ensuring alignment with ISO 27001:2022 Annex A controls and security best practices.
- Reviewed and tested Information Security Policies, Risk Management Procedures, and Access Controls to verify compliance with ISO 27001 standards.
- Performed ISO 27001 Internal Audits, including evidence gathering, control testing, and reporting non-conformities to management.
- Assessed the effectiveness of risk treatment plans and provided recommendations to enhance security governance and mitigate vulnerabilities.
- Developed remediation plans for identified deficiencies, working closely with stakeholders to implement corrective actions.
IT Auditor
DXC Technology
Bangalore
07.2022 - 05.2024
- SOX Compliance & Internal Audit Support: Conduct testing of internal controls over financial reporting to support SOX compliance (SOX 404) and financial audits, ensuring alignment with PCAOB standards.
- Risk Assessment: Perform IT risk assessments across systems, applications, databases, and cloud environments to identify vulnerabilities and threats.
- Critical Applications & Risk Matrices: Collaborate with business units to identify key applications and develop risk control matrices to manage IT-related risks.
- Control Assessment & Documentation: Evaluate and document IT controls andweaknesses, auditing infrastructure and applications for compliance andsecurity.
- ITGC Auditing: Audit IT General Controls and tools (e.g., JIRA), document control designs, and conduct sample-based testing.
- Control Testing & Deficiencies: Test control effectiveness, identify deficiencies, and perform additional testing to mitigate risks.
- Remediation & Follow-Up: Support remediation planning, coordinate corrective actions, and conduct follow-up audits.
- ISO 27001:2022 Compliance: Conduct audits and risk assessments under ISO 27001:2022, ensuring ISMS compliance and recommending mitigation strategies.
Education
Bachelor of Technology - Electrical and Electronics Engineering
Rajiv Gandhi Technical University
Madhya, Pradesh, IndiaSkills
- IT audit
- IT controls
- Sarbanes-Oxley Act (SOX)
- IT General Controls (ITGC)
- PCAOB
- Cybersecurity
- Risk assessments
- SOC 1/2
- ISO 27001
- IPE/IUC
Certification
- ISO 27001 Lead Auditor
- ISO 27001 Lead Implementor
- Microsoft Certified: Security Fundamentals
Timeline
IT Auditor
KRITSOL
01.2025 - Current
IT Auditor
DXC Technology
07.2022 - 05.2024
Bachelor of Technology - Electrical and Electronics Engineering
Rajiv Gandhi Technical University
Similar Profiles
Getika PulteeGetika Pultee
IT Auditor at Ernst & YoungIT Auditor at Ernst & Young
Preetam Kumar MajheePreetam Kumar Majhee
IT Auditor at EY Global Delivery ServicesIT Auditor at EY Global Delivery Services
Kimbelie ChotkanKimbelie Chotkan
IT Auditor at Grant ThorntonIT Auditor at Grant Thornton
Milly Sussan BabujiMilly Sussan Babuji
IT Auditor at Moore Kingston SmithIT Auditor at Moore Kingston Smith
Deepak DharDeepak Dhar
Head Presales & Partner Management at Baseel Partners LLPHead Presales & Partner Management at Baseel Partners LLP