Swati Srivastava
Pune
Summary
Operating at the intersection of technology risk, cybersecurity governance, and enterprise resilience, supporting senior leadership in strengthening control effectiveness across complex, multi-jurisdictional APAC environments. My work spans critical application identification, technology and cyber risk oversight, issue and remediation governance, and regulatory engagements. I focus on translating technical risk into clear, decision-relevant insights, enabling leadership to prioritize decisions, manage risk appetite, and meet regulatory expectations. I play an active role in senior control forums, providing forward-looking risk views, tracking remediation commitments, and ensuring audits and regulatory engagements are delivered on time with strong governance, accountability, and evidentiary discipline.
Overview
15
15
years of professional experience
6
6
Certifications
2
2
Languages
Work History
TECHNOLOGY/CYBER RISK & CONTROL GOVERNANCE
Barclays
03.2022 - Current
- Chair and lead quarterly and bi-monthly Technology Governance Forums with Country CIOs, Compliance, and Second Line of Defence (2LoD), driving oversight of cyber and technology risk posture.
- Monitor effectiveness of cybersecurity and technology controls; identify control gaps and initiate remediation strategies aligned with regulatory and internal policy requirements.
- Led development and implementation of Technology KRIs, including metric design, threshold calibration, and governance alignment.
- Conducted threshold rationalization workshops with 1LoD/2LoD to ensure risk appetite alignment and effective escalation triggers.
- Govern and track technology debt, including legacy systems, unsupported software, infrastructure obsolescence, and deferred remediation items; ensure risk visibility, prioritization, and structured reduction plans.
- Partner with Engineering and Support teams to ensure technology debt items are risk-assessed, documented, and aligned to risk appetite thresholds.
- Perform independent evaluation of third-party/vendor risk prior to onboarding and contract renewals, ensuring alignment with risk appetite and regulatory outsourcing standards.
- Develop and present structured governance reports and dashboards to senior management, highlighting risk exposure, KRI performance, and remediation status.
- Established ongoing monitoring and reporting mechanisms to track KRI performance and emerging risk themesDocument material risk themes, perform root cause analysis, and recommend risk mitigation and control enhancement strategies.
- Assess alignment of internal controls with applicable local and global regulatory frameworks, identifying gaps between regional requirements and global standards.
- Leverage advanced Excel analytics (pivot tables, trend analysis, dashboards) to support data-driven risk insights and executive reporting.
IT SEC CONSULTANT - ASSISTANT MANAGER
Infocepts India Pvt. Ltd.
03.2021 - 03.2022
- Supported risk assessments across business and technology functions to identify control gaps and operational vulnerabilities.
- Assisted in maintaining risk registers, issue logs, and remediation trackers.
- Performed control testing for ITGC and operational controls (access management, change management, incident tracking).
- Monitored Key Risk Indicators (KRIs) and escalated threshold breaches to senior stakeholders.
- Assisted in preparation of governance reports and dashboards for risk committees.
PROJECT CONTROL SERVICES
Accenture Technology Services PVT LTD
07.2018 - 03.2021
- Supported risk assessments for technology and business transformation projects (system upgrades, cloud migrations, regulatory change programs).
- Reviewed project RAID logs (Risks, Assumptions, Issues, Dependencies) and ensured proper documentation and escalation.
- Assisted control design within project lifecycle (base controls, change approvals, testing evidence, go-live readiness).
- Monitored adherence to internal project governance frameworks and regulatory change management standards.
- Ensured segregation of duties and access controls were appropriately defined before production deployment.: Ensure that project plans for analysis, requirements and design within each work stream are created and maintained, deliverables tracked against time and cost, and resource utilization is monitored throughout the project
SENIOR SPECIALIST
LUMATA DIGITAL INDIA PVT LTD
04.2011 - 07.2015
- Supported end-to-end project lifecycle governance, ensuring adherence to defined PMO frameworks and stage-gate controls.
- Monitored RAID logs (Risks, Assumptions, Issues, Dependencies) and ensured timely escalation of critical items.
- Conducted periodic project health checks covering schedule, cost, scope, and resource utilization.
- Ensured compliance with change management processes and approval workflows
Education
MBA -
BITM
Pune 04.2001 -
B.Tech -
Uttar Pradesh Technical University, RKGIT
Ghaziabad2008
Skills
- Risk assessment
- Third Party Assurance
- Issues & RE Management
- Technology KRI Reporting
- Thematic Risk Reviews
- Reporting and documentation
- Risk mitigation strategies
- Internal controls
- Enterprise risk management
- Business continuity planning
- Governance, risk, and compliance
Accomplishments
- Exceptional Contributor, Accenture
- Awarded twice Star of the Month, Accenture
- Employee of the Month, Lumata Digital
- Winner for Cost Reduction, Lumata Digital
Certification
CRISC
Timeline
TECHNOLOGY/CYBER RISK & CONTROL GOVERNANCE
Barclays
03.2022 - Current
IT SEC CONSULTANT - ASSISTANT MANAGER
Infocepts India Pvt. Ltd.
03.2021 - 03.2022
PROJECT CONTROL SERVICES
Accenture Technology Services PVT LTD
07.2018 - 03.2021
SENIOR SPECIALIST
LUMATA DIGITAL INDIA PVT LTD
04.2011 - 07.2015
MBA -
BITM
04.2001 -
B.Tech -
Uttar Pradesh Technical University, RKGIT