Parcourir les catégories
Explorer
Fiverr Pro
Français
$
USD
Dhivya Lakshmi
@dhivya_79
IT Auditor, GRC Compliance, TPRM, SOC
Émirats Arabes Unis
Anglais
À propos de moi
CISA and ISO 27001 Lead Auditor certified IT Audit and Information Security professional with 5+ years of experience in IT General Controls (ITGC), IT Application Controls (ITAC), SOX compliance, ISO 27001 audits, and Third-Party Risk Management (TPRM). Proven expertise in risk-based audit execution, control design and operating effectiveness testing, Segregation of Duties (SoD), User Access Reviews (UAR), SOC report evaluation, and regulatory compliance. Strong exposure to banking, financial services, and UAE regulatory environments.
Compétences
Dhivya Lakshmi
hors ligne •
Temps de réponse moyen de 1 heure
Voir mes services
Certifications et réglementations
I will do something i am IT audit, iso27001 compliance, vendor risk
Expérience professionnelle
Assistant Manager – GRC and Cybersecurity
Risk and Safety Plus • Temps plein
Apr 2025 - Oct 2025 • 6 mos
• Supported GRC and cybersecurity operations for Abu Dhabi government entities, including Continuous Control Monitoring (CCM), Segregation of Duties (SoD), and User Access Reviews (UAR). • Performed vendor security compliance reviews, assessing vendor controls against ISO 27001, NIST CSF, and internal security requirements. • Conducted IT risk assessments and maintained enterprise risk registers aligned with ISO 27001 and internal control frameworks. • Coordinated audit evidence collection, stakeholder walkthroughs, and signoffs for regulatory and compliance audits. • Reviewed and updated policies and procedures to ensure alignment with ISO 27001 Annex A controls. • Developed templates, trackers, and reporting mechanisms for risk, compliance, and audit activities. • Acted as a liaison between business stakeholders and development teams to implement GRC enhancements, workflow updates, and remediation improvements.
Security Delivery Senior Analyst – IT Audit, Vendor Security Compliance & Information Security
Accenture
Jul 2023 - Mar 2025 • 1 yr 8 mos
• Conducted ISO 27001 internal audits and gap assessments, identifying deficiencies and supporting corrective action plans. • Executed ITGC and ITAC testing across access management, change management, and IT operations. • Supported SOX compliance testing, ensuring reliability of IT controls over financial reporting systems. • Performed Third-Party Risk Assessments (TPRM) including vendor security reviews, SOC report analysis, and compliance assurance checks. • Presented audit findings to senior management, highlighting high-risk issues and remediation timelines. • Contributed to first drafts of risk assessments, audit reports, and compliance documentation. • Followed up on management action plans to assess adequacy, effectiveness, and timeliness of remediation.
Senior Associate – Internal IT Auditor, GRC & Third-Party Risk
Capgemini
Aug 2021 - Jul 2023 • 1 yr 11 mos
• Performed ITGC testing supporting SOX compliance across financial reporting systems. • Evaluated control design and operating effectiveness for enterprise IT controls. • Supported external auditors during statutory audits through documentation review and evidence validation. • Conducted TPRM reviews for US-based financial institutions, including data privacy and cybersecurity risk assessments. • Standardized and responded to partner due-diligence questionnaires request, improving consistency and turnaround time. • Performed Continuous Control Monitoring (CCM) as part of internal audit programs. • Assessed enterprise internal controls and contributed to effectiveness testing across key IT processes. • Conducted IT security reviews for banks in compliance with applicable Indian regulatory requirements. • Performed SOC 2 Type 2 reviews and application security risk assessments across various technologies.
