GRC Consultant

Control self-assessment methodology for the organization’s integrated control framework.Review the control testing responses and evidence submitted by control owners and engage for process walkthroughs and clarifications if any. Document the observations/ findings and publish internal control testing status to the executive committee. Performing analysis of revisions/ updates to regulatory requirements and identify gaps in the current organization control framework. Engage with the client / vendors / Partners to enhance the control testing and remediation workflow. Track and manage remediations with Delegated entities till closure. Participate in risk management discussions to identify solution risks and strategies to mitigate them. Maintain risk register and engage business owners for risk acceptance if any. Review audit findings with peer auditors and prepare an executive summary. Conducting Vendor risk assessments as per standards: ISO 27001 - 2013, ISO 31000, NIST, PCI DSS. Security audit, identify the gaps and gap assessment report documentation and submit the report to the management. Knowledge in Vulnerability management and Incident management. ITGC control testing· Collect the evidence and share the evidence to the auditors.