Avatar of Bala Aravind Tanam.
Bala Aravind Tanam
An IT Risk professional with experience in: ● ICFR Audits, SOX Readiness Assessments, and Pre/Post Implementation Assessments. ● Evaluation of General IT Controls (GITCs/ITGCs) and Application Controls (ITACs). ● Automated control audit. ● Documentation of walkthrough of controls, Identifying control gaps. ● Performed all stages of the audit including, planning preparing the audit program, fieldwork executing, reporting and follow up.
個人檔案
職場能力評價0

貼文
0個聯絡人
列印
Avatar of the user.

Bala Aravind Tanam

An IT Risk professional with experience in: ● ICFR Audits, SOX Readiness Assessments, and Pre/Post Implementation Assessments. ● Evaluation of General IT Controls (GITCs/ITGCs) and Application Controls (ITACs). ● Automated control audit. ● Documentation of walkthrough of controls, Identifying control gaps. ● Performed all stages of the audit including, planning preparing the audit program, fieldwork executing, reporting and follow up.
尚無簡介。
Logo of the organization.
Protiviti India Member Firm
Arunodaya University
Toronto, ON, Canada
加拿大

專業背景

  • 目前狀態
    待業中
  • 專業
    稽核
  • 產業
  • 工作年資
    4 到 6 年相關工作經驗
  • 管理經歷
  • 技能
    SOX 404
    ITGC Audit
    ICFR
    Risk Management
    COSO Framework
    SOC 2
    Microsoft Office
  • 語言能力
    English
    專業
    Hindi
    進階
    Telugu
    母語或雙語
  • 最高學歷

求職偏好

  • 預期工作模式
    全職
    對遠端工作有興趣
  • 希望獲得的職位
  • 期望的工作地點
  • 接案服務

工作經驗

Logo of the organization.

Senior Consultant – Internal Audit\SOX Operational Controls

2022年6月 - 2023年11月
1 年 6 個月
● Audit internal controls over financial reporting (ICOFR) for management assessment under Section 404 of the Sarbanes-Oxley Act ("SOX"); includes meeting with various departments to understand key business and IT processes, testing of key automated and IT general controls (ITGC), and making recommendations for improvements in internal controls. ● Identity and access management (IAM) covers the policies, processes, and tools for ensuring users have appropriate access to information technology (IT) resources. Identifying and evaluating the risks during review and analysis of system development life cycle (SDLC), including Design, Testing/QA, and Implementation of systems and upgrades. Evaluating controls including Change Management, Access Controls, Segregation of Duties, System development methodologies, Incident management controls regarding SDLC. ● Work with the Internal Audit team Managers and the Director to address any observed concerns or gaps, provide recommendations, and monitor the resolution of prior period issues. ● Performed compliance, operational, IT and financial internal audits to determine adherence to guidelines and regulations and evaluate the effectiveness of internal controls. ● Reassessing the controls and deficiencies and retesting all the identified key controls within SOX guidelines. ● Evaluating IT control elements to reduce IT risks related to the confidentiality, integrity, and availability of business information. ● Reviewing and testing for segregation of duties (SOD) and accessing control in application to ensure compliance with SOX. ● Risk control metrics (RCM) listing for tool optimization and automation to reduce manual work. ● Conducted walkthrough, formulated test plans, documented gaps, tested the results and exceptions. ● Create precise, logical, and detailed work documents that clearly describe the control, testing results, and conclusions made. ● Sending the WSR (weekly status report) to the management which includes all the control findings. ● Delivering timely and concise communication, including developing and producing management reports, illustrating status, trends, and action plans.

Consultant

2020年3月 - 2022年5月
2 年 3 個月
बेंगलुरु, कर्नाटक, भारत
● Performing general controls review to verify compliance with SOX section 404. ● Reviewing the systems for IT general controls (ITGC), risk and compliance with policies and regulations. Reviewed SDLC, designed, and implementation of process and automated controls, data created final audit reports and oversaw the implementation of creative action plans while maintaining communication with all levels of management. ● Performed assessments of application controls and IT general controls such as access control, change management, operations, disaster recovery and job scheduling related to SOX-404 (GITCs). ● Auditing the controls with 4 guidelines/GITC pillars-Risk, Control, Vulnerability, Threat with policies and regulations. ● Defines, executes and manages IT audits to assist in completion of the annual audit plan. ● Individual workpapers and documentation of work accomplished are completed on time and arranged so that conclusions and findings are fully supported. ● Tracking the results of prior audits and facilitating appropriate corrective action. ● Responsible for the management and delivery of IT and business process audits to ensure that business risks are identified and addressed appropriately before they have a negative impact on the organization.

Senior Process Associate

2018年8月 - 2020年2月
1 年 7 個月
हैदराबाद, तेलंगाना, भारत
● Assist/lead various compliance efforts and ensure adherence to stated policies and procedures such as SOX 404. ● Assist in the development of all audit processes, including risk assessment, planning, audit program development, audit procedure execution, and audit results reporting to higher management. ● Testing, Implementing and Identification of risks by testing the controls (ITGC). ● Performed Access management (IAM), Change management, Incident management, IT operation (ITOM). ● Worked on Access reviews for Highly privileged user accounts (HPA) and Non-highly privileged user accounts (non-HPA) for both applications and databases. ● Worked on Quarterly HPA, User creations, User Terminations, Password configurations. ● Manage remediation of unidentified/unauthorized access deficiencies, mitigate risks with the help of application teams. ● Evaluating IT controls, analyzing and assessing IT controls, risk management, security, and compliance, as well as the complete IT audit process. ● Attending Walkthroughs and Reviewing work papers and reports, documenting and analyzing the audit evidence. ● Knowledgeable in ERP (SAP) business processes and testing of relevant controls.

Audit Associate

2014年10月 - 2017年9月
3 年 0 個月
हैदराबाद, तेलंगाना, भारत
● Independent execution of various internal Audit assignments by supervision of operations including planning, resource allocation and overall quality of deliverables, processes, and completion of Audits. ● Vouching & Verification of Account balances & Assets and Liabilities. ● Conducting physical verification of stocks, inventory & Fixed Assets. ● Filing of TDS & Income Tax returns. ● Internal Audit of Financial Statements.

學歷

學士學位
Auditing & Accounting
2019 - 2022
Logo of the organization.
其他
Audit & Assurance, Accounting
2012 - 2014

資格認證

Certified Information Systems Auditor (CISA)

ISACA
2028年11月 到期

ISO 27001:2022 Lead Auditor

Exemplar Global
2025年9月 到期

職場能力評價