Shivani Bansal

Associate Consultant

Langley, British Columbia, Canada6 yrs 9 mos experience

Most Likely To SwitchHighly Stable

Key Highlights

Expert in IT Audit and risk management methodologies.
Led SOC 2 audits for healthcare and commercial sectors.
Extensive experience in IT General Control reviews.

Stackforce AI infers this person is a skilled IT Auditor with expertise in compliance and risk management across various sectors.

Contact

Skills

Core Skills

It AuditSoc 2It ControlsItgc

Other Skills

CybersecurityFinancial ReportingISO 27001ITGC DESIGN AND REVIEWITGC SOXInformation SecurityInformation System AuditLeadershipMicrosoft OfficeOperational effectivenessSAP ITGCSQL

About

Dedicated professional with proficiency in IT Audit and risk management methodologies with overall professional experience of 4 years. Experience in SOX compliance, IT risk and control assessment along with conducting operational audits. Possessing 2 years of extensive experience in performing IT internal audits, along with IT advisory engagements, including process reviews of the organizations’ IT security and infrastructure, across multiple industry sectors such as Manufacturing, Banking, etc. I have experience in IT General Control review and risk assessment of various user access and change management exercises.

Experience

Kpmg canada

Consultant

Sep 2023 – Present · 2 yrs 6 mos · Greater Vancouver, British Columbia, Canada · Hybrid

Conducted comprehensive General IT Controls (GITC) audits for clients in the shipping, mining, and
commercial sectors.
Led a SOC 2 audit engagement for a healthcare client, focusing on the Trust Services Criteria.
Evaluated the design and operating effectiveness of the client’s controls related to security, availability,
processing integrity, confidentiality, and privacy.
Collaborated with the client’s IT and compliance teams to remediate identified control deficiencies.
Prepared and reviewed SOC 2 audit reports, ensuring accuracy and completeness for submission to
external parties.
Collaborated with the data privacy team to ensure compliance with data protection regulations, focusing on
the implementation of Data Subject Rights (DSR).
Gained hands-on experience in managing Consent Management Platforms (CMP) and facilitating Data
Discovery & Classification (DD&C) processes.
Enhanced organizational data privacy practices by effectively integrating cookie management and user
consent protocols.
Assessed and evaluated IT control environments to ensure compliance with industry standards and
regulatory requirements.
Identified control weaknesses and provided actionable recommendations to improve IT governance and
risk management practices.
Developed detailed audit reports and presented findings to senior management and client stakeholders.
Managed and executed an SAP engagement for a client, assessing the effectiveness of SAP application
controls.
Reviewed SAP configurations and security settings to ensure proper segregation of duties and access
controls.

IT AuditIT ControlsSOC 2

Pwc

Consultant

Aug 2021 – Nov 2022 · 1 yr 3 mos · Gurugram, Haryana, India

Performed IT General Control review across IT processes such as Change Management, Access Management and IT Operations.
Helped the team by cross collaborating with the financial audit team and identifying key financially significant IT Systems along with the material IT findings and its mitigation.
Evaluated and reviewed the preventive and detective IT controls for risk surrounding the Privileged Access, User Access review, Passwords, Joiners, Movers & leavers process, IT Change Process, Segregation of Duties between the developers and migrators, Segregation of IT Environment, Incident Management, Backup Policy & Procedures, Scheduled jobs monitoring and resolution, Entity Level Controls across multiple technologies and their underlying infrastructure.
Performed completeness and accuracy assertions around the financial relevant reports.
Performed IT Automated business controls such as three-way match and depreciation of fixed assets.
Performed IT Internal audits for different industries like Banking & Financial services, Telecom, FMCG and Healthcare.
Designed and reviewed the client’s IT Risk and Control Matrices.
Consulted multiple clients by highlighting key observations related to their IT Environment across multiple domains and identified the mitigation controls and developed an implementation plan to mitigate the risks and strengthen the IT Processes.
Performed substantive and remediation testing across multiple client’s IT Control framework to help them implement the additional preventive or detective controls.
Evaluated the SOC 1 Type II reports for the services managed by third party providers.

ITGC DESIGN AND REVIEWIT AuditITGC SOXITGCSAP ITGC

Bt

2 roles

Senior Business Analyst

Aug 2019 – Sep 2021 · 2 yrs 1 mo

Reviewed internal processes such as: Incident Management, Quality Management, Customer Service Assurance, Implementation Management, Release Management and Issue Management.
Ownership of Escalated issues especially IT Security Related issues.
Tracking of daily/weekly check process, Link Utilization Reports and Traffic Management Graphs.
Organizing, Managing, and tracking multiple detailed tasks and assignments with frequently changing priorities and deadlines in a fast-paced work environment.
Established and maintained a positive and professional relationship with clients. Assisting in setting and managing client expectations for completion of work. Deploying and configuring services in one or more host data centers and using infrastructure as a service. Amending network changes on the network, if required.