1. APOORVA KABRA
IT/IS AUDITOR
PHONE: 09716299151 EMAIL: apoorv akabra@hotmail.com
PROFILE
IT Risk & business consulting professional with 6 years of div erse experience across IT Statutory audit, IT General
control testing, Information security (ISMS) testing, ISO 27 001 control testing,, SOX 404 control testing, SSAE 16
(SOC) report and compliance rev iew.
Working as a part of the core assurance team to test the automated and IT dependent manualcontrols. Documenting
the ov erall engagement in a central audit file over AURA depicting the testing performed for each individual controls
and the lev el of ev idences v erified and tested with observ ations.
Dy namically involved in assessment of organization information technology (IT) architecture, casing the scope, which
comprises – ISO 27 001:2013 compliance review and pre-certification assessment, review of policies and procedures
dev eloped by the organizations, identifying and testing the critical financial controls, gap assessment to ISMS
(Information security management system)and ISO 27001, Information security risk assessment, Access management,
Change management, VAPT, BCP/DRP
Served leading multinational / fortune 500clients in industries viz., Telecom,Manufacturing,Technology,Publication,
ITES/BPO and E-commerce etc.
Business Process rev iews such as P2P, FA, RnR, Pay roll etc. for audit clients.
Business Dev elopment Activ ity , Proposals for new Business
EXPERIENCE
S No INDUSTRY TENURE Methodologies worked upon
1
Price Waterhouse &
Co (PWC)
March 2015 – tillpresent
IT audit, SOX 404 control testing, Report
Testing, OS & DB testing,SSAE 16 report
v alidation,ICFRreporting
2 Aircel March 2013-Feb 2015
InternalAudit Team, IT and NWsecurity audits,
Marketing and Revenue AssuranceAudits etc.
3
Nokia Siemens
Networks
Dec 2009-Feb 2013 IT and NW security , NetworkOptimization
OVERVIEW:
Price waterhouse Coopers- Sy stem Process Assurance
Executed ITGCs audits focusing on the critical financial risk. Domains covered as part of testing includes User access
testing, Change management, Program dev elopment and Computer operations.
Piloted sev eralclient engagements vis-à-vis mentoring teams of 5-6 people, managing project profitability, reporting to
senior management and working closely with key client stakeholders and process owners
Executed Information technology general controls (ITGC) assignments at various client/organizations. This includes
rev iew of policies and procedures, contract management,change and incident management, server and networkdevice
hardening, physical and logical security controls of critical devices, compliance management, backup and recovery,
asset management and CIA.
Conducted audits for application & database hosted over Oracle, SQL, technologies. Reviewed applications in respect
to master database management, logical security, log management, change and incident management, data flow,link
monitoring, I/O v alidation and data integrity , data leakage.
IT Project Lead for 2 big telecom operators in India and ov erseas for deliv ering end to end ITGC audit
Report testing
Business Process rev iews for audit clients
ICFR documentation for audit clients ( ITGC and Business Process)
Business Dev elopment Activ ity , Proposals for New Business
Aircel- Internal Audit
Responsible for conducting end to end Business and IT/ NW security audits
Regulatory Audits,Application security audits,Data center audits, Marketing and sales , Revenue Assurance Audits etc.
Responsible for designing gap reports for audit committee meetings.
2. Nokia Siemens Networks- Security and Compliance
Network deploy ement
Network Security complaince
Worked on many intenational assignments inclduing staying in Africa for 4 months for deploy ement of networkfor a
leading telecom operator
Domestic telecom operators audit engagements
Optimization audits
EDUCATION & CERTIFICATIONS
YEAR DEGREE/COLLEGE
2005-2009 Bachelor in Technology (Electronics and Telecom): Amity University, Noida
2005 Grade twelve: St.John’s School Mahrauli,Varanasi
2003 Grade tenth: St.John’s School Mahrauli,Varanasi
2010 Certified CCNA i.e. Ciscocertified NetworkAssociate