Summary
Overview
Work History
Education
Skills
Websites
Certification
Secondments
Timeline
Generic

Avani Joshi

London

Summary

Experienced Information Security professional with a strong academic background in Computer Engineering. Passionate about developing innovative solutions integrating system, audit, and finance components. Over 9 years of experience in Risk Assurance, successfully conducting Application Internal Audits and External Audits, focusing on Application Control and Information Technology Governance Controls. Expertise extends beyond the financial services sector, working across diverse industries such as consumer goods, pharmaceuticals, manufacturing, and retail. Currently seeking challenging roles in global organizations to enhance leadership skills and transition into a senior management position. Goal is to develop strong interpersonal and people management skills to thrive in a global work environment. Recognized for forward-thinking approach and comprehensive understanding of auditing procedures, bringing 9+ years of expertise in regulatory issue validation for large businesses. Decisive and persuasive communicator with proven problem-solving, leadership, and planning abilities.

Overview

9
9
years of professional experience
1
1
Certification

Work History

Data Transformation Internal Auditor (AVP)

Citibank London
09.2022 - Current
  • Led and conducted audits of the bank’s data management processes in response to regulatory findings (OCC & FRB) as part of the organisation’s Transformation program
  • Designed and executed test procedures to evaluate design and operating effectiveness of organisation’s data capabilities
  • This includes assessing data governance, data quality, data metrics, and other data management processes
  • Demonstrated effective communication and collaboration skills by regularly liaising with key stakeholders across various departments, ensuring comprehensive understanding of audit findings and successfully resolving issues in timely manner
  • Reviewed and enhanced organisation’s proposed data commitments prior to final submission to regulators
  • Developed and implemented resourcing model for global team, enabling effective resource allocation and optimal workload distribution.

Senior Specialist Auditor – Technology Audit, Retail Banking

NatWest Group
01.2022 - 08.2022
  • Managed stakeholder engagements, identified risk themes, led planning, execution and reporting of difficult messages of key findings and root causes
  • As part of digital transformation initiative, worked on customer and broker journeys
  • Audited applications that were bespoke, third party contracted and those hosted on cloud
  • Effectively planned, led, documented and reported compliance and operations audits in accordance with Institute of Internal Auditor and Corporate documentation standards
  • To ensure project timelines and work product routinely managed 3 graduates.

Senior Associate – Asset Wealth, Stakeholder Assurance

PwC LLP UK
08.2019 - 01.2022
  • Led multiple engagements where PwC performed AAF, ISAE 3402/SSAE 18, ISAE 3000 Type 1 and Type 2 examination for clients in Banking & Financial Services
  • Also, led ISAE 3000 Type 1 and Type 2 examination for clients in IT/ITES
  • Report was based on Trust Service Principle (TSP) 16
  • Engagements also ranged from performing user specific and generic reports for client
  • As part of main engagement on portfolio with PwC, led European Traditional Funds report as acting manager where in PwC UK was group assurance team and managed and reviewed work across 8 other countries
  • Was also involved in business development activities carried out for SOC2 bids
  • Performed attest engagements (SOC 1 and SOC 2) by meeting deadlines and delivering high quality of work by understanding new way of working during transition
  • Standardized general IT controls and provided coaching to associates as part of reports for new clients of PwC.

Consultant – Risk Consulting, IT Advisory

KPMG India
09.2015 - 05.2019
  • Worked on engagements related to SOC Attestation examinations, Third party risk management, ISO 27001:2013 Implementation Assistance and Information Risk Management in Internal and External Audit Engagement
  • Third Party Risk Management: Led project with 8 team members for eading pharmaceutical company based in Basel where client intended to perform Third Party Risk assessments for its service providers
  • ISO 27001:2013 Implementation Assistance: Led ISO 27001:2013 implementation assistance engagement where primary responsibilities were to conduct internal audit for organization and support functions (Human Resource, Administration, and Finance) and providing gap assessment report along with documentation of risk control matrix
  • Information Security and Privacy Assessment (IT Act, 2013): Team member on Information security and privacy assessment based on Information Technology Act, 2013 of India
  • As Program Manager, ensured of zero SLA breaches at multiple stages of third-party risk management engagement
  • Was involved as core team member in organizing Cyber-Space event for KPMG Mumbai and Pune region.

Education

Bachelor of Engineering (B.E.) in Computer Engineering -

Pune Institute of Computer Technology
Pune, India
05.2015

Skills

  • Financial Audit
  • Third Party Risk Management (TPRM)
  • SOC1 and SOC2
  • Regulations and compliance
  • Risk level determination
  • Internal Controls
  • Adaptability

Certification

  • ISO 27001:2013 Information Security Management System (ISMS) Certified Lead Auditor
  • ISO 22301:2012 Business Continuity Management System (BCMS) Certified Lead Auditor
  • BSI 10012:2009 Personal Information Management System (PIMS) Data Privacy Certified Lead Auditor

Secondments

  • KPMG United Kingdom, Technology Risk Consulting, 09/2017 - 03/2018
  • KPMG South Africa, Technology Risk Consulting, 01/2019 - 03/2019

Timeline

Data Transformation Internal Auditor (AVP)

Citibank London
09.2022 - Current

Senior Specialist Auditor – Technology Audit, Retail Banking

NatWest Group
01.2022 - 08.2022

Senior Associate – Asset Wealth, Stakeholder Assurance

PwC LLP UK
08.2019 - 01.2022

Consultant – Risk Consulting, IT Advisory

KPMG India
09.2015 - 05.2019

Bachelor of Engineering (B.E.) in Computer Engineering -

Pune Institute of Computer Technology
Avani Joshi