Sweta Rai

Experience

• 

  Xerox

  May 2016 - Mar 2018

  IT Risk Analyst

  • User Access Management based on role matrices, Access provisioning on various platforms like SQL DB, Client-Server, Oracle DBA, and Siebel • Performed Scrubs activities to control unwanted or unauthorized access, Implementing security policy (profiles) by creating, managing, and removing user accounts and access rights into IT systems• Working on Governance, Risk and Compliance (GRC) tool to mitigate the Risk• SOD Management : Identification and maintenance of User Exceptions

• 

  EY

  Apr 2018 - Feb 2024

  • Spearheaded IT audits focusing on enterprise risk management, internal controls over financial reporting, and regulatory compliance.• Led a high-performing team, providing guidance on documentation and testing approaches.• Executed SOX audits, IT Application Control, and Financial Audit IT Integration.• Successfully conducted Security Benchmarking, COSO and COBIT Framework, and SOC 1 Reports.• Engaged directly with clients, managing data requirements and facilitating effective communication.• Applied 5 years of experience in Internal Audit, handling external audits and ensuring compliance.• Specialized in IT General Controls, IT Automated Controls, and Information Produced by the Entity (IPE’s).• Proactively prepared data requirement lists based on client walkthroughs. Show less • Led and managed a portfolio of 8 client engagements at a time for Financial Audit IT, including IT SOX audits, financial statement audits, managed teams ranging from 2 to 3 personnel.• Conducted engagements in the financial services sector, with a client profile ranging from regional banks and multinational banks based out of UK and Australia.• Clients served across Financial Services industries and implementation of policies and procedures for Banks and NBFC’s• Leading client process and technology walkthrough to perform independent design and operating effectiveness controls testing procedures• Experience of working on enterprise risk management, security assessments, security benchmarking and framework readiness assessments, internal controls over financial reporting, ITGCs, SOX audits, IT Application Control, Financial Audit IT Integration, Application control review, SOD, identification of risks and controls for business processes, technology elements and Audit of CyberArk tool• Strong analytical and multi-tasking skills with ability to adapt as per client and business requirements, providing trainings to the new joiners on Auditing Methodology and team management experience• Reported status updates to both management and the Audit Committee Show less

  • Senior

    Oct 2022 - Feb 2024

  • Senior Consultant

    Jul 2021 - Oct 2022

  • Consultant

    Aug 2019 - Jun 2021

  • Associate Consultant

    Apr 2018 - Jul 2019