Girish Chhatpar

Experience

• 

  Special Steels Ltd

  Nov 1989 - Sept 1992

  Systems Officer

  Software Development using Oracle Forms, COBOL

• 

  Siemens Information Systems Ltd

  Oct 1992 - Jan 1993

  Systems Engineer
• 

  Data Management Services (Bahrain) Ltd [Datamas]

  Feb 1993 - Aug 1997

  Systems Analyst

  Responsibilities• Project Management• Systems Analysis & Design• Software Development• System Implementation• Pre-Sales Support• User Training• Conduct Specialized Training Courses on Informix 4GLSoftware for Insurance, Hotel & Restaurant Mgmt, Financial Accounting, HR & Payrollusing Informix 4GL & COBOL

• 

  Oracle Financial Services Software Ltd

  Nov 1997 - Jul 2014

  • Develop annual internal audit plan using appropriate risk-based methodology, including any risks or control concerns identified by management, and obtain approval of the Audit Committee.• Conduct risk-based internal audits (including IT / Infosec audits) across the company and its subsidiaries as per the approved annual audit plan, including, as appropriate, any special tasks or projects requested by management and the Audit Committee that are appropriate and relevant to the Audit Charter. The audit scope includes reviewing operational / financial & application controls.• Conduct internal audits as per the scope defined for the organization’s ISO27001 and ISO9001 certifications and SSAE16 (SOC 1) Type II review Show less Infosec / Process Assurance (Jan’99 to Mar’09)• Review the Policies, Standards & Procedures (S&P) of support groups. Was a member of the organization team involved in COBIT compliance review of the Facilities Management group S&P that was conducted by one of the big four audit firms. Also involved in the organization’s ISO27001 certification and corresponding internal ISMS audits.• Review the Information Security Policy, Business Continuity Plans (BCP) & periodic BCP Test results.• Review & guide the in-house application software implementation with respect to information security & application controls.• Plan & conduct business process audits of support groups such as Facilities Management, HR, Sales, etc based on risk and their Standards & Procedures (S&P). The audits involved data analysis using Excel & SQL and review of security policy implementation on Unix / Windows server / desktops.• Closely involved in the SAS 70 type II reviews conducted since the past few years by one of the big four audit firms. Responsibility included the preparation / review of the Description of Controls.• Perform due diligence checks on prospective vendors for outsourcing of data processing. Perform audits of vendor management policy & process implementation.SEI CMM based Software Quality Assurance (Nov’97 to Mar’05)• Process audits of software development / support projects.• Review of test plans, project plans / estimates & various other internal / customer deliverable, business proposals. • Testing the software on a sample basis and monitoring the execution of module / system tests.Additionally, responsible for overseeing the internal automation / information portal needs of the SQA group, conducting periodic process quizzes. Show less

  • VP, Business Audit

    Apr 2009 - Jul 2014

  • Infosec & Process Assurance / Software Quality Assurance

    Nov 1997 - Mar 2009