Nalla Sravanthi Reddy
Manager, IT Audit
Hyderabad
Summary
Certified Information Systems Auditor (CISA) with over 10 years of experience in IT and 7+ years in IT auditing. Proven expertise in ITGC controls, SOX compliance, Cybersecurity audits, and SAP security. Adept at leading audit teams, implementing compliance frameworks, and enhancing IT audit efficiency through process re-engineering and advanced audit tools. Skilled in conducting risk assessments, designing audit methodologies, and leveraging data analytics for continuous monitoring of IT and cybersecurity risks.
Overview
15
15
years of professional experience
2
2
Certifications
Work History
Manager, IT Audit
FOSSIL Group Inc.
03.2022 - Current
- IT & Cybersecurity Risk Assessment: Conduct regular risk assessments to identify key IT and cybersecurity risk areas, ensuring they are appropriately covered in the annual IT audit plan
- Audit Process Design & Implementation: Lead the design and implementation of internal audit processes and solutions for continuous monitoring of IT and cybersecurity risks, leveraging data analytics techniques
- Emerging Risk Auditing: Develop and execute audit methodologies for emerging risk areas such as Cloud, Agile development, E-Commerce, Social Media, and ESG, ensuring alignment with industry standards (ISO, ITIL, etc.)
- IT & Cybersecurity SME Hub: Lead the development of Internal Audit’s IT and Cybersecurity subject matter expert hubs, providing guidance and expertise across the organization
- Co-sourcing Partner Management: Work with co-sourcing partners to ensure effective resourcing of audits with the right skillsets and talents, while managing functional budgets and tracking budget-to-actual spend
- End-to-End Audit Leadership: Manage the entire audit cycle (planning, execution, reporting) for IT and cybersecurity audits, ensuring thoroughness, completeness, and compliance with MDLZ IA SLAs/KPIs, IIA standards, and other relevant industry standards
- Stakeholder Communication: Effectively communicate audit results to senior management and external auditors, building strong relationships with IT leadership and their teams
- Performance Measures: Timely identification and evaluation of emerging risks, with analysis of their potential impact on the organization
- Delivery of the annual IT audit plan, supported by risk-based arguments and aligned with quality and value measures/KPIs
- Strong governance over the quality and timeliness of IT audit services, with positive feedback from auditees on expertise and ways of working
ITGC Controls Internal Team Lead
ITC Infotech
04.2021 - 03.2022
- SOX Controls Implementation: Implemented key controls for SOX systems, ensuring compliance with regulatory requirements
- Client Communication: Maintained day-to-day contact with clients, keeping them informed of audit progress and issues
- Control Self-Assessments: Conducted control self-assessments via SAP GRC, ensuring design and operating effectiveness of ITGC controls
- Audit Execution: Executed audit fieldwork autonomously, prepared audit test plans, and provided remediation guidance to management
Compliance Consultant
Zestwings Informatics Pvt. Ltd.
03.2018 - 04.2021
- Control Testing & Documentation: Reviewed control processes with control owners, executed tests, and documented results for ITGC controls in SAP applications
- TOD & TOE: Conducted Test of Design (TOD) and Test of Effectiveness (TOE) for ITGC controls related to Change Management, Logical Access, and Operations Management
SAP Security Consultant
Tech Mahindra
04.2014 - 05.2017
- User Administration & Role Development: Managed user administration and developed SAP roles for production support and implementation
- SOX Controls Testing: Tested the effectiveness of SOX controls and resolved authorization issues using SAP GRC
IT Analyst
Serco
02.2012 - 11.2013
- Application Development: Worked on Google Calendar app development, automating daily builds, and supporting iOS and Android app launches
IT Analyst
OTSI
09.2010 - 04.2011
- Requirements Analysis: Conducted requirements study and analysis for major modules in banking and ATM systems
Education
Masters - Electrical Engineering
University of Missouri
B.Tech - Electronics and Communication Engineering
JNTU Affiliated College
Skills
- Certified Information Systems Auditor (CISA)
- COBIT
- IT Audit
- Cybersecurity
- SOX Controls
- ITGC Controls
- SAP Application Security
- SAP GRC
- PCI DSS Compliance
- IT Risk Assessment & Audit Planning
- Cybersecurity Risk Management
Certification
Certified Information Systems Auditor (CISA)
Timeline
Manager, IT Audit
FOSSIL Group Inc.
03.2022 - Current
ITGC Controls Internal Team Lead
ITC Infotech
04.2021 - 03.2022
Compliance Consultant
Zestwings Informatics Pvt. Ltd.
03.2018 - 04.2021
SAP Security Consultant
Tech Mahindra
04.2014 - 05.2017
IT Analyst
Serco
02.2012 - 11.2013
IT Analyst
OTSI
09.2010 - 04.2011
B.Tech - Electronics and Communication Engineering
JNTU Affiliated College
Masters - Electrical Engineering
University of Missouri
Similar Profiles
Tara WarrenTara Warren
Merchandise Distributor at Fossil Group Inc.Merchandise Distributor at Fossil Group Inc.
Carmen Keys-LambCarmen Keys-Lamb
Sr. Manager - Marketplace Sales & Stock Strategy at Fossil Group Inc.Sr. Manager - Marketplace Sales & Stock Strategy at Fossil Group Inc.
Sukhmeen KaurSukhmeen Kaur
Retail Associate /Customer Service Representative at Fossil Group Inc.Retail Associate /Customer Service Representative at Fossil Group Inc.