Supreet Panigrahy
Senior Manager- Data Risk Control Assurance
Hyderabad
Summary
Experienced senior manager specializing in governance risk management of data privacy and artificial intelligence. Proven track record of planning, implementing, and overseeing key improvements to drive business compliance and operating efficiency. Adept at cultivating an open culture that fosters a free exchange of information. Skilled in identifying and mitigating risks while ensuring adherence to industry regulations. Committed to driving organizational success through strategic decision-making and effective leadership.
Overview
13
13
years of professional experience
8
8
years of post-secondary education
5
5
Certificates
Work History
Senior Manager, Data Risk & Control Assurance
Standard Chartered Bank, GBS India
9 2022 - Current
- Established Risk management & reporting practices with RCSA, deep dive review, risk mitigation strategy & Risk based thematic Analysis.
- Performed Control testing & Monitoring to identify control operating effectiveness & advise Business/Function on control design guidelines.
- Lead 5 member team of data champions in Data risk assurance review i.e. Data Privacy (PIA/Data Transfers), Data Governance (BCBS239) & responsible AI for cloud/On-premise application which involved deep dive review of Business/Function like HR , Finance , Operations etc.
- Conducted third party risk assessment for data controls including but not limited to Pre onboarding checks , vendor due diligence & Post onboarding data audits
- Created data privacy training modules to improve awareness within organization.
Senior Solution Advisor
Deloitte USI
2021.12 - 2022.09
- Designed Privacy Rationalization framework for more than 30 regulations across globe.
- Co-authored Utah Consumer Privacy Act (UCPA) Point of View document for Deloitte Publication.
- Presented technical proposals to client to secure lucrative contracts and expand company clientele
- Assessed Data Privacy organization structure and readiness for client organization.
- Designed Risk management framework to address Third Party Risk Management & Data Privacy Operating Models.
- Part of client advisory team on Data asset Inventory, third party vendor onboarding and record of processing questionnaire.
Manager, Data Privacy & TPRM, Group Legal
HSBC Group
2019.02 - 2021.11
- Gathering information through publicly available domains or discussions with Legal counsels on changes to legislative landscape across globe
- Creation of Audit reports and discussion on various audit trails
- Identifying external events with consequential impact on organization and cascading such information to Senior Legal Counsels for necessary action.
- Identifying impact to organization due to legislative changes and flagging such information to higher management
- Capturing data points to identify key risk items raised by First Line of Defense and ensure association of such Risks to its respective Data Privacy Controls.
- Capturing effectiveness of Data Privacy controls through various data points like Inherent Risk Rating and Residual Risk Rating.
- Monitoring of Issues and Actions raised against Risks and flagging overdue of actions or Issues to senior management & First Line of Defense for regular closure.
- Discussing with Regional Leads to identify Complaints and Breaches monthly and ensure control execution and effectiveness to mitigate such risk
- Preparation of monthly enterprise risk management forum (ERMF) presentations for Group Wide Data Privacy programs
- Implementation of Business Controls across HSBC organization for Data Privacy Program.
- Integration and Consolidation of Risk controls across multiple departments involving Data Privacy, Contract and Resilience Risk.
- Lead Org-wide high-impact projects identified by management. This involved working closely with stakeholders across functions and periodic discussions with senior leadership.
Business Analyst (Data Privacy & Cyber Security)
TATA CONSULTANCY SERVICES
2012.01 - 2019.01
- Support implementation of Privacy and Regulatory control requirements to meet organizations as well as contractual requirements agreed with client.
- Work with Legal team to ensure Data Privacy & Protection related proposal/contract language is appropriate for organization and/or its suppliers to deliver services to the client.
- Ensure Privacy Impact Analysis is completed for new products & services as well as changes to existing.
- Data Incident Management support to projects ensuring appropriate root cause analysis, timely mitigation, and overall reduction in number of incidents.
- Implemented Data controls like PIA , ROPA , Data Transfer , Cookie & Consent Management , Data Subject Access Request across clients
- Managing end-end requirements elicitation, analysis, and documentation through entire SDLC Lifecycle. Requirement elicitation include (not limited to) business requirement document, Use Case documentation, Screen Flow documentation and Data Flow Diagram.
- Implemented Data Loss Prevention system & defined data loss policies across organization which improved organization compliance by 15% and sales by 3%
- Mentored new team members
Education
MBA - Human Resources Management
Xavier Institute of Management, Bhubaneswar (XIMB)
Bhubaneswar, Odisha 2015.01 - 2017.04
Bachelors in Technology - Computer Science
Biju Patnaik University of Technology
Bhubaneswar, India 2007.01 - 2011.04
High School Diploma -
Central Board of Secondary Education
Visakhapatnam, Andra Pradesh 2007.01 - 2007.03
High School Diploma -
Indian Certificate of Secondary Education
Rayagada, Odisha 2004.03 - 2005.03
Skills
Strategic Planning
Certification
DSCI Certificate for privacy professional (DCPP)
Languages
English
Hindi
Odia
Accomplishments
o Operationalized a team of analysts to build out the EU Standard Contractual Clause compliance model in the organization & reducing the number of non-compliant cases within the organization by 20%.
o Created a data risk assessment workflow & operationalized an assurance team to conduct Data risk assurance for all cloud onboarding submission which resulted in an improvement of compliance by 40%.
o Integrated multiple assessment available in CDO organization to simplify & unify responses from third party reducing total team effort required for completion by 27%.
o Engaged with Business & function for deep dive review of business operations against privacy & AI risks improving compliance stance by 20%.
o Appointed as Business Risk Manager across CDO organization.
Software
MS office
Power BI
One Trust
IBM Openpage
Archer
Timeline
Senior Solution Advisor
Deloitte USI
2021.12 - 2022.09
Manager, Data Privacy & TPRM, Group Legal
HSBC Group
2019.02 - 2021.11
MBA - Human Resources Management
Xavier Institute of Management, Bhubaneswar (XIMB)
2015.01 - 2017.04
Business Analyst (Data Privacy & Cyber Security)
TATA CONSULTANCY SERVICES
2012.01 - 2019.01
Bachelors in Technology - Computer Science
Biju Patnaik University of Technology
2007.01 - 2011.04
High School Diploma -
Central Board of Secondary Education
2007.01 - 2007.03
High School Diploma -
Indian Certificate of Secondary Education
2004.03 - 2005.03
Senior Manager, Data Risk & Control Assurance
Standard Chartered Bank, GBS India
9 2022 - Current
DSCI Certificate for privacy professional (DCPP)
One Trust - GRC Professional certification
One Trust certificate for Privacy Professional
Statistics for Business Analytics & Data Science
Certified Information Privacy Professional / Europe (CIPP/E)
Similar Profiles
Chandraswamy HeerematamChandraswamy Heerematam
Senior Manager at Standard Chartered Bank GBS India Pvt LtdSenior Manager at Standard Chartered Bank GBS India Pvt Ltd
Sridhar R SSridhar R S
Site Lead CLM Operations (SVP) - GBS India at Standard Chartered GBS India Pvt Ltd.Site Lead CLM Operations (SVP) - GBS India at Standard Chartered GBS India Pvt Ltd.
Devi MuthukrishnanDevi Muthukrishnan
Technology Delivery Head - AI & ML at Standard Chartered Bank GBSTechnology Delivery Head - AI & ML at Standard Chartered Bank GBS