Nelson Royar Email & Phone Number

Toronto, ON, CA

Bowmanville, Ontario, Canada

Appointed as the Financial Secretary for the Knights of Columbus St. Joseph's Catholic Church Council 6361 in Bowmanville. This is a voluntary service.Responsibilities include:- Manage member billing and financial management of the council - Maintain an accurate accounting of money flow through the council, Present all bills to the council for payment.

Greater Toronto Area, Canada

Alternate Company Security Officer and Compliance Leader for IBM Canada Ltd. For Protected B.Responsibilities involved managing the Govt. of Canada Portfolio, especially Protected B/ITSG-33 Compliance for their data centers and Cloud services in Canada.As an Alternate Company Security Officer (ACSO)- Official contact for security breaches within the DC’s.

Greater Toronto Area, Canada

• Compliance Leader for Protected B Canada. Responsibilities involved managing the Govt. of Canada Portfolio especially Protected B/ITSG-33 Compliance for their data centers in Canada.
• Implemented and established a compliance program on Protected B/ITSG-33 compliance (both IaaS & PaaS services) to ensure IBM data centers and Cloud services meet the requirements to handle govt. of Canada, data, and.
• Performed mapping of ITSG-33 to the IBM Cloud Controls Catalog. Further drafted process and scope documents.
• Lead for ENS High Compliance (Spain Esquema Nacional de Seguridad). Responsibilities involved mapping of controls framework and updating the controls catalog. Further performed reviews for readiness activity under.
• Supported and provided SME support in reviewing control mapping for HITRUST, PCI, and ISMAP, Cloud Catalogue mapping.

Toronto, Ontario, Canada

• ISMS SME for PwC member firms
• Co-owner for PwC Global ISMS Internal Audit Methodology
• Built Risk Assessment tool based on ISF’s IRAM2 Methodology
• Lead and Managed ISMS projects (27001, 27002&27003) both Implementation,Risk Assessment and Internal Audit
• Project and Program Management for various SOC 2 engagements haveperformed both implementation, Readiness Assessments and Internal Audit.Work involved in drafting controls as per Trust Service Principles and worked.
• Worked on cybersecurity projects related to NIST CSF Maturity assessment,uplifting posture exercise, Security Roadmap, PCI DSS scoping and assessments

Toronto, Ontario, Canada

• ISMS SME for PwC member firms
• Lead and Managed ISMS both Implementation, Risk Assessment and Internal Audit
• Project and Program Management for SOC 2 engagements
• Co-owner for PwC Global ISMS Internal Audit Methodology
• Created and performed Risk Assessment framework based on AFCE's Fraud Risk and NIST methodology and another Risk Assessments based on ISF’s IRAM2 Methodology
• Performed various process restructuring and Automation activities by drafting tableau dashboards, Alteryx solutions and micro sites using google sites

Bangalore

• Managed and Lead Toxic Access Management for one of the leading bank of Singapore. Work involved executing and onboarding key applications into sailpoint by ensuring they adhere to the segregation of duties and Access.
• Managed and Lead SOX Audit for one of the leading technology company. Work involved Managing the entire Audit along side reviewing IT Application controls, Batch jobs, Azure and IT General controls. The applications.
• Lead ISO 27001 Internal Audit and ISMS Implementation for a couple of clients. Work involved designing policies and procedures, Risk Assessment complying to meet the requirements of ISO27001
• Created Global Access Control Guidance Document for one of the leading Dutch- British transnational Consumer Goods Company (FMCG)
• Assisted in conducting Data Privacy Assessments (DPIA) and GAP analysis for an IT/ITES client in line with GDPR requirements and GDPR framework
• Performed Information security audit for a couple of business and technology outsourcing companies

Bangalore

• Manager for team that audit focal Storage, Unix and Intel delivery platforms for SSAE16/SOC-2 audits and Corporate audits
• Guide and review delivery team activities in audit preparation, data collection, testing, responses and risk mitigation
• Track and analyze audit metrics, conduct risk and compliance reviews and inspections Manage compliance defect root cause analysis, develop lessons learned and best practices to implement across all North America.
• Performed Internal review for multiple clients within IBM. The assessment involved performing audits based on the SSAE16/ ISAE3402 standards.
• Guiding delivery teams in IBM for audit preparation, data collection, testing responses and risk mitigation
• Created and established the Process and Procedure for Internal Review framework for System Compliance Services team in IBM

Bangalore

• Reviewing risk control matrices with the business process owners and handling business areas and executing of test of design (ToD) and test of control effectiveness (ToE) for internal controls over financial reporting.
• Visiting branches and performing internal audit checks, monitoring and reviewing activities of various departments in the branch and preparing and finalizing audit reports
• Scope of audit work includes the preparation of the following reports: Branch Management Audit Report (Revenue and Profitability Analysis) Branch Operations Audit Report
• Risk Control Matrices (RCM) Review Report for SOX controls.

• Responsibilities involved providing technical assistance and troubleshooting queries for McAfee antivirus customers. Later became Tier 2 (SME) for APAC region and was handling escalations. Supervisor calls and MIS.
• Responsibilities also involved supporting L&D Training and was handling teamas a Backup Team Leader

Master Of Business Administration (Mba), Business Administration, Management And Operations

Bachelor Of Commerce (B.Com.), Marketing And Human Resource Management