Vikas Dutta Email & Phone Number

London, UK, GB

• Examine and evaluate internal controls across various security technology risks areas to ensure compliance with internal policies, laws and regulations, and regulatory expectations;
• Propose and evaluate appropriate corrective measures designed to strengthen internal controls, operational and technical policies and procedures, and other findings identified during audits;
• Conducted cybersecurity NIST readiness assessments- identified gaps in alignment and maturity to the NIST CSF for all RELX business areas;
• AWS Cloud Operating Model- assessed security and operations controls to identify gaps in the AWS shared operating model and security controls enhancements;
• Function as a trusted advisor on implementation of control environment for Identity and Access Management initiative;
• Trusted advisor to identify security and operational gaps in patient data protection to mitigate business risks such as complaint handling process, documenting corrective and preventive actions, and audit.

Volunteer Board Member

San Jose, California, US

• Key projects: Network Security Review, SaaS Operations, Portfolio Investment Process, Disaster Recovery & Business Continuity Planning, Product Quality & Deployment Readiness, Customer Experience Feedback, Intellectual.
• Manage team of auditors and co-sourced staff in conducting IT and Operational audits
• Prepare audit reports documenting key findings and significant risks and present to senior C-suite management taking into account business relevance and risk
• Utilize sound judgment to identify and assess: risk, materiality, adequacy of audit evidence, compensating controls, and significance of findingsStrong organizational skills to take ownership of agreed targets to.
• Multi-task assignments and prioritize workload, deliver to deadlines with limited supervision and show resilience under pressure
• Conduct reviews of various IT processes and strategic initiatives (e.g. system development life cycle, data privacy, cyber security reviews, business continuity management, product investment review, product launch.

London, GB

• Key projects:Data Privacy, PCI Compliance, Systems Development Lifecycle, Outsourced Provider Review, Contract Compliance, Royalty Accounting, Advertising and Marketing Reviews
• Conducted program level reviews of emerging risk areas such as PCI-DSS, Data Privacy, and Social Media.
• Evaluated the adequacy and effectiveness of management controls over operational and IT application controls.
• Assisted in annual risk assessments process
• Managed and conducted IT/Operational audits, Project Assurance milestone reviews
• Reviewed staff work papers in support of work performed; discuss findings with senior management and developed audit reports for Executive Management

Menlo Park, California, US

• Assisted various Fortune 500 clients with Sarbanes-Oxley 404 documentation development and testing.
• Documented key IT processes that support the business in generating accurate financial statements
• Conducted interviews with process owners verifying accuracy of control descriptions and ensuring they are accurately documented.
• Areas of work include change management, network/application security, data backup & recovery procedures and data center operations, and IT Asset Management

New York, NY, US

• Developed quality assurance and User Acceptance Testing plans based on business requirements
• Created test use cases based on key customer requirements
• Conducted weekly status meetings and presented issues to Business and Product Development teams

• Performed black box, functionality, and stress testing of internally developed software
• Analyzed and presented enhancement requests from clients to product management
• Helped develop company-wide policy and procedure documentation
• Traveled to client sites to assist in training sessions and provide support services

Executive Mba, Business Administration, Management And Operations

Bba, Operations Management, Mis