View Our Profile

  1. Sujay Rao Mandavilli
  2. B.com,CA inter, PGDBA
  3. History
  4. sujayrao2012@gmail.com
  5. Download Resume
Journal Information:
Title: EAPJSS
Editor Type: Editorial Board
Bio

15+ years of experience in Governance, Risk, Compliance, Business/IT Controls and Process Improvement.

ISO 27001 Certified, ITIL (V3 Foundation certified), Six Sigma Master Black Belt certified and CCNA trained.Pursuing CISA Certification (Expected completion by mid of 2015)Have done the entire Implementation of SSAE16, SOX Compliance Controls and Implementation of Compliance controls of Gramm-Leach and Bliley Act, PCI DSS & HIPAA in 2012/2013 in Dallas for NEC Corporation. The Audit was a success and all the Acts were complied with. Process improvement across the NOC was the second requirement which was successfully carried out.

Have coordinated PCI certification for NEC. This was an onsite assignment based out of Irving, Texas. Have also done preliminary assessment for CMMI certification. Also the CISCO audit, was successfully carried out. Process reviews done for various areas in the NOC as laid out in the contract. Have reviewed Service operations as per ITIL and used Six Sigma methodologies to measure variations in metrics and suggest improvements. Also the balanced scorecard was prepared.Three years of experience in Business Controls in IBM between 2005 and 2008 covering areas such as SOX 404 / 302, FIC-KCO (Controls framework), Process Reviews, Application certification, process improvement, Metrics, SOD (Separation of duties), Measurements, SAS70, Audits, investigations, ERO, RA’s, corporate governance, Monthly reporting, Learning, Mergers and AcquisitionsHave experience in Non-IT, IT, Management and manufacturing audits besides SOX, SAS70, Risk, Six Sigma, Process improvement including process mergers etc. Have a sound functional knowledge of all functional and business areas. Thorough Knowledge of SDLC processes. Have a working knowledge of networking concepts and statistics. Have done Operations/ Management audit comprising strategy, productivity and operations in 2011-12 Tata Coffee. Also have experience in review of niche areas like Quality, Sales and Marketing, Treasury, SCM, Production etc. Very good knowledge of accounting with knowledge of Accounting standards and GAAP

Experience in Corporate Governance and Balanced scorecards.

Experience in review of Applications, Application controls, IT Audits, BCP reviews, reviews of IT support functions.

Working knowledge of COBIT, COSO, OCTAVE, ISO 31000 and Basel III.

Applied Six Sigma Techniques for ITIL processes in NEC Corporation of America Network operations center. Executed a short-term Six Sigma project for Bristlecone (A Mahindra group company) for their client Asea Brown Boveri in August/September 2013. This was a prestigious IT Six Sigma project open only for Black Belts

Unique combination of Risk based audit, Compliance audits, IT audits, Internal audits, Operations/ Management audits, Governance & Consulting. Complete skillset in Process improvement, governance, risk and compliance.

Can apply a combination of various approaches to deliver maximum value to client.

Good in client management and strategizing. Good in end user management and stakeholder management. Ability to understand issues from a client perspective. Experience in working in a matrix organization

Gives practical and workable solutions that give maximum client satisfaction, the company's and the client’s bottom line as opposed to theoretical and unworkable solutions, and can understand issues from the client’s viewpoint.

Original thinker, highly creative, motivated, perseverant, and self-driven and can work with minimal supervision. Good in internet-based research.

Experience with US and Indian clients, offshore and onshore. Experience with Australia and Far East clients. Have worked with or have been associated with blue chip companies and large multinationals.

10 year multiple entry B1/2 US Visa valid till the year 2022.

A total of 7years Audit Experience between 1991 and 1998and 2011 to 2013 including 5 years’ experience in Fraser and Ross, which was then a member of Deloitte Touché Tomahatsu (an International Audit Group) and in Industry in various Finance Functions and other assignments in 2011 for Aurigene, Mindtree etc.

Other skills: 7 Years of Experience in Software between 1998 and 2005 and 2008 to 2011in Requirements Analysis, Software Design, User Training and Implementation, Testing, Quality and Process Management, Pre-sales, Post-implementation support and Project implementation with Knowledge in SDLC Methodologies, SSAD, OOAD, RUP and UML, Oracle, PL/SQL, Developer 2000, Java and J2EE Technologies. Knowledge of use case preparation. Knowledge of Waterfall and other SDLC models. Basic knowledge of SAP R/3 FI/CO and SAP GRC. Knowledge and experience in Software Maintenance, support and metrics.

Experience in solution conceptualization and driving computerization efforts. Have also conceptualized and designed an ERP/telecom OSS solution for Bhutan Telecom and have appreciation letters from the client for the same, excellent skills in understanding business processes and converting them into a product. Have done complex analysis for many software projects. Can guide computerization efforts.

Work Background

Working as Freelance Consultant from April 2011

ISO 9001/27001 Preliminary audit in April 2015

Did ISO 9001/27001 Preliminary audit in April 2015 along with IT audit for HR Governance Solutions India Pvt ltd in Bangalore.

 

Consultant for Web-based interactive Information Security Audit tool February-March 2015

Consultant for Web-based interactive Information Security Audit tool: drove the development of the above tool. Prepared ISO 22301 checklist for prospective client in Singapore. Prepared Risk assessment approach for an company in Kenya (acquisition).

Consultant IT Audit for Bell Teleservices India Pvt Ltd September 2014

 

Carried out an IT audit for Bell Teleservices Pvt Ltd in the month of September 2014.

 

Consultant in Petroleum Development Corporation of Oman LLC (Third-Party Assignment)

 

Worked on SOD and Information security

Worked on Policy document for USB accesses to employees. Participated in Microsoft Proof of Concept for Data leakage, Policy for application whitelisting. Participated in SOD approach for applications. Involved in review of various products on Data leakage.

Helped in release of Information Security awareness Tool. Prepared a Road map for future releases. Prepared a policy note on data leakage with identification of data leakage channels. 

Worked on Incident management policy. Input on Metrics deck for presentation to management. Did self-study on ISO 27001:2013.

 

Senior Consultant (Contract) in Bristlecone (A Mahindra Group Company). since August 2013 to October 2013:

 

Worked with Bristlecone on an advisory consulting assignment (A Mahindra group company) and completed a Six Sigma assessment for Bristlecone (A Mahindra group company) for their client Asea Brown Boveri in August/September 2013.

This was a prestigious and a very challenging assignment open only to Six Sigma Black Belt professionals and was a combination of Software Support and Development processes and Six Sigma. This involved identifying causes for low user satisfaction, reason for high number of repetitive calls and staff productivity analysis for Bristlecone’s engagement with Asea Brown Boveri on SAP support. Brought about standardization in the processes and used Lean methodologies like VSM (Value Stream Mapping).

 

Senior Consultant (Contract) in NITEO Technologies in Governance, Risk and Compliance role since June 2012 to June 2013:

 

Individually set up Business processes, designing controls, enhancing already existing controls and testing them. Have used Test of Design and Test of operating effectiveness and assessed cost of controls and elimination of control in NECAM in Dallas, USA for their Network operations center which provides managed services to clients in late 2012 and 2013 for SSAE16, GLBA, Data privacy and Payment card interface.

 

This involves setting up Business processes, designing controls, enhancing already existing controls and testing them. Have used Test of Design and Test of operating effectiveness and assessed cost of controls and elimination of controls.

This was done for their payroll processes, Security of systems etc. Prepared compliance checklist for GLBA and prepared the roadmap for SSAE16 type II testing. Involves risk identification and Risk control matrix. Have successfully helped NECAM pass SSAE16 Audit without any issues. Have coordinated PCI certification for NEC. This was an onsite assignment based out of Irving, Texas. Have also done preliminary assessment for CMMI certification.

Completed CISCO audit successfully.

Process reviews done for various areas in the NOC as laid out in the contract. Have reviewed Service operations as per ITIL and used Six Sigma methodologies to measure variations in metrics and suggest improvements.

Have prepared a balanced scorecard for them. Have interacted with management to identify all pain areas.(one year assignment: May 2012 – May 2013)

 

Black Belt Lean Certification from Mar’ 2012 to April’ 2012.

Did a Lean Black Belt certification  from Anexas. Did a Green Belt project on the following:

 

Six Sigma project experience in ISCKON 2012. This was a live project spanning three months following the full DMAIC cycle, and was involved in all client meetings. Involves VOC techniques, analysis of all deviations RCAs and remediation. Did another short Six Sigma project with Anexas for variations in quality. Did another case study to reduce number of iterations in a Software maintenance lifecycle, gather more maintenance metrics and reduce backlog of software maintenance requests

 

Management audit for Tata Coffee from Sept 2011 to February 2012.

 

Tata Coffee LTD. Have done Management and Operations Audit for Tata coffee for various divisions in South India: This comprises Business process study, yield and profitability and suggestion to improve the Company’s profitability (2011).

This was a six month assignment and we were referred to as Management auditors by the client. This is a major initiative to improve the Company’s profitability across Coffee, Cardamom and Pepper divisions and involves a very detailed study of the company’s processes.

Also includes internal audit. Includes a very large research component and liaison with research institutes. Have handled all the critical operations independently including leading a team. This include management audit, operation audit, manufacturing audit for their Coffee curing division, strategy, marketing and sales, R&D etc.  Have made very major contributions to the success of the audit with innovative solutions like Strategic replantation and many other initiatives to boost clients bottom line and was praised by client. Process improvement initiatives and Dimension analysis were also done

Research Contributions

 

Key Certification/training:

Six Sigma Master Black Belt certified, Anexas, Bangalore, December 2014

CCNA trained Jetking, Bangalore, November 2014

SAP GRC Training, Bangalore, September 2014

SAP Security Training, eCare Technologies, Bangalore, December 2014

Six Sigma Lean Black belt Certified (Six Sigma project in ISCKON), another short-term project in reduction of manufacturing defects and other Six Sigma experience, from Anexas, Bangalore

In April 2012

ISMS ISO 27001 Lead Auditor certification in Sept’ 2011, from Management Systems Institute, Bangalore

ITIL V3 Foundation from APMG, Bangalore in Feb’ 2012

Pursuing CISA Certification (Completion by mid of 2015)

Theory of Constraints (A process Improvement framework) in Sept ‘2002 and Nov’ 2002

Diploma in Computer Application (First Computers) from First computers, Chennai in 1997

 

Auxiliary Training/certification:

Oracle Applications Techno- Functionalfrom Comp-u-learn, Hyderabad in 2002

Java /J2EE from CompUSA, Secunderabad in 2000

Oracle 8.x, from Computech, Secunderabad in 1999

 

Languages (Speak/Read/Write): English, Hindi, Tamil, Telugu, French (Rank holder). Can understand Kannada and Basic German. Knowledge of Sanskrit.

 

Passport:Valid G9787568

U.S Visa: MultipleEntry B1/2 valid through July 2022. Have a valid international driving license valid through November 2019.

 

Testimonials:

 

Glowing appreciation letter from Strabus Software Solutions Pvt Limited

Glowing appreciation letter from Royal Government of Bhutan

Rewards and Recognition” Award from IBM global services private limited for role in internal audit

Appreciation letter and Cash award from Client in IBM global servicesprivate limited for role in internal audit

Appreciation for work done in Tata coffee management audit

SSAE16 audit in Dallas in 2012 passed without a single issue, Cisco gold audit passed in May 2013. Appreciation letters available.

Cash award from NEC, Dallas, USA, in May 2013, for Successful completion of Risk and Compliance Audits and process improvement across the NOC.

 

Memberships & Groups

 

Member, Process Excellence Network

Member, TRIZ Innovation India

The Institute of Internal Auditors (Official Global Group)

Risk Assessment Professionals of India

Internal Audit & Risk Management Consultants

Lifetime member, National Population control mission of India

 

Publications

Published more than ten research papers in refereed journals. Looking to take up more memberships and play an active role in national affairs.