Devanshu Singhal
Risk Management Professional Focused on Technology Risks
Langley,BC
Summary
Risk and Compliance leader with 12+ years of experience in IT risk advisory, regulatory compliance, and enterprise risk management across Deloitte and KPMG. Adept at IT audit, examining governance over large-scale digital transformation initiatives, assessing SOC2 readiness, SOC 1/2 attestations, and internal control reviews. Proven track record in developing and executing risk assessment frameworks, managing multi-disciplinary teams, and guiding remediation and transformation strategies. Certified CISA, with deep expertise in regulatory frameworks (COSO, NIST, COBIT & PCI) and strong cross-border consulting background in financial services and technology sectors.
Overview
17
17
years of professional experience
4022
4022
years of post-secondary education
Work History
Manager, Risk Services
KPMG Canada
Vancouver, BC
06.2021 - Current
- Led IT audit and compliance engagements for key clients in telecommunications and shipping sectors, overseeing all phases from planning to reporting and remediation.
- Built strong client relationships by staying responsive to evolving priorities, maintaining clear communication, and proactively managing expectations with senior stakeholders.
- Designed and implemented a control tower framework for a major social media company's cryptocurrency wallet operations—integrating multiple frameworks to address compliance, risk, and business needs.
- Successfully led PCI DSS assessment as part of the client's Security and Compliance team, ensuring all technical and procedural requirements were met on time.
- Managed and defended a PCAOB inspection on a complex audit engagement involving over 30 in-scope systems; validated IT general controls and resolved inspection challenges with regulators.
- Manage an annual portfolio exceeding 5,500 client service hours across internal audits, external financial audits, and SOC attestation engagements.
Manager, Risk Advisory
Deloitte Canada
Calgary, Alberta
01.2021 - 06.2021
- Led IT audit and SOC 2 readiness projects, including delivering executive-level presentations on the Trust Services Criteria (TSC), performing control gap assessments, and finalizing client reports.
- Managed day-to-day client engagements, including scoping, control testing reviews, and ongoing stakeholder communication.
- Oversaw project operations such as budgeting, staffing coordination, and status reporting to ensure timely and high-quality delivery.
- Supported leadership with methodology updates, proposal development, and identifying opportunities to expand service offerings.
Senior Consultant, Risk Advisory
Deloitte Canada
Calgary, Alberta
06.2019 - 12.2020
- Developed engagement plans and reviewed IT control testing results, including documenting deficiencies and presenting findings to client leadership with recommended remediation steps.
- Performed general IT controls testing across diverse platforms (Windows, Linux, Mainframes), databases (Oracle, MS SQL), and enterprise applications.
- Led the preparation of SOC 1 and SOC 2 reports in line with SSAE 18 and CSAE 3416 standards, ensuring alignment with AICPA guidance and industry best practices.
Senior Solution Advisor, IT Risk Advisory
Deloitte US-India (USI)
Delhi, India
06.2013 - 03.2019
- Identified risks and performed in-depth analysis of business processes and IT controls. Tested general IT controls for design and operating effectiveness and documented results in working papers.
- Acquired specialized skills for testing general IT controls (GITCs) & business cycle controls (BCCs) over Oracle Financials ERP. Well versed with performing segregation of duties analysis and privileged access testing for Oracle Financials ERP.
Software Engineer
Newgen Software Technologies Ltd.
Delhi, Delhi
06.2010 - 07.2011
- Developed reporting application for a private banking client based out of US. Utilized Java and Oracle database for building the application logic and backend respectively.
Systems Engineer
Infosys Technologies Ltd
Bangalore, India
06.2008 - 02.2010
- Worked as Java developer to build e-banking functionality within Finacle application (core banking solution from Infosys).
Education
MBA - Finance & Technology
Indian Institute Technology (IIT)
Roorkee, India05-2013
Bachelor of Engineering - Electronics & Communication
University Institute of Eng. & Technology (UIET)
Chandigarh, India05-2008
Skills
- Enterprise Risk Management (ERM)
- Team Management and Coaching
- Project and Engagement Leadership
- Client Relationship Management
- Regulatory and Compliance Expertise
- Enterprise Risk Management (ERM)
Timeline
Manager, Risk Services
KPMG Canada
06.2021 - Current
Manager, Risk Advisory
Deloitte Canada
01.2021 - 06.2021
Senior Consultant, Risk Advisory
Deloitte Canada
06.2019 - 12.2020
Senior Solution Advisor, IT Risk Advisory
Deloitte US-India (USI)
06.2013 - 03.2019
Software Engineer
Newgen Software Technologies Ltd.
06.2010 - 07.2011
Systems Engineer
Infosys Technologies Ltd
06.2008 - 02.2010
MBA - Finance & Technology
Indian Institute Technology (IIT)
Bachelor of Engineering - Electronics & Communication
University Institute of Eng. & Technology (UIET)
Similar Profiles
Yagmur Oncu YagciYagmur Oncu Yagci
Conference Floor Office Admin at KPMG CanadaConference Floor Office Admin at KPMG Canada
Sanya AnwarSanya Anwar
Coordinator, Executive Sourcing at KPMG CanadaCoordinator, Executive Sourcing at KPMG Canada
NIKITHA JITHUNIKITHA JITHU
Team Administrative Assistant at KPMG CanadaTeam Administrative Assistant at KPMG Canada
Hari PanHari Pan
Cyber Security Analyst at Iron Spear Information Security LtdCyber Security Analyst at Iron Spear Information Security Ltd
Sam HarteminkSam Hartemink
Operations Manager at Tandem ClinicOperations Manager at Tandem Clinic