Gokul Pillai

• Developed and implemented an audit plan that identified and addressed areas of risk
• Lead and managed a team of auditors, providing training and mentorship
• Collaborated with senior management to develop and implement internal audit policies and procedures

• Associate Director - 01st April 2023 - Till Date (BSR and Co LLP, KPMG Member firm, Internal Transfer)
• Associate Director – 1st Oct 2021 – 31st March 2023
• Manager – 18th March 2019 – 30th Sep 2021

His role in the current organization is majorly categorized into 2 areas: and GRC Advisory practice lead and Lead IT External Audit engagements within Risk consulting practice.

Governance Risk and Compliance (GRC) Advisory Practice

• Lead and deliver GRC projects including the design of IT systems, development, testing, and implementation of IT solutions
• Review existing ERP systems and internal processes to identify areas for improvement within the organization's IT system, perform configuration reviews, and GITC control reviews.
• Design and implement IT controls as per company policies and procedures to maximize the efficiency, effectiveness, and overall quality of information systems
• Test internal IT controls to ensure effectiveness and generate comprehensive reports on audit findings and provide recommendations on improvement of internal controls
• Review client deliverables and identify, analyze, and document discrepancies and ensure that appropriate changes are made, and quality standards are maintained
• Create GRC products (SoD Tool) and solutions and present them to potential clients and partner channel
• Onboard new GRC application, solution, and services into the advisory portfolio
• Work with markets team and develop list of potential clients and present solution deck, analyze client needs and articulate how our services can provide solutions to ongoing IT problems
• Onboard new accounts and achieve sales quotas and mine existing clients to increase revenue post-completion of all the internal risk management procedures.
• Conducting GRC application training for new team members

External IT audit

• Leading IT audit engagement from initiation to closure including scoping, risk area evaluation, budgeting, and resource allocation
• Coordinate auditing assignments and ensure audit staff are aware of clients’ business and relevant issues impacting IT operations and audits
• Identify and assess IT risks and potential for material misstatement of financial reports due to fraud; assess internal controls and ensure controls are effectively designed
• Review work papers prepared by team members to ensure quality is maintained and risk assessments are performed appropriately as per the audit approach
• Design and implement responses to material misstatements, test the appropriateness of journal entries while focusing on end of reporting period, review accounting estimates for bias, and analyze significant unusual transactions.
• Conducting IT Audit training and preparing templates/runbook for conducting GITC and ITAC testing
• Coordinating and responding to PCOAB and internal quality reviews queries.

• Perform design, development, and implementation of SAP GRC system
• Review SAP GRC system and recommend improvements to increase ROI (Return of Investment) for clients and efficient operation of IT system
• Develop quality assurance procedures and tests for development and improvement of SAP GRC system
• Review deliverables and ensure there are no discrepancies and ensure that appropriate adjustments are made
• Perform preventive maintenance tasks on SAP GRC application
• Design, deploy and document mitigation controls in SAP GRC application for risks defined in IT system

• Designed, maintained, and implemented SAP security/authorization for SAP System
• Perform design, development, and implementation of SAP GRC system
• Prepare design documents and end-user manuals for the implemented IT system
• Conduct training for newly implemented system/changes for key stakeholders of the project and end users
• Resolve support tickets and Troubleshoot issues raised by users within stipulated SLA (Service Level Agreement)
• Support client's internal audit team for reporting and control testing
• Manage day-to-day operations of SAP GRC and SAP ECC systems
• Regular status reporting to key stakeholders of the project

• Performed maintenance activities in SAP system.
• Troubleshot issues raised by users and resolved the same within the stipulated SLA (Service Level Agreement).
• Managed roles and authorized end-users in SAP system landscape.
• Managed rollout of systems post-pilot implementation.
• Documented known issues for resolution of future incidents.
• Designed and configured GRC system as per the client's functional specification documents.
• Extracted reports from the system for internal review as well as client audit support.
• Performed testing of mitigation controls as requested by the client including change management unit testing.