Swapnil M

Officer, GRC

QA Pro Limited • Full-time

Sep 2025 - Present • 8 mos

• Conduct comprehensive reviews and assessments of IT and security environments, ensuring alignment with ISO 27001, Bangladesh Bank ICT Security Guidelines, PCI DSS requirements, and NIST security standards. • Evaluate a full range of IT General Controls (ITGC), including change management, user access management, backup processes, and recovery procedures to strengthen operational resilience and control effectiveness. • Support compliance initiatives across the organization by assessing adherence to Governance, Risk Management, and Compliance (GRC) frameworks, regulatory requirements, and national ICT policies. • Analyze network infrastructure components such as firewall configurations, network segmentation, routing policies, and incident logs to identify vulnerabilities and recommend risk mitigation actions. • Assess the robustness of Business Continuity Plans (BCP) and Disaster Recovery (DR) capabilities, conducting resilience testing and proposing enhancements for improved organizational preparedness. • Develop, review, and update organizational policies, procedures, and guidelines related to information security, IT governance, and regulatory compliance, ensuring clarity, alignment, and continuous improvement. • Prepare and deliver clear, actionable, and well-structured audit and assessment reports that support improved IT governance, reduce risk exposure, and strengthen the organization's cybersecurity posture. • Delivered end-to-end User Acceptance Testing (UAT) across mobile and web platforms, covering both B2B and B2C solutions to ensure seamless user experience. IT Audit Major Clients • Trust Bank PLC • Rajshahi Krishi Unnayan Bank (RAKUB) • The Institute of Chartered Accountants of Bangladesh (ICAB) • Rise Up Labs • Backstage BD • Nazihar IT Solutions