1. Namrata N. Bhise CISA
B-1903, Pride Presidency Luxuria, Off Ghodbundar Road, Dhokali Naka, Kolshet Road Thane West 400607
Mobile : 9833701852
CISA Certified with expertise in Information Security Governance & Compliance
Over 15 years of experience with around 10+ years of experience in Information security leadership position. Background and
success to handle all stages of IT audits including planning, study, evaluation and testing of controls, reporting and follow up.
Proven track record of design and manage Information governance and Information security related projects like ISO 27000,
BCP, Change Management, PCI DSS certification project.
PROFESSIONAL EXPERIENCE
TATA AIA LTD - Manager Information Security Compliance (Since December 2013)
Working as an Information Security Manager (CISO-backup) of the company in providing overall assurance on information
security practices to key stakeholders including Management, Business Partners and Customers with wide range of activities
including:
ISO 27000:2013
Implement and maintain Information Security Management System based on ISO 27000:2013.
Periodic internal audit of the department that are in scope of ISO.
Risk acceptance documented and sign off from CIO.
Facilitate a centralized IT compliance management process through audit and assessment methodology.
Works collaboratively with Business units, IT teams, Audit , Privacy , Legal and risk management functions to align
Information Security control framework to business
BCP Management
Work with senior management to establish disaster recovery (DR) and business continuity plan.
Facilitate Business Impact Assessment of all the Critical Department, understand new BCP requirement and work
with IT Infrastructure team for seamless execution of BCP drill.
Information Security Awareness
Facilitated to design awareness mailers and posters.
Annual Information Security Awareness Exam conducted for employees of all the branches across PAN India.
Third Party Audit Management
Ownership of Third Party Audit by interacting with all level of management while coordinating and planning third
party security review of vendors and outsourced service providers for TATAAIA.
Provide leadership for the governance and compliance of AIA security standards to prevent the unauthorized use,
release, modification or destruction of data across multiple platforms and environment.
Audit & Compliance
Oversee regulatory compliance, establish and implement cyber security related policies.
Analyze and track key risks involves in IT projects, security incidents, IT Audits and guide investigation and
resolution of risks.
Co-ordinate with various teams to ensure timely compliance of all outstanding audit recommendations.
Developing, maintaining and overseeing IT Policies and procedures to ensure alignment with current practices and
regulatory requirement.
Conduct half yearly Logical Recertification for critical applications.
Reporting to senior management on the effectiveness of implemented Technology and Information Security matters.
Participate in evaluation, selection and implementation of security product and technologies.
ItzCash Card Ltd – Manager Information Security (December 2011 – December 2013)
Received appreciation from MD & Senior Management for the Implementation of Change Management and Information
Security Awareness program across the Organization.
Information Security:
Document & Implement the Information Security policies and Procedure as per regulatory requirements and
Industry best practices
2. Project Management for Information security governance projects like Change management and Information
Security awareness, Business Continuity Planning
Acting as SPOC for all Information Security related requirement by various stakeholders & Business partners for
ItzCash Co-Branding cards.
Project Delivery Manager, PCI-DSS:
Responsible for delivery of the PCI certification project for freedom prepaid card of Itzcash Card Ltd.
This includes co-ordination with business and vendors for network segmentation, removal, masking of card
related data.
System remediation and development of PCI related requirement repository.
PREVIOUS EXPERIENCE
HDFC BANK – Kanjurmarg as Deputy Manager IT Governance (December 2010 – December 2011)
Create and Roll-out of IT policies, procedures and checklists.
Monitor measure and improve the currently implemented process with the help of process owners and Internal
Auditors
Ensure adherence to the Banks IT Policies.
Project Monitoring & follow-up with project team as a part of IT Governance team.
ANEJA Associates Mumbai as Assistant Manager IT AUDIT (September2008 – November 2010)
Received “Best Audit Report awards 2010” for the project of FINO India.
Worked as Assistant Manager Information Security to identify IT related risk, I used to prepared audit scopes,
reported findings, and presented recommendations for improving data integrity and operations.
Conducted security reviews for various clients across Industries like:
HDFC Standard Life Insurance, Birla Sun Life Insurance., Reliance Life Insurance, Tata Power, Clearing Corporation
Of India ( CCIL), Birla Mutual Fund, Watson Pharmaceutical Ltd. Nicholas Piramal, National Stock Exchange
Mumbai (NSE), NCDEX, NSDL, UTI MF, Crisil India Ltd, FINO India,Peninsula Group Mumbai.
CMS Computer Ltd. Mumbai ( Team Leader IT Security – ABN AMRO BANK March 2006 – August 2008)
Qualitative experience in risk assessment for identifying and evaluating the application controls and tracking the
errors to ensure smooth flow of E-Banking application.
NIIT, Kalyan - Corporate trainer (2004 – 2006)
Premier Plastics Quality Control Executive (2002-2004)
Ana, Mumbai - Quality Control Assistant (1993-1995)
PROFESSIONAL QUALIFICATION
Certified Information Systems Auditor; ISACA (June - 2008)
ISO 27001(ISMS) Lead Auditor
ISO 27001:2013 Lead Implementor
EDUCATION
PGDM - IT/System (2010 - 2011)
BSC, Mumbai (1993)
Diploma in Software Engineering (NIIT) Mumbai (2005)
Diploma in PL/SQL (NIIT) Mumbai (2005)
EXTRACURRICULAR ACTIVITIES
3. Toastmaster member since November 2011– Toastmaster is international organization help individual to improve
communication and leadership skill.
Date of Birth : 29/04/1974.