Page 1 of 334

Contents

Sr. Contents Pag

No. e
1 Introduction 3
2 About EY
2.1 Bidder’s General Details
2.2 About Ernst & Young (EY) Global
2.3 About Ernst & Young (EY) LLP India
3 EY’s Relevance to Project
3.1 EY India Public Finance Management Practice (PFM)
4 Proposed Profile Summary
5 Detailed CV of Proposed Resources
1. Introduction
We sincerely appreciate and value the opportunity to participate in this process of
becoming your partner for the strategic PFMS platform.
We value our relationship with your organization. We understand the criticality of the
PFMS system for you and for the Nation and we are committed to your success and
will bring the full power of the EY firm to help ensure you achieve your objectives. EY in
India has successfully delivered similar programs in the Public Finance domain as well
as in many other domains such as Healthcare, Homeland Security, Education and
Skilling, Social Sector, Agriculture and Urban, amongst others. We bring the depth of
domain knowledge required for the proposed initiative and the large-scale
transformation experience to manage the interdependencies across the program.
Also, a program of this scale and complexity needs collaborative working across
multiple stakeholders and quick adaptability. Our teams have demonstrated our
collaboration and flexibility to adapt to changing project conditions across multiple
transformation and Program Management programs.
Specifically, through our past association with you, we have developed knowledge of
your organization, which we would leverage towards truly achieving the
transformation benefits you are targeting.
EY in India has over 2000 professionals, working exclusively in the Government
Sector, across 40+ Central Ministries and Departments and 25+ States and UTs, who
are deeply skilled in the relevant technologies (including AI/ML, Blockchain etc.) and
different business domains. Our ability to leverage this large pool of team provides EY
the distinct ability to scale and structure our team quickly as per the program
requirement.
We understand that staffing of the right resources would be critical for the success of
this initiative. With this objective, our guiding principles for staffing include:
1. Right strength
a. To ensure timely staffing at the kick-off stage and manage any unforeseeable
risk, we are submitting 80+ profiles against the requirement of 70.
b.We would maintain a “CGA program pool” throughout the program.
2. Right resources
a. We have proposed Professionals who bring the right knowledge, competencies
and experiences.
3. Right value
a. Professionals who demonstrate integrity, respect, teaming and inclusiveness
b. Professionals with energy, enthusiasm, and the courage to lead
We have summarized the profiles of proposed resources, in Table 4. Proposed Profile
Summary below, demonstrating their educational qualification, years of experience and
key experiences. The detailed profiles of the resources are provided in the subsequent
section.
In Summary:
 We are committed to and invested in your success.
 We have provided senior experienced team members as a part of the proposed team.
 We would have active Partner oversight, bringing experience and leadership to help
ensure successful delivery.
 We are ready for fast paced deployment of our team.
2. About EY
2.1 Bidder’s General Details
i) Company Name Ernst & Young LLP
6th Floor, Worldmark-1 IGI Airport Hospitality District,
Aerocity, New Delhi, 110037, India
ii) Year Established 1995
iii) Incorporated in Yes
India (Yes or No)
iv) CIN U74120WB2008PTC121768
v) Role Advisory Firm
vi) Contact Name Anurag Dua
vii) Position Engagement Partner
viii) Address Ernst & Young LLP
6th Floor, Worldmark-1 IGI Airport Hospitality District,
Aerocity, New Delhi, 110037, India
ix) Mobile 9811708805
x) Telephone 011 47318000
xi) Email Address anurag.dua@in.ey.com

2.2 About Ernst & Young (EY) Global

EY LLP is one of the leading professional services organisations in the World. Through our
global network of over 728 offices in 150 countries comprising more than 3,65,000 staff,
we provide focused teams who are dedicated to meeting our client’s needs through the
seamless combinations of skills relevant to each assignment.
Unique ‘One-Firm’ approach: EY is a thorough professional services organization, united
by single operating structure and a common culture of innovation and knowledge
sharing. This unique ‘One-Firm’ approach qualifies the people of EY to serve clients by
bringing together any of the more 20 competencies which transcend geographic borders
and organizational lines.
2. About EY
2.1 Bidder’s General Details
3. EY’s Relevance to Project
3.1 EY India Public Finance Management Practice (PFM)
EY has successfully executed a wide array of projects in Public Financial Management
(PFM) domain for various levels of government (central, state, local bodies, agencies,
public sector undertakings, public corporations etc.) many of which were funded by
multilateral donor agencies like the WB, ADB, DFID, etc. Our experience in PFM domain
involves supporting in reforms through improved business processes, manuals, policies &
guidelines, IT systems, capacity building (training and workshops) on a variety of areas
including planning & budgeting, revenue and expenditure management, debt and cash
management, accounting & treasury operations, procurement and audit. Some of the
key assignments with Central/State Government in the area of PFM is as follows”

S.No. Project Name Name of Client Central / State

Govt.

Financial
Intelligence Unit
Consultancy Services provided in the (FIU), Central
1.
Implementation of Project FINnet Government
Ministry of Finance,
GoI
Income Tax Central
2. Project Insight- CBDT Government
Department, GoI
Dept. of Economic
3. Aid Accounts & Audit Division (AAAD) Affairs, GoI via ADB Central
Government

Implementation of BI/DW & Fraud

Analytics for RCT, Jaipur Analytics for
RCT, Jaipur Implementation of BI/DW &
Rajasthan
Fraud State
4. Commercial Tax Government
Dept., GoR
Analytics for RCT, Jaipur Analytics for
RCT, Jaipur
Preparation of Model Panchayat
Ministry of
5. (Finance, Budget, Accounts & Audit)
Panchayati Raj, GoI Central
Rules Government
Department of
Central
6. VAT Implementation in Delhi, India Sales Tax, Gov. of
Government
Delhi
Commitment Control System and an
Finance State
7. Information System for Contract
Department, GoR Government
Monitoring
Consultancy for Strengthening Cash
Finance State
8. and Debt Management System for
Department, GoR Government
Government of Rajasthan
Enhancing effectiveness of public
Finance State
9. audit institutions in the Government of
Department, GoR Government
Rajasthan (GOR)
S.No. Project Name Name of Client Central / State
Govt.

Roadmap towards modernization and

Finance State
10. Simplification of Financial and Treasury
Department, GoR Government
Rules
Review of Accounting System in Urban UKPFM
Local Bodies (ULB) in Uttarakhand and Strengthening State
11. Development of Reform Action Plan Project, GoUK Government
including Training
Operational Review and IT systems Finance State
12.
audit of Treasuries Department, GoHP Government

Financial Transformation of Employees Central

13. ESIC
State Insurance Corporation Government
Formulation of De-Novo Financial and Finance
State
14. Accounting Rules and replace them Department
Government
with existing GF&R and PWF&AR, GOR Rajasthan
Independent Verification Agency to
verify the Disbursement linked Directorate of
State
15. indicators of world bank funded Energy, Govt. of
Government
“Himachal Pradesh Power Sector Himachal Pradesh
Development Program”
Social and Performance Audit Rules Finance
State
16. and Manual, Government of Rajasthan Department
Government
Jaipur, Rajasthan Rajasthan
Provided consultancy services for
Government of State
17. preparation of Performance Audit
Rajasthan Government
Manual
State
Directorate of
Setting up of PMU for evaluation of fee Government
18. Education, Delhi
hike proposal
Govt.

Design, Development and Preparation Goods and Service Central

19.
of RFP Tax Network (GSTN) Government
4. Proposed Profile Summary
SN Type Code Name of Years of Basic Work Experience
Resource Experienc Qualification
e
1. SME GFMIS Naman 1 2 Years • Bachelor of Experienced Information Security Professional with over 12
Technology
01 Chaturvedi in years in the field.
(Information Holds certifications as a Certified Information Systems
technology)
Auditor (CISA), ISO 27001:2022 LA, and Microsoft Azure
Fundamentals AZ 900.
• Led critical projects for multinational corporations,
government entities, and financial institutions.
• Proficient in compliance management, risk assessment,
and audit frameworks.
• Took charge of ISMS compliance initiatives for
multinational corporations.
• Managed internal audit processes for brokers and the
National Stock Exchange.
• Conducted application penetration testing for Central
Government PSUs.
• Provided support for the migration and implementation
of ISO 27001 standards.
• Played a pivotal role in achieving PCI-DSS compliance
for a scheduled bank.
• Managed internal audit functions for multiple metro
projects.
• Accomplished Information Security Professional with
extensive experience.
• Specializes in managing and securing IT networks, risk
assessment, and compliance audits.
• Led numerous projects for Aurion Pro Solutions Limited,
focusing on risk assessment, internal audits, and
compliance audits.
• Successfully directed projects on PCI DSS and ISO
27001 compliance during freelancing engagements.
• Oversaw multiple projects at iSec Services Pvt Ltd.,
including risk assessment, internal audits, and
compliance audits.
• Expertise in security control design, vendor
management, and regulatory compliance.
• Member of the ISACA professional association.
2. SME Pawan 11.5 Years • Chartered Having 8 years of experience in auditing, financial
Accountancy management, financial reporting, and taxation.
Mehndiratta • Bachelors in
Commerce Hold certifications of Diploma in Information System Audits
• Diploma in (DISA) (2018) and Diploma in International Financial
Information Reporting Standards (IFRS) (2017) from the Association of
System Audits Chartered Certified Accountants (ACCA) - UK.
(DISA)
• Ernst and Young LLP: Senior Consultant role, leading
• Diploma in
projects in enterprise risk management, risk-based
International
internal audit, business process reviews, internal
Financial
control reviews, and SOP development.
Reporting
Standards Mahindra Comviva Technologies Ltd: Deputy Manager
•
(IFRS) Internal Audit and Reporting, leading risk
transformation projects including the development of
enterprise risk management policies, internal control
frameworks, and process reviews of key areas such as
procurement, revenue, and financial reporting.

• TechTree IT Systems (P) Ltd: Senior Executive role

encompassing internal audit, management information
system, financial reporting, and practical understanding
across multiple processes like P2P, R2R, etc.

• Membership in Professional Associations and

Publications: Institute of Chartered Accountants of India
4. Proposed Profile Summary
SN Type Code Name of Years of Basic Work Experience
Resource Experienc Qualification
e
• Led the project independently and ensured the quality
of deliverables in the development of Internal Financial
Control Framework for a Leading IT Company.
• Defined risk assessment criteria with management and
identified key business processes.
• Conducted detailed process walkthroughs with process
owners to understand operations.
• Conducted process walkthroughs to develop process
flowcharts and identify gaps for development of Risk
Management Policy and Framework for a Leading IT
Company.
• Assessed existing internal controls and developed risk
mitigation plans.
• Developed a comprehensive risk register and
monitoring framework for reporting on risk status.
• Identified and prioritized risks across all divisions to
determine audit frequency for Risk Assessment
Services and Developed Internal Audit for a Leading IT
Company.
• Developed a detailed risk-based internal audit plan
covering critical areas.
• Conducted internal audits covering procurement,
accounts receivable, and revenue, ensuring
compliance.
• Led process walkthroughs and developed sampling
methodologies for a Leading IT Company.
• Reviewed existing process documents, conducted
analytics, and identified areas for improvement.
• Drafted comprehensive reports highlighting findings
and suggesting mitigation plans to enhance internal
controls.
• Led the team and reviewed internal control frameworks
and policies for assessment of Internal Controls at
Country Office for United Nations Global Agency.
• Conducted as-is assessments, spot checks, and
analytical procedures.
• Provided recommendations to strengthen internal
controls.
• Defined organizational risk appetite and conducted
process walkthroughs for Internal Controls Review for a
Leading Transport Company in UAE.
• Identified design level gaps and reviewed policies for
enhancements.
• Provided recommendations to strengthen control
mechanisms.
• Conducted process reviews, walkthroughs, and spot
checks for Process Reviews and Risk-Based Internal
Audit for Techtree IT Systems, Nukebox Studios.
• Performed analytical procedures to identify potential
gaps.
• Prepared comprehensive audit reports and discussed
findings with stakeholders.
• Developed a detailed procurement procedural manual
adhering to World Bank regulations for Procurement
Process Development for World Bank Funded Project in
Africa.
4. Proposed Profile Summary
SN Type Code Name of Years of Basic Work Experience
Resource Experienc Qualification
e
• Ernst and Young LLP: Senior Consultant role, leading
projects in enterprise risk management, risk-based
internal audit, business process reviews, internal control
reviews, and SOP development.
• Mahindra Comviva Technologies Ltd: Deputy Manager
Internal Audit and Reporting, leading risk transformation
projects including the development of enterprise risk
management policies, internal control frameworks, and
process reviews of key areas such as procurement,
revenue, and financial reporting.
• TechTree IT Systems (P) Ltd: Senior Executive role
encompassing internal audit, management information
system, financial reporting, and practical understanding
across multiple processes like P2P, R2R, etc.
• Membership in Professional Associations and
Publications: Institute of Chartered Accountants of India
(ICAI).
• Conducted audits to ensure regulatory compliance and
performed thorough risk assessments for a leading
bank.
• Developed comprehensive third-party risk management
policies and provided valuable incident management
support as needed.
• Conducted detailed audits to assess third-party risks
and performed gap assessments to identify areas of
improvement as Third Party Risk Management for SWAN
IWDMS project.
• Modified the Statement of Applicability (SOA) to align
with risk management goals and executed third-party
risk assessments tailored for BFSI clients.
• Developed and refined policies to align with ISO
standards and conducted internal audits to ensure
adherence to ISMS protocols in ISMS Implementation for
Government Data Center and PSU.
• Provided essential support for certification processes
and regularly reviewed and enhanced ISMS to adapt to
changing security landscapes.
• Conducted rigorous security assessments across UIDAI
partners and designed comprehensive onboarding
programs to facilitate seamless integration for Annual
Assessment/Onboarding Assessment for UIDAI
Ecosystem Partners.
• Conducted audits to ensure regulatory compliance and
performed thorough risk assessments for a leading
bank.
• Developed comprehensive third-party risk management
policies and provided valuable incident management
support as needed.
• Conducted detailed audits to assess third-party risks
and performed gap assessments to identify areas of
improvement as Third Party Risk Management for SWAN
IWDMS project.
• Modified the Statement of Applicability (SOA) to align
with risk management goals and executed third-party
risk assessments tailored for BFSI clients.
• Developed and refined policies to align with ISO
4. Proposed Profile Summary

SN Type Code Name of Years of Basic Work Experience

Resource Experienc Qualification
e
4. Working Sahil Narula 7 Years • Chartered Having 8 years experience in diverse areas such as
Accounta
Team nt business process reviews, internal control reviews, and
Member • Bachelors setting up of Project Management Units (PMUs)
in
Commerc • Directed projects focusing on financial analysis, financial
e(Hons) transformation, and credit risk monitoring.
• Demonstrated expertise in internal audit, expenditure
audit, budget preparation, and variance analysis.
• Led initiatives for the implementation of accrual
accounting and conducted fixed asset audits.
• Played a key role in identifying business processes and
conducting detailed walkthroughs in Financial
Transformation of Employees State Insurance
Corporation (ESIC)
• Highlighted gaps within processes to streamline
operations and enhance efficiency.
• Evaluated transactional controls, documented
processes, and monitored policy changes to ensure
compliance.
• Consultancy Services for Preparation of Performance
Audit Manual for the Government of Rajasthan.
• Provided expertise in reviewing existing manuals and
suggesting improvements.
• Designed and developed audit frameworks,
incorporating key performance indicators.
• Facilitated discussions and collaborated with state
officials to refine the manual.
• Quality Assurance Review of Field Units of World Health
Organization (WHO).
• Developed sampling methodologies to ensure
comprehensive coverage.
• Provided guidance to the team and ensured the quality
of deliverables.
• Conducted thorough reviews of WHO's policies related
to procurement, accounts payable, and travel expenses,
offering recommendations for internal control
enhancements.
• Prepared reports on observations, suggestions, and
financial performance of schools for setting up of PMU
for Evaluation of Fee Hike Proposal.
• Evaluated budget estimates and developed an audit
checklist for consistency.
• Analyzed the impact on accounting and interacted with
external auditors.
• Did the Design, Development, and Preparation of RFP
for Goods and Service Tax Network (GSTN).
• Conducted As-Is assessment and prepared a To-Be
report.
• Drafted the Request for Proposal (RFP) for the GST
System.
• Facilitated client meetings and conducted regular status
reviews.
5. Working CA Shashank 12 Years • Chartered Having 8 years of experience in various areas such as
Accounta
Team Agarwal nt financial management, auditing, and consultancy.
Member • Company • Developed monitoring frameworks for government
Secretary
schemes and drafted Social and Performance Audit
• LLB
4. Proposed Profile Summary
SN Type Code Name of Years of Basic Work Experience
Resource Experienc Qualification
e
• Organized capacity building and training programs to
enhance the skills of personnel involved in financial
management and auditing.
• Drafted General Financial and Accounting Rules to
streamline financial processes and ensure compliance
with regulations.
• Performed internal audits to evaluate the effectiveness
of internal controls and compliance with established
procedures.
• Conducted compliance audits to ensure adherence to
regulatory requirements and policies.
• Conducted physical verification of assets to ensure
accuracy and completeness of asset records.
• Finalized financial statements, including balance sheets
and profit and loss accounts, for government agencies
and corporations.
• Served as a Program Management Consultant for the
implementation of Integrated Financial Management
Information Systems (IFMIS) in various government
departments.
• Managed projects such as hiring Independent
Verification Agencies for monitoring and evaluation
purposes.
• Formulated De-Novo Financial and Accounting Rules to
update and improve existing financial regulations.
• Conducted internal audits for projects funded by
international organizations to ensure compliance with
funding guidelines.
• Managed financial statements and provided financial
management support for government agencies and
corporations.
• Led assignments for municipal corporations and state
government departments to improve financial
management practices and internal controls.
• Provided financial management consultancy services
for private companies, including budgeting, forecasting,
and profitability analysis.
• Conducted ledger scrutiny and reconciliation to ensure
accuracy and integrity of financial records.
• Provided training and capacity building support to
finance teams and other stakeholders to enhance their
skills and knowledge in financial management and
accounting.
• Reviewed and updated financial policies, procedures,
and systems to align with regulatory requirements and
best practices.
• Developed standard operating procedures (SOPs) and
training manuals to guide finance teams in performing
their duties effectively.
• Implemented financial management systems and
software to automate financial processes and improve
efficiency.
• Provided ongoing support and guidance to finance
teams to address issues and challenges in financial
management and accounting.
• Conducted regular monitoring and evaluation of
4. Proposed Profile Summary
SN Type Code Name of Years of Basic Work Experience
Resource Experienc Qualification
e
• Collaborated with internal and external stakeholders to
address financial issues and implement solutions to
improve financial management practices.

6. Consul Rahul Kumar 7 Years • Chartered Having 7 years experience in various consulting and
Accountancy auditing roles.
tant Bachelors in
•
(Mana Commerce • Led projects in Risk-Based Internal Audit, Business
Process Reviews, Internal Control Reviews, and SOP
gemen
development.
t/Funct
ional • Led projects in Tax Consulting and Accounting, internal
reviews, and supported business development.
Profile)
/Consu • Business Process Transformation at RUA: Conducted
ltant thorough review of finance department processes.

(Techni • Identified risks and control gaps, leading to enhanced

cal process efficiency.
Profile) • Developed finance department policies and procedures
aligned with existing workflows, risk mitigation, and
system integration.

• Finalized finance policies in accordance with PIF

(Process Integration Framework) requirements

• Risk-based Internal Audit at HT Media: Analyzed

existing revenue processes to pinpoint bottlenecks and
risk areas.

• Executed audits, documented findings, and prepared

comprehensive audit reports.

• Conducted discussions with top management to ensure

alignment and address observations effectively.

• Internal Financial Review (IFC) at Care Health Insurance

Limited: Conducted testing of internal financial controls
across various departments.

• Identified risks and non-compliances, aligning

observations with COSO and SOX frameworks.

• Prepared detailed IFC reports and obtained alignment

with top management.

• Internal Audit at Housing and Urban Development

Corporation (NBFC):Engaged in discussions with
process owners to comprehend existing processes
across revenue, expenses, provisions, compliance, and
fixed assets.

• Identified risk indicators and areas of non-compliance

through meticulous review of client documents.

• Conducted detailed audits, documented observations,

and collaborated with process owners to address
identified issues.

• Prepared comprehensive internal audit reports and

facilitated alignment with top management.

• Process Reviews at Indus Tower Limited:Led process

walkthroughs, engaging process owners to understand
methodologies.

• Developed sampling methodologies, identified design-

level gaps, and conducted analytical reviews, resulting
in detailed reports and mitigation plans.
 5. Detailed CV of Proposed
Resources

Position Title Subject Matter Expert-Technology Risk

Name of Expert: Naman Chaturvedi
Date of Birth: 17 Mar 1990
Country of India
Citizenship/Residence

Educational Qualifications:

Title of qualification awarded B.Tech, Information technology, 2012

Principal subjects/occupational skills Information Technology Management,
covered Network Security
Name and type of organisation providing VIET, Jodhpur
education and training

Certification Details:

 Certified Information Systems Auditor (CISA)

 ISO 27001:2022 LA
 Microsoft Azure Fundamentals AZ 900

Employment record relevant to the assignment:

Period Employing Countr Summary of activities performed

organization and your y relevant to the Assignment
title/position. Contact
info for references
July 23- Aurion Pro Solutions India He has led multiple projects related to :
Present Limited  Risk Assessment
Position- Senior Security  Risk Treatment
and Auditor Expert  Internal Audit Framework
(CISA)  Review and preparation ISMS Policy
nmnchaturvedi@yahoo.c and documentation
om  Compliance audits including ISO 27001
and PCI DSS
 Support client on security control
design.
 Vendor management

Risk Management for NTPC Page 14

Page 14
 5. Detailed CV of Proposed
Resources

Nov 22- Freelancing India He has led multiple projects related to :

July 23 Position- Senior ► PCI DSS & ISO27001 compliance
Consultant information ► Financial Brokers Cyber and System audit
security Consultant as per SEBI
nmnchaturvedi@yahoo.c ► AUA/KUA compliance
om

July 12- iSec Services Pvt Ltd. India He has led multiple projects related to :
OCt 22 Position- Senior  Risk Assessment
Information Security  Risk Treatment
Analyst (IT Security)  Internal Audit Framework
nmnchaturvedi@yahoo.c  Review and preparation ISMS Policy
om and documentation
 Compliance audits including ISO 27001
and PCI DSS
 Network performance assessments and
vulnerability assessments
 Application penetration testing

Membership in Professional Associations and Publications: ISACA

Language Skills: Hindi/English

Reference to Prior Work/Assignments

Name of assignment or project: ISMS Compliance for an MNC

Client: IT MNC (Syntel/ATOS)
Positions held:
Activities performed:
► Prepared and reviewed policies and procedures documents in accordance with ISO
standards and conducted an internal audit
► Prepared and reviewed Statement of Applicability
► Prepared and reviewed ISMS policy statement and documentation
► Prepared and reviewed Risk assessment and mitigation documents
► Conducted Risk assessment and suggested risk treatment plan
► Prepared and reviewed Internal audit framework

Risk Management for NTPC Page 15

Page 15
 5. Detailed CV of Proposed
Resources

Name of assignment or project: Internal Audit for different compliances at Brokers and
NSE
Client: Multiple Brokers and NSE
Positions held:
Activities performed:
► Prepare an audit plan and schedule
► Evaluate the process of identifying, analysing, and evaluating information security risks
► Check the ISMS policy, objectives, risk assessment, and treatment methodology
► Review the internal ISMS audits and management review records

Name of assignment or project: ISMS/VAPT for Government Entities

Client: Central Govt PSU NTPC, Indian Army
Positions held:
Activities performed:
► Performing application penetration testing of Application using HP Web Inspect tool
based on OWASP top ten.
► Conducted network performance assessments and vulnerability assessments for various
customers including banks
► Prepared and reviewed policies and procedures documents in accordance with ISO
standards and conducted an internal audit
► Prepared and reviewed ISMS policy statement and documentation
► Prepared and reviewed Risk assessment and mitigation documents
► Conducted Risk assessment and suggested risk treatment plan
► Prepared and reviewed Internal audit framework

Name of assignment or project: ISMS Implementation

Client: MNC providing Technology Service
Positions held:
Activities performed:
► Supported in migration from existing ISO 27001:2013 version to ISO 27001:2017 version.
► Supported in implementation of new controls
► Gap assessment support for standards.
Name of assignment or project: PCI-DSS compliance for Scheduled Bank
Client: Scheduled Bank
Positions held:
Activities performed:
► Internal audit to meet PCI-DSS Compliance
► Review of Security Policy
► Implementation and Review of Risk Assessment Process
Name of assignment or project: Internal Audit for Transit Projects
Client: Multiple Metro Projects
Positions held:
Activities performed:
► Prepare an audit plan and schedule
► Identifying, analysing, and evaluating information security risks
► Review of ISMS policy, objectives, risk assessment, and treatment methodology
► Review the internal ISMS audits and management review records

Risk Management for NTPC Page 16

Page 16
 5. Detailed CV of Proposed
Resources

Position Title Working Team Member

Name of Expert: Pawan Mehndiratta
Date of Birth: 13/04/1990
Country of India
Citizenship/Residence

Educational Qualifications:

Title of qualification awarded Chartered Accountancy - 2013

Principal subjects/occupational skills Auditing, Financial management, Financial
covered reporting and Taxation
Name and type of organisation providing Institute of Chartered Accountants of India
education and training
Title of qualification awarded B. Com – 2011
Principal subjects/occupational skills Commerce
covered
Name and type of organisation providing Delhi University
education and training
Title of qualification awarded Diploma in Information System Audits (DISA) –
2018
Principal subjects/occupational skills Validating IT general controls
covered
Name and type of organisation providing Institute of Chartered Accountants of India
education and training
Title of qualification awarded Diploma in International Financial Reporting
Standards (IFRS) - 2017
Principal subjects/occupational skills Financial reporting
covered
Employment record
Name and type relevant to the
of organisation assignment:
providing Association of Chartered Certified
education and training Accountants (ACCA) - UK
Period Employing Countr Summary of activities performed
organization and your y relevant to the Assignment
title/position. Contact
info for references
May‘19- Ernst and Young LLP India He has led multiple projects related to :
Present Position- Senior
Consultant  Enterprise Risk Management
Pawan.Mehndiratta@in.e  Risk Based Internal Audit
y.com  Business process reviews
 Internal Control reviews
References :  SOP development
Shiv Narain– Partner, EY
shiv.narain@in.ey.com
Risk Management for NTPC Page 17
Page 17
 5. Detailed CV of Proposed
Resources

March’16- Mahindra Comviva India  He has led the projects for Risk
May’19 Technologies Ltd transformation covering development
Position- Deputy Manager of Enterprise risk management policy,
Internal Audit and development of Internal Control
reporting framework, Measures for ITGC.
 He has led the Process reviews of key
References : areas i.e. procurement, revenue,
Manas R. Bal – Financial financial reporting, etc. to highlight
Controller any control gap
manas.bal@comviva.com
December’12- TechTree IT systems (P) India He has led the following functions at
February’16 Ltd: Position- Senior TechTree IT systems :
Executive  Internal Audit
 Management Information System and
References : Financial reporting
Davison Mathew– Senior  Apart from this during his tenure he
Manager worked across multiple processes to
Davison.mathewkutty@te and gained practical understanding
chtreeit.com e.g. P2P, R2R etc.

Membership in Professional Associations and Publications: Institute of Chartered

Accountants of India (ICAI)
Language Skills: Hindi/English

Reference to Prior Work/Assignments

Name of assignment or project: Development of Internal financial control framework

Client: Leading IT company
Positions held: Project lead
Activities performed:
► Led the project team independently and was responsible for the quality of the
deliverables
► Discuss and define the risk assessment criteria with management
► Identified the key business processes and led the detailed walkthrough of the same with
process owners
► Performed Risk Assessment and build Risk Control Matrixes (RCMs)
► Responsible for conducting management testing for Internal Controls independently.
► Making presentations to CFO, Senior Vice presidents and Other Senior people for
observations and recommendations flagged in review.

Risk Management for NTPC Page 18

Page 18
 5. Detailed CV of Proposed
Resources

Name of assignment or project: Development of risk management policy and

framework:
Client: Leading IT Company
Positions held: Team Member
Activities performed:
 Conducted detailed walkthrough of all the processes involved in the business to develop
process flowcharts.
 Identification of gaps within each of the process to highlight the key risks involved.
 Assessed appropriateness of the existing internal controls as specified in the current
processes followed at client for the key processes.
 Development of risk mitigation plans.
 Assessment of controls and compliance to the risk mitigation plans by the respective
process owners.
 Developed a comprehensive risk register that included the company’s key business
risks compared to industry benchmarks and mapped to it’s specific processes.
► Developed a monitoring and reporting framework for reporting on status of risks and
implementation of mitigation plans.
► Prepared templates for management dashboard and other reporting formats

Name of assignment or project: Provided risk assessment services and developed

internal audit
Client: Leading IT company
Positions held: Team Member
Activities performed:
► Identified risks and developed risk assessment criteria for all divisions covering audit
universe.
► Confirmed risks and evaluation criteria and conducted interviews with multiple
stakeholders in various divisions to confirm the baseline risks and gather insights on
additional risks.
► Prioritized and rate the identified risks and determine audit frequency of the
respective functional areas/ processes.
► Developed detailed risk based internal audit plan covering all critical areas with
associated top risks identified.
► Internal audit areas included procurement and payments, accounts receivable and billing,
security deposit etc.
Name of assignment or project: Process reviews for key business areas
Client: Leading IT Company
Positions held: Team lead
Activities performed:
► Led the process walkthroughs with the process owners.
► Developed the sampling methodology for the teams enabling appropriate selection of the
samples to represent all class of transactions.
► Reviewed the existing process walkthrough notes and flow charts to identify any design
level gaps.
► Led the analytics to be performed across multiple processes e.g. vendor aging analysis,
inventory aging analysis, three-way matching, debtors aging revenue classification etc.
► Led discussions with process owners for concluding on key finding and development of
mitigation plans.
► Drafted the report.

Risk Management for NTPC Page 19

Page 19
 5. Detailed CV of Proposed
Resources

Name of assignment or project: Internal Control review

Client: Leading Financial Services Company
Positions held: Team Member
Activities performed:
► Reviewed the financial statements and multiple reports to identify the key focus areas/
processes to be covered.
► Led the process walkthroughs with multiple function owners for different areas under
review e.g. procurement, accounts payable, Human resources, treasury, financial
reporting, accounts receivable, program management, Revenue and invoicing
► Identified the design level gaps in the process and procedures followed and assisted to
identify the appropriate level of controls in case control is weak/doesn’t exist.
► Reviewed the policies and provided recommendations to update the policies in sync with
the updated processes.
► Led the team for development of Risk control Matrix for key process cycles which included
regular discussions with the process owners to agree on the control owners, frequency,
risk classification.
Name of assignment or project: Assessment of Internal Controls at Country Office
Client: United Nations Global Agency
Position: Team Lead
Activities performed:
 Provided guidance to the team and was also responsible for overall quality of the
deliverables for this project.
 Conducted review of UN's Global agency’s Internal Control Framework and other
policies related to procurement, accounts payable, travel & expenses and access &
change management for the Country Office.
 Conducted an as-is assessment of the processes and map it against the UN's Global
agency defined policy and guidelines.
 Performed walkthroughs/spot checks for multiple areas such as procurement, accounts
payable, project monitoring and reporting, fixed assets, petty cash etc.
 Conducted documentary review of sample transactions for procurement and accounts
payable including advances to implementing partners.
 Conducted analytical procedures over the data received to identify key trends and cross
mapping of multiple data files and establish linkages.
 Identified policy level changes and also recommendations to strengthen the internal
controls at the country office.

Risk Management for NTPC Page 20

Page 20
 5. Detailed CV of Proposed
Resources

Name of assignment or project: Internal Controls review

Client: Leading Transport Company in UAE
Positions held: Team Member
Activities performed:
► Defined the risk appetite at organizational level through discussions with higher
management.
► Led the process walkthroughs with multiple function owners for different areas under
review e.g. procurement, accounts payable, Human resources, treasurer, financial
reporting, accounts receivable, program management, Revenue and invoicing.
► Developed the process walkthrough notes and flow charts to elaborate the process in
systematic manner.
► Identified the design level gaps in the process and procedures followed and assisted to
identify the appropriate level of controls in case control is weak/doesn’t exist.
► Reviewed the policies and provided recommendations to update the policies in sync with
the updated processes.

Name of assignment or project: Process reviews and Risk based internal audit
Client: Techtree IT Systems, Nukebox Studios
Positions held: Team Member
Activities performed:
► Reviewed processes procurement, logistics, production, sales, inventory, quality, accounts
and finance, order to cash and human resources.
► Conducted process walkthroughs and spot checks for the processes with the relevant
process owners.
► Performed analytical procedures to identify trends and exceptions in the data provided for
review..
► Identified potential gaps and findings in the process in line with the SOPs as defined by
the management.
► Discussed the preliminary issues identified with the process owners.
► Preparation of draft audit report and its finalization.

Name of assignment or project: Procurement Process development for World Bank

funded project in Africa
Client: World Bank
Positions held: Team Member
Activities performed:
► Developed detailed procurement procedural manual for an world bank funded project in
West Africa
► Procedures were developed in line with the new Procurement Regulation Framework
published in April 2018 and updated in November 2020 through “Procurement under
World Bank Investment Project Financing”
► The manual covered all the operational aspects involved in the procurement including
Procurement mechanisms, roles and responsibilities of actors who will be involved in the
project procurement chain, Various thresholds and procurement methods, Types of
procurement or consultant selection methods etc.

Risk Management for NTPC Page 21

Page 21
 5. Detailed CV of Proposed
Resources

Position Title Working Team Member

Name of Expert: CA Shashank Agarwal
Date of Birth: 20/01/1990
Country of Indian
Citizenship/Residence

Educational Qualifications:

Degree Dates Attended Name of College/Institution

Chartered 2011 The Institute of Chartered Accountants of India
Accountant
Company 2015 The Institute of Company Secretary of India
Secretary
LLB 2021 Rajasthan University
M.Com 2015 University of Rajasthan
B.Com 2013 University of Rajasthan

Employment record relevant to the assignment:

Period Employing Countr Summary of activities performed relevant to

organization and y the Assignment
your
title/position.
From Ernst and Young India ► Development of Monitoring framework
July LLP and monitoring of Government schemes
2022 Position: Sr. ► Drafting and finalizations of Social and
to till Consultant Performance Audit Rules and Manual,
date Government of Rajasthan
► Studying the current framework governing
Social and Performance Audit in the State,
other states, Centre, and other countries
and developing the foundational framework.
► Capacity building and conducting Training
Programs
► Drafting General Financial and Accounting
Rules
► Internal Audit/Compliance Audit
► Business Process Reengineering
► Review of fixed assets register, financial
Risk Management for NTPC
statements, budgets prepared, risk analysis.
Page 22
Page 22
 5. Detailed CV of Proposed
Resources

From Jan. MKSKA & CO. India ▶ Finalization of Financial Statements including
2019 to Balance sheets and Profit and loss account of
June Delhi Jal Board, Govt of Delhi
2022 ▶ Member of Program Management
Consultant (PMC) for implementation of
Integrated Financial Management
Information System (IFMIS) in Government
of Chhattisgarh.
▶ Study of existing financial activities and various
software like e-works, e-kosh, D base system
of the state and prepare various reports.
▶ Re-aligned the above-mentioned software with
General financial rules and regulations and
find out the GAP in current system related to
financial rules.
▶ Prepare a training plan for capacity building of
human resources both in the Finance
Department and other line departments on
various aspects of PFM and Public Procurement.
▶ Prepare the tracking system for progress of
various Disbursement Link Indictors (DLIs) of the
project.
From Feb Organization: India ▶ Develop Pricing strategy, Budgeting,
2018 to Havells India Limited Forecasting business plan in line with
Jan 2019 Marketing/Sales & Finance team.
▶ Preparing Analytical Report and facilitating to
Position: Manager
Sales Team to keep debtors within the credit
period & credit limit as provided and
Maintaining Debtors Ageing and collection and
Scheme Reconciliation for Channel Business
Unit
▶ Budgeting & forecasting business plan &
Determination of Variance
▶ Ledger scrutiny & Month wise check & rectify
the Trial balance and after the closing year
check & correct in the financial year opening
balance of the ledgers.
From Jan Organization: - CA India ▶ Assistance in implementation and training to
2015 to Shashank Agarwal team members for newly rollout
Jan 2018 Position: Self Comprehensive Financial Management
System (CFMS)
Employed
▶ Re-aligning accounting process as per
applicable rule of BFR (Bihar Financial Rules.
▶ Study of existing financial system policies,
procedures, operation need assessment
(identification of users, their roles, financial
reporting structure) staffing and capacity
(technical and administrative) at different level
to suggest required process re-engineering for
successful accounting system (Software) roll-
Risk Management for NTPC
out.
Page 23
Page 23
 5. Detailed CV of Proposed
Resources

From Organization: - Su- ► Develop Pricing strategy, Budgeting,

Aug Kam Power Forecasting business plan in line with
2012 to Systems Ltd Marketing/ Sales & Finance team.
► Exposure to formulating cost-effective
Jan Position: Dy
solutions for enhancing the gross margin of
2015 Manager Products.
► Analysing & Reconciliation the various
schemes given to trade partners
► Preparing Analytical Report and facilitating
to Sales Team to keep debtors within the
credit period & credit limit as provided
and Maintaining Debtors Ageing and
collection and Scheme Reconciliation for
CBU
► Preparing Profitability Statements/MIS of
Company, Solar Projects and Branches on
monthly basis & Present to Senior
Management.
► Preparing and Review Budget of All
Branches with Actuals on monthly basis
► Budgeting & forecasting business plan &
Determination of Variance, Ensuring &
Handling Billing, Collection, AP and AR of
Solar Projects.
Membership in Professional Associations and Publications:
► Preparing and Analysis of Cost sheet of
► ICAI Membership newly applied Solar Projects.
► ICAI, Public Finance & Government Accounting (PF&GA), 2020
► ICAI, Concurrent Audit of Banks (CCA), 2020
► ICAI, Forensic Accounting and Fraud Detection (FAFD), 2020

Language Skills: Hindi/English/Marwadi

Reference to Prior Work/Assignments

Name of assignment or project: Hiring an Independent Verification Agency to verify

the Disbursement linked indicators of world bank funded “Himachal Pradesh Power Sector
Development Program”
Client: Directorate of Energy, Govt. of Himachal Pradesh
Position Held: Procurement and Fiduciary Expert
Activities performed:
► Preparation of inception report for the project.
► Verification of DLI -4 Increase in solar power generation capacity and recommendation
provided to DoE for world bank disbursements.
► Verify the targets achieved based on the passed and verified invoices, delivery challan
(DC) and Lorry Procedure Receipts (LR) for supply, and Bank statement evidencing
payments made.
► Performed physical verification through field visits.
► Preparation of DLI verification reports and submission to the stakeholders.

Risk Management for NTPC Page 24

Page 24
 5. Detailed CV of Proposed
Resources

Name of assignment or project: Formulation of De-Novo Financial and Accounting Rules and
replace them with existing GF&R and PWF&AR, GOR

Client: Finance Department Rajasthan

Position held: PFM Analyst
Activities Performed:
► Work as PFM Analyst in re-writing of General financial and accounting rules (GF&AR) and
public works and financial accounting rules (PWF&AR) and replace them with existing
framework of the Rajasthan.
► Had multiple review meetings with Principal Secretary (Finance), Finance Secretary (Budget),
Joint Secretary (G&T) to understand the expectation on the assignment, discuss our
Approach & Methodology and discuss various key issues identified.
► Desk Review of the Documents: The Team has started going through the documents such as
GFAR, PWF&AR (Till latest amended dated 15th July 2022) Treasury Rules, RTPP Act/rules, etc
and other relevant documents like orders/circulars issues in relation to GFAR and PWF&AR as
downloaded from Finance Department, Government of Rajasthan website.
► Preparation and submission of GAP analysis report and presented to Committee for approval.
► Drafting of New rules, forms and appendices of New General financial and accounting rules.
Name of Assignment: Social and Performance Audit Rules and Manual, Government of
Rajasthan Jaipur, Rajasthan

Client: Finance Department Rajasthan

Position held: PFM Analyst
Activities Performed:
► Drafting and finalizations of Social and Performance Audit Rules and Manual, Government of
Rajasthan for Various schemes implemented in the state of Rajasthan.
► Studying the current framework governing Social and Performance Audit in the State, other
states, Centre, and other countries and developing the foundational framework.
► Visits and consultations in various offices (JC of RSPAA, FS(Expenditure), DTA, RFSDL etc.) to
understand the key issues and challenges in conducting audit and Consultations on the draft
manual with the key stakeholders.
► Multiple review meetings and consultations on the draft Social and Performance Audit Rules
and Manual with the key stakeholders and ensured implementation of suggestions,
recommendations, and feedback of the stakeholders.
Name of Assignment: Internal Audit of Project DARED, Agriculture Development Department,
Client: Government of Morocco funded by GCF
Activities performed:
► Evaluated compliance with GCF guidelines and Moroccan government regulations such as
FAA agreement.
► Assessment of contracts with farmers for land rights and determining existence of contracts
for the full 11,000 hectares.
► Verification and Assessment of the effectiveness of project implementation in achieving
desired results.
► Verification and Assessment of contracts with third parties for seeds and water resources and
determining existence of contracts for the full 11,000 hectares.

Risk Management for NTPC Page 25

Page 25
 5. Detailed CV of Proposed
Resources

Name of Assignment: Finalization of Financial Statements Delhi Jal Board

Department: Delhi Jal Board (Associated with S K Patodia)
Key Activities Performed:
► Finalization of Financial Statements including Balance sheets and Profit and loss account
from 2016 to 2021
► Main features of Assignment: Reconciliation and Scrutiny of General Ledgers Account,
Trail Balance, Preparation of fund flow, Bank reconciliations (More than 200 Bank Accounts
and other activities related to finalization of Financial statement.
► Proper record keeping related to CWIP, assets capitalization and inventory
management related to long term capital infrastructural projects.
► Ensuring all the compliance related to Taxations. Provident Fund department (Returns and
timely payment of PF,EPS and other statutory liabilities
Name of Assignment: Chhattisgarh Public Financial Management and Accountability Program
(World Bank funded)
Department: DIF, Finance Department, GoCG. (Associated with S K Patodia)
Key Activities Performed:
► Member of Program Management Consultant (PMC) for implementation of Integrated
Financial Management Information System (IFMIS) in Government of Chhattisgarh.
► Study of existing financial activities and various software like e-works, e-kosh, D base
system of the state and prepare various reports.
► Re-aligned the above-mentioned software with General financial rules and regulations
and find out the GAP in current system related to Financial rules (GAP Analysis)
► Prepare commitment control policy for the state as there is no commitment policy in
the state. (Mandate of World Bank Program)
► Prepare a training plan for capacity building of human resources both in the Finance
Department and other line departments on various aspects of PFM and Public Procurement.
► Prepare the tracking system for progress of various Disbursement Link Indictors (DLIs) of the
project.
► Assist in preparation Medium term Fiscal Framework and Public Investment Management
Framework.
► Development of standard operating procedure to atomization entire activities of finance
Name of Assignment: Financial management and technical support consultant (National Level
assignment covering software development)
Department: Unique Identification Authority of India (UIDAI)
Key Activities Performed:
► First time adoption of accrual-based accounting system
► Designing of accounting system as per budget code designed by ministry of finance,
government of India
► Re-aligning accounting process as per applicable rule of GFR (General Financial Rules), India.
► Automation of pre-accounting process including payment approval, prescribed formant of
GAR (General accounting rules) and integration with budget
► Development of standard operating procedure to atomise entire activities of finance, HR and
budgeting section.
► Develop SoPs for Finance, budget, Procurement, and accounting management module.
► Monitoring & evaluating the data integration interface. developing e-learning modules for
training strategy Regular training and handholding support to UIDAI Staff

Risk Management for NTPC Page 26

Page 26
 5. Detailed CV of Proposed
Resources

Name of Assignment: Financial Management Manager.

Year: 2018-19
Employer: Havells India Limited
Key Activities Performed:
► Develop Pricing strategy, Budgeting, Forecasting business plan in line with
Marketing/Sales & Finance team.
► Preparing Analytical Report and facilitating to Sales Team to keep debtors within the credit
period & credit limit as provided and Maintaining Debtors Ageing and collection and Scheme
Reconciliation for Channel Business Unit
► Budgeting & forecasting business plan & Determination of Variance
► Ledger scrutiny & Month wise check & rectify the Trial balance and after the closing year
check & correct in the financial year opening balance of the ledgers.
Name of Assignment: Financial Management Consultancy
Year: 2017-18
Department: Patna Municipal Corporation
Key Activities Performed:
► Assistance in development of pre audit software in line with Bihar Financial Rules and
Bihar Municipal Act
► Designing of accounting system as per budget code designed by UDHD Department in line
with Bihar Municipal Accounting Rules and Manual
► Re-aligning accounting process as per applicable rule of BFR (Bihar Financial Rules) and
Inter-regulations issued by department.
► Automation of pre-accounting process including payment approval and integration with
budget
► Development of standard operating procedure to atomization entire activities of finance
► Develop standard operating process for Finance and accounting.
► Study and train team members for newly rollout Comprehensive Financial Management
System (CFMS)
► Implementation of expenditure management and vendor management module in PFMS
Name of Assignment: Process defining, internal control and financial management of operation
spread in all major districts of Bihar
Year: 2016-17
Department: Bihar State Tourism Development Corporation
Key Activities Performed:
► Study of existing financial system policies, procedures (fund flow, fund utilization protocol),
operation need assessment at different level to suggest required process re-engineering
for successful accounting system (Software) roll-out.
► Preparation of required charts of accounts (COA), systems, process, procedures, manuals,
codification, data digitization, integration and migration strategy/plan for successful
Accounting System roll- out at all level. System Configuration, testing (System and user
acceptance), data entry, data synchronization, system rollout and transition risk
management.
► Support and ensure timely (monthly, quarterly, half-yearly and annual) preparation, update
and submission of various financial report/information at different level.
► To develop required e-training modules, user friendly manual/ guides/ reference
materials to have effective training and learning as per the training plan. Regular
on-line/offline training, capacity building and hand holding support at all level of staffs.

Risk Management for NTPC Page 27

Page 27
 5. Detailed CV of Proposed
Resources

Name of Assignment: Process setup for Auditing & Budget function in Public Health
Engineering Dept (PHED), Bihar (DFID Funded, UK)
Department: Public Health Engineering Department Govt. of Bihar
Key Activities Performed:
► Study of existing Financial/Accounting system, Audit system, policy, procedures
practices, operation need assessment staffing and capacity. Formalize procedures for
Budget preparation, authorization, control and review.
► Develop e-training modules, Preparation, update and submission of various financial
report/information at different level.
► Review and provide inputs on financial guidelines.
► Monitoring and Guidelines to field level agencies in Identification, Valuation, and
verification. discussion with Management.
Name of Assignment: Accounting and support to improve financial, work contract and
accounting system, internal control and other related module and firm appointed as
“Financial Management and Technical Support Consultancy” for operation spread across
all major districts of Bihar
Department: Bihar Urban Infrastructure Development Corporation Limited
Key Activities Performed:
► Assistance in implementation and training to team members for newly rollout
Comprehensive Financial Management System (CFMS)
► Re-aligning accounting process as per applicable rule of BFR (Bihar Financial
Rules.
► Study of existing Financial/Accounting system, Audit system, policy, procedures
practices, operation need assessment staffing and capacity. Review report with
detailed roll out & work plan.
► Preparation of charts of accounts (COA), systems, process, procedures, manuals,
codification, data digitization, integration, and migration strategy/plan.
► Review and provide inputs on financial guidelines/ manual/ formats/ training modules
of BUIDCo.
Name of Assignment: Financial Management Consultancy
Employer: Su-Kam Power System Ltd.
Key Activities Performed:
► Develop Pricing strategy, Budgeting, Forecasting business plan. Exposure to
formulating cost-effective solutions for enhancing the gross margin of Products.
► Analysing & Reconciliation the various schemes given to trade partners
► Preparing Analytical Report and facilitating to Sales Team to keep debtors within the
credit period & credit limit as provided and Maintaining Debtors Ageing and
collection and Scheme Reconciliation for CBU
► Preparing Profitability Statements/MIS of Company, Solar Projects and Branches on
monthly basis & Present to Senior Management.
► Budgeting & forecasting business plan & Determination of Variance, Ensuring &
Handling Billing, Collection, AP and AR of Solar Projects.
► Preparing and Analysis of Cost sheet of newly applied Solar Projects.
► Ledger scrutiny & Month wise check & rectify the Trial balance and after the
closing year check & correct in the financial year opening balance of the ledgers.
Risk Management for NTPC Page 28
Page 28
 5. Detailed CV of Proposed
Resources

Position Title Technology Risk Consultant

Name of Expert: Dikssha Garg
Date of Birth:
Country of India
Citizenship/Residence

Educational Qualifications:

Title of qualification awarded B.Tech, Computer Science, 2017

Principal subjects/occupational skills Computer Science, Information Technology
covered Management
Name and type of organisation providing Chitkara University, Chandigarh, India
education and training

Certification Details:

 CISA
 ISO 27001 LA :2022
 ISO 27001 LA :2013
 ISO 27701 L1 :2019

Employment record relevant to the assignment:

Period Employing Countr Summary of activities performed

organization and your y relevant to the Assignment
title/position. Contact
info for references
Apr18- Deloitte Touche India She has led multiple projects related to :
Present Tohmatsu  Risk Management
Position- Consultant  Third Party Risk Management
diksshagarg@gmail.com  ISMS Implementation
 Policies and Procedure Development
 Compliance Assessment

Risk Management for NTPC Page 29

Page 29
 5. Detailed CV of Proposed
Resources

Nov 17- Hewellet Packard India She has led multiple projects related to :
Mar 18 Enterprises  HPE Storage Devices
Position- Storage  Backup devices
Consultant
diksshagarg@gmail.com

Jan17- Apr Net Solutions India She has led multiple projects related to :
17 Position- Developer  Web Application
Consultant  Website creation
diksshagarg@gmail.com

Membership in Professional Associations and Publications: ISACA

Language Skills: Hindi/English

Reference to Prior Work/Assignments

Name of assignment or project: Regulatory Compliance and Risk Assessment

Client: Leading Bank
Positions held:
Activities performed:
► Performed various Regulatory and Compliance audits.
► Performed risk assessment for in scope departments for the client.
► Developed and Implemented comprehensive Third-Party Risk Management policies and
procedures
► Worked on the incident management tool for providing support and recommendations to
a consultancy firm.
► Generated detailed reports and analysis on Third Party risks, providing actionable
insights
Name to management
of assignment or project: Third Party Risk Management
Client: SWAN IWDMS project
Positions held:
Activities performed:
► Performed Third Party Audit services for State Data Centers and IWDMS /SWAN projects.
► Conducted the gap assessment as per ISO 27001:2013 controls.

Risk Management for NTPC Page 30

Page 30
 5. Detailed CV of Proposed
Resources

► Performed risk assessment for in scope departments for the client.

► Prepared and modified the existing SOA and recommended appropriate changes to
manage risks.
► Performed third party risk assessments for BFSI clients.

Name of assignment or project: ISMS Implementation including risk assessment and

risk treatment
Client: Government Data Center and PSU
Positions held:
Activities performed:
► Prepared, reviewed and updated the policies and procedures based on ISO 27001:2013 as
well as IRDAI for an insurance sector client.
► Conducted Internal Audit for sites to ensure fulfilment of all applicable requirements of
ISO 27001:2013, including risk assessment report and risk treatment plan.
► Provide support in closure of the gaps identified during internal audit for the client.
► Supported client in external audit of ISO 27001:2013 certification as well as helped them
achieve the same.
► Prepared, reviewed and drafted policies, procedures and other documents for ISO
27001:2013.
► Supported in achieving ISO 27001:2013 certifications.
► Regularly review and improve the ISMS based on feedback, audits and changing threat
landscapes.

Name of assignment or project: Annual Assessment/Onboarding Assessment

Client: UIDAI Ecosystem Partners
Positions held:
Activities performed:
► Performed Information Security Assessment of Authentication Ecosystem Partners of UIDAI
(ASAs, AUAs/KUAs & sub – AUAs) as per UIDAI guidelines which includes State IT
Implementing Agencies, BFSI, PSUs, NBFCs, Banks, etc.
► Designed and implemented comprehensive onboarding programs to facilitate smooth
integration of new hires
► Analysed performance data to identify trends, strengths, and areas for improvement at
both individual and departmental levels.

Risk Management for NTPC Page 31

Page 31
 5. Detailed CV of Proposed
Resources

Position Title Working Team Member

Name of Expert: Rahul Kumar
Date of Birth: 09/06/1992
Country of India
Citizenship/Residence

Educational Qualifications:

Title of qualification awarded Chartered Accountancy - 2016

Principal subjects/occupational skills Auditing, Financial management, Financial
covered reporting and Taxation
Name and type of organisation providing Institute of Chartered Accountants of India
education and training
Title of qualification awarded B. Com – 2013
Principal subjects/occupational skills Commerce
covered
Name and type of organisation providing Delhi University
education and training
Employment record relevant to the assignment:

Period Employing Countr Summary of activities performed

organization and your y relevant to the Assignment
title/position. Contact
info for references
March‘22- Ernst and Young LLP India He has led multiple projects related to :
Present Position- Senior  Risk Based Internal Audit
Consultant  Business process reviews
Rahul.kumar13@in.ey.co  Internal Control reviews
m  SOP development

Nov’21 – Ernst and Young LLP India He has supported in project related to:
Feb ’22 Position- Senior  Internal Audit
Consultant
Aug’19 – Outcome Solutions and India He has led multiple projects related to:
Sep’21 Services LLP  Internal Audit
Position – Senior  Expenditure Audit
Consultant  Business process reviews
 Internal Control reviews
 SOP development

Risk Management for NTPC Page 32

Page 32
 5. Detailed CV of Proposed
Resources

Sep’18 – Dinesh Jain & Associate India He has led multiple projects related to :
July‘ 19 Position- Consultant  Risk Based Internal Audit
 GST
 Accounting
Dec’17 – GAA & Company India He has led multiple projects related to:
July ’18 Position – Consultant  Tax consulting
 Accounting
March’17 – K R Rubberite Limited India He carried out accounting, internal reviews
Nov’17 Position – Accounts and supported in business development.
Executive

Membership in Professional Associations and Publications: Institute of Chartered

Accountants of India (ICAI)
Language Skills: Hindi/English

Reference to Prior Work/Assignments

Name of assignment or project: Business Process transformation

Client: RUA
Positions held: Project Member
Activities performed:
► Reviewed the current process of finance department and identify risks and control gaps
in the same.
► Conducted meetings with process owners and discussed risks and control
recommendations.
► Conducted discussion with system consultant of client to identify and document system
interactions with the process.
► Document Finance department policy and procedure in line with exiting ways of works,
risk and controls, system integration and inputs obtained from the process owner.
► Obtained feedback on the document and finalize the finance policy and procedure in line
with PIF requirements
Name of assignment or project: Risk based Internal Audit
Client: HT Media
Positions held: Project Member
Activities performed:
► Reviewed existing revenue process and identified bottlenecks and risk prone areas.
► Conducted meetings with the process owners to understand the existing ways of
working.
► Prepared and shared document and sample requests and carried out audit of the same.
► Conducted audit of documents and sample and identified risk and issues in the
operations.
► Documented observations and conducted discussion with process owners to obtain
clarifications.
► Prepared audit report and conducted discussion with top management to align on the
observations.

Risk Management for NTPC Page 33

Page 33
 5. Detailed CV of Proposed
Resources

Name of assignment or project: Internal Financial Review (IFC)

Client: Care Health Insurance Limited
Positions held: Team Member
Activities performed:
 Obtained existing RCM of covered processes and identified sample to test the controls for
following:
 HR
 Legal & Compliance
 Underwriting
 Marketing
 Wellness
 Actuarial
 Conducted review of internal financial controls and identified risks and non-compliances.
 Identified design gaps in controls in line with COSO and SoX frameworks.
 Discussed and agreed on risks, non-compliances and design gaps with process owners.
 Prepared IFC report and obtained alignment with top management.
Name of assignment or project: Internal Audit
Client: Housing and Urban Development Corporation (NBFC)
Positions held: Team Member
Activities performed:
► Conducted discussions with process owners and understood the current processes for
following:
► Revenue
► Expense
► Provisions
► Compliance
► Fixed Asset.
► Reviewed the client document and identified risk indicators and risk areas.
► Obtained document to audit scope in areas and detailed review of risk prone areas.
► Identified noncompliance's and issues and discussed with process owners to align on the
same.
 Discussed and agreed on risks, non-compliances and design gaps with process owners.
 Prepared Internal Audit report and obtained alignment with top management.
Name of assignment or project: Process reviews for key business areas
Client: Indus Tower Limited
Positions held: Team lead
Activities performed:
► Obtained process documents and led the process walkthroughs with the process owners.
► Developed the sampling methodology for the teams enabling appropriate selection of the
samples to represent all class of transactions.
► Reviewed the existing process walkthrough notes and flow charts to identify any design
level gaps.
► Led the analytics to be performed across multiple processes for review of Electronic Board
Restoration, BOQ Cancellation etc.
► Led discussions with process owners for concluding on key finding and development of
mitigation plans.
► Drafted the report.

Risk Management for NTPC Page 34

Page 34
 5. Detailed CV of Proposed
Resources

Position Title Working Team Member

Name of Expert: Sahil Narula
Date of Birth: 25/04/1991
Country of India
Citizenship/Residence

Educational Qualifications:

Title of qualification awarded Chartered Accountant - 2019

Principal subjects/occupational skills Auditing, Financial management, Financial
covered reporting and Taxation
Name and type of organisation providing Institute of Chartered Accountants of India
education and training
Title of qualification awarded B. Com (Hons.) – 2014
Principal subjects/occupational skills Commerce
covered
Name and type of organisation providing Delhi University
education and training
Employment record relevant to the assignment:

Period Employing Countr Summary of activities performed

organization and your y relevant to the Assignment
title/position. Contact
info for references
June‘22- Ernst and Young LLP India He has led multiple projects related to :
Present Position- Consultant  Business process reviews
Sahil.Narula@in.ey.com  Internal Control reviews
 Setting up of PMU
d  Financial Analysis
 Financial Transformation
Sept’21 – NMN & Associates India He has led multiple projects related to:
May ‘22 Position – Consultant  Setting up of PMU
References:  Financial Analysis
Nishank Tyagi – Partner  Credit Risk Monitoring
canmnassociates@gmail.
com
Aug’17 – Shiromany Tyagi & Co. India He has led multiple projects related to:
Aug’21 Position – Associate  Internal Audit
Consultant  Expenditure Audit
References:  Budget Preparation and Variance
Alok Shiromany – Partner Analysis
Alokshiromany@gmail.co  Implementation of Accural Accounting
m  Fixed Asset Audit

Risk Management for NTPC Page 35

Page 35
 5. Detailed CV of Proposed
Resources

Membership in Professional Associations and Publications: Institute of Chartered

Accountants of India (ICAI)
Language Skills: Hindi/English

Reference to Prior Work/Assignments

Name of assignment or project: Financial Transformation of Employees State Insurance

Corporation (ESIC)
Client: ESIC
Positions held: Project Member
Activities performed:
► Identified the key business processes and led the detailed walkthrough of the existing
policies and procedures.
► Identification of gaps within each of the process to highlight the key risks involved and
areas to streamline or improve
► Evaluated effectiveness of key transactional controls through testing and review or
observation and ensure documentation and quality of testing procedures.
 Assessed appropriateness of the existing internal controls as specified in the current
processes followed at client for the key processes.
 Conducted documentation and process mapping of key processes and controls.
 Monitored changes in policies, systems, and processes relating to each department and
ensure the appropriate risks are assessed, and timely and accurate information is
provided to stakeholder units.
Name of assignment or project: Provided consultancy services for preparation of
Performance Audit Manual
Client: Government of Rajasthan
Positions held: Project Member
Activities performed:
► Held discussion with the state officials to get a walkthrough of existing manual.
► Provided suggestion and changes in the existing manual to the state officials by
reviewing the existing manuals from other states.
► Design and development of audit framework and summary manual
► Development of key performance indicators and key responsible areas to conduct audit.
Name of assignment or project: Quality Assurance Review of Field Units of World
Health Organization (WHO)
Client: WHO
Positions held: Project Leader
Activities performed:
► Developed the sampling methodology for the teams enabling appropriate selection of
the samples to represent all class of transactions.
► Provided guidance to the team and was also responsible for overall quality of the
deliverables for this project.
► Conducted review of UN's Global agency’s policies related to procurement, accounts
payable, travel & expenses and access for the Country Office.
► Performed walkthroughs/spot checks for multiple areas such as procurement, accounts
payable, project monitoring and reporting, fixed assets, petty cash etc.
► Conducted documentary review of sample transactions for procurement and accounts
payable.
► Provided recommendations to strengthen the internal controls at the country office.
► Preparation of draft audit report and its finalization.
Risk Management for NTPC Page 36
Page 36
 5. Detailed CV of Proposed
Resources

Reference to Prior Work/Assignments

Name of assignment or project: Setting up of PMU for evaluation of fee hike proposal
Client: Directorate of Education
Positions held: Project Member
Activities performed:
► Prepared report on the observations, suggestions and comparative financial performance
of the schools.
► Evaluated the budget estimates of receipts and payments
► Prepared audit checklist to review work to ensure consistency, adequacy and timely
completion of the engagement.
► Analysed impact upon accounting, reporting and controls; and making associated
recommendations and suggestions.
► Evaluated effectiveness of key transactional controls through testing and review or
observation and ensure documentation and quality of testing procedures.
► Reviewed fixed asset register, financial statements of respective years, registers
prepared and budget prepared.
► Interacted with external auditors on accounting policies, laid down policies of education
system for fee hike and financial statement disclosure matters, as required.
Name of assignment or project: Design, Development and Preparation of RFP
Client: Goods and Service Tax Network (GSTN)
Positions held: Project Member
Activities performed:
► Worked on the As-Is assessment for GST System and identified gaps for improvement.
► Preparation of To-be Report based on gap analysis.
► Drafted the Request for Proposal (RFP) for GST System.
► Conducted weekly meetings with clients to understand their respective modules.
► Conducted weekly status review of reports and presentation of deliverables.

Risk Management for NTPC Page 37

Page 37