Ranveer Singh

More than 11 years of experience within the Enterprise Risk Services practice, specializing in areas of SAP GRC Access Controls, Segregation of Duties, SAP Security, and Process Control with IT General control Audit. My experience also covers IT strategy consulting, project management, technical solution pre-sales, collaboration with diverse and multicultural teams including partners and system integrators, presentation to senior stakeholders, and creation of prototypes. I have worked for clients of all sizes and from different industries.

• Managed Finance Governance and compliance reduced approx. 65% of organizational risk using SAP GRC.
• Managed BAU for GRC Access Control (ARA, EAM and ARM), user, and role admin work.
• 3 full end-to-end GRC Access Control implementations projects from the design phase to the Post-implementation phase on S4 and ECC
• 3 full end-to-end GRC Process Control implementations projects from the design phase to the Post-implementation phase on S4 and ECC
• Conducted many workshops during the design phase to understand the risk priority of the risks, functions, exiting provisioning, and firefighting process on legacy or ECC systems.
• Good experience in designing authorization roles for S4 HANA and ECC.
• Extensive experience in troubleshooting, analyzing, and processing GRC AC issues such as SOD, EAM, ARM, etc 
• Experience in documenting monthly reports, audit logs, policies, procedures, and tracking document
• Lead multiple GRC projects same time, managed the budget and strategic planning.
• Being a GRC specialist, I provided strategic solutions to the clients on GRC tools such as SAP GRC, HighBond, and Archer, which gave more depth, breadth, and adaptability to manage the risk in multiple domains and deliver strategic value to the organization.
• I led the team for the development of a key accelerator of CCM which save dramatically build time and money during implementation.
• Worked on many proposals and pre-sales activities of SAP GRC (PC, AC and RM). 
• Self-motivated in handling the work assigned and adhering to SLA deliverables and deadlines.

Working as a GRC subject matter expert, helping the client with GRC Access control implementation (functional and technical) and BAU work for SAP Security. Below are the key activities which I am currently working:

• Providing the support for monthly reports for Internal and External Audits, ruleset updates, user and role creation/updates 
• Used SU53 and SUIM to assign the missing authorizations to the users. Tracing missing authorization objects using SU53 and recommended appropriate roles for the end-users.
• Worked with internal audit and Compliance Manager to evaluate Segregation of Duties conflicts and consult with business units in reducing the SOD conflicts
• Collaborating with the stakeholders for the SAP role creation, re-design, and remediation after SoD analysis.
• Worked on user administration (creation, maintaining user accounts, and assigning roles)
• Proactively involve with the business owners for ruleset updates whether the TCode will impact any Finance
• Approve the Access Requests on a timely basis. If any request has a Critical Risk, then reject the request. After analysis, start the process of remediation of the role if required.
• Periodically review the unmitigated users and assign relevant mitigation controls for all High risks
• Periodically perform the UAR (User Access Review) process.
• Monitoring the critical transaction codes (su01, pfcg etc) and ensuring that they are assigned to the concerned users only.
• Worked on EAM (Creation of FF IDs, extraction of FF logs etc)