Open to opportunities

Sreenivas Royal

@sreenivasroyal

Message

I’m IT GRC leader specializing in SOX 404, ITGC/ITAC testing, and risk assurance.

India

Message

What I'm looking for

I’m looking for an Internal Audit and Compliance Manager role where I can lead ITGC/ITAC and SOX 404 scoping and testing, manage risk, and modernize compliance with CCM—partnering with auditors and control owners to deliver measurable audit-ready outcomes.

I’m a Strategic Information Technology Governance, Risk, and Compliance (IT GRC) leader with 8.9 years of total IT experience and a 6.6-year track record steering IT General Controls (ITGC), Sarbanes-Oxley Act Section 404 (SOX 404) compliance, and Internal Audit programs. I lead risk assessment and control optimization for enterprise portfolios, including key DHL engagements, while aligning testing effort to high-risk materiality and improving control design.

I drive compliance outcomes through hands-on testing and governance—executing TOD/TOE frameworks, SAP security baselines via PFCG, and IT application control validation. I’ve modernized audit delivery with Continuous Controls Monitoring (CCM) strategies (reducing manual testing by 35%), built automated evidence pipelines using ServiceNow GRC and Audit Board, and partnered with Big 4 auditors to streamline evidence collection and reduce annual audit friction by 4 weeks.

Experience

Work history, roles, and key accomplishments

Principal Consultant

Apar Technologies

Aug 2025 - Dec 2025 (4 months)

Led risk assessment and control optimization for a major enterprise portfolio, driving compliance across 15+ workflows and removing 20% of redundant key controls. Used ServiceNow GRC and Audit Board to automate compliance tracking and executed ITGC/ITAC testing, including TOD/TOE for computer operations and SAP security governance.

ServiceNow GRC SAP Security Test Of Design (TOD)Test Of Effectiveness (TOE)Computer Operation Statistical Sampling (PCAOB)

Lead Consultant

Rime Soft Pvt. Ltd

Jun 2024 - Aug 2025 (1 year 2 months)

Managed a cross-functional global team of 6 auditors and led IT SOX compliance programs, including annual scoping aligned to high-risk materiality. Built a CCM framework with Tableau and Power BI to reduce manual testing by 35%, and eliminated 90% of open control deficiencies using RSA Archer and ServiceNow GRC while delivering SOC 2 Type II testing.

Annual SOX Scoping Tableau Power BI RSA Archer ServiceNow GRC Team Leadership Risk Assessment

Lead Assistant Manager

EXL Services

Dec 2022 - May 2024 (1 year 5 months)

Led risk-based IT internal audits covering cloud architecture, database security (Oracle/SQL), networks, and incident workflows, and tested SDLC program development and modification controls. Performed pre/post assurance for SAP S/4HANA transformations and deep-dive SOC 1/SOC 2 Type II reviews, partnering with Big 4 auditors and reducing annual audit friction by 4 weeks using MetricStream and Serv

SAP S 4HANA Oracle SQL MetricStream ServiceNow GRC

Senior Associate Consultant

Universal Softech Hub

Mar 2017 - Dec 2022 (5 years 9 months)

Executed end-to-end IT audit engagements, managed deliverables, and upskilled junior team members while testing ITGCs and automated application controls across Windows, Unix/Linux, iSeries, DB2, and SQL databases. Evaluated IAM including emergency access (Firefighter IDs) and privileged recertifications, administered SAP security provisioning via PFCG, and tested computer operations controls while

Automated Application Controls Identity & Access Management (IAM)Firefighter IDs Emergency Access Computer Operation Unix Linux Auditing DB2 Auditing