Kiran J Bhujle

Kiran Bhujle is a senior technology risk executive with over 20 years of experience in helping organizations with their technology risks and transformation programs. Kiran has deep expertise in the areas of information security, ERP application security, identity and access management, IT and business transformation. He also implemented compliance programs related to enforcement actions and industry-recognized standards including SOX, COBIT, HIPAA, FFIEC, NIST, ISO 27001.

Previously, Kiran was responsible for the Cybersecurity, Technology Risk and Privacy practice initiatives, and has successfully assisted global organizations with their technology risk programs, access management, compliance projects.

Kiran led the Access Management and Security service for EY Risk Transformation practice. Kiran’s responsibilities included practice building, leadership and client management including go-to-market strategy, client relationship, sales, delivery, and solutions development.

Former Senior Manager at IBM GRC and Security practice was responsible to support the core ERP consulting practice. Kiran was responsible for building the core GRC and Security practice, business development, sales, delivery across industry verticals.

Former Manager at Deloitte & Touché (now, Deloitte) Enterprise Risk Services responsible for delivering security and controls transformation engagements for Fortune 50 companies. Member of the Launch team of Outsourcing and Offshoring Risk Services.

Kiran holds CISA, CRISC and CDPSE certifications and has been a lecturer at Columbia University for more than two years, focusing on IT Risk Management and Data Privacy for the Enterprise Risk Management graduate program.


• University of Karnataka, India: Bachelor of Science, Mechanical Engineering
• Fairleigh Dickinson University: Master of Business Administration, Information Systems

Professional Associations

• Columbia University, Faculty – IT Risk Management, Enterprise Risk Management Graduate Program
• (ISC)² (The International Information System Security Certification Consortium), Member
• CMMC (Cybersecurity Maturity Model Certification), Registered Practitioner
• ISACA (Information Systems Audit and Control Association), Member
• IIA (Institute of Internal Auditors) Member