Aparna (aka Tanya) joined Quartesian (now Veranex) in 2013 and has over twenty years of combined experience in QA, audit, compliance, internal controls, information security, data privacy, risk assessment in a clinical research organization, IT, financial services, and AICPA certification industry. As the chief audit and compliance officer and global head of Quality Assurance for Quartesian, she built a strong framework for quality management systems (GCP, 21 CFR Part 11, GDPR) in a cloud environment for Quartesian, as the company expanded its footprints into three continents with seven global offices. She initiated and led the ISO 9001 (QMS) and ISO 27001 (ISMS) certifications in 2020 and the unit remains compliant with the ISO certification status. As the global head of compliance, she implemented companywide the eLearning Management System (ComplianceWire), a robust vendor management program, risk management strategies, implemented GDPR controls, and managed the data privacy contractual needs for the company. Tanya built offshore global support services, including the Proposals and Contracts department, with a competitive bidding and contracts life cycle management process (including Salesforce onboarding). As global head of quality assurance she managed the internal audit plan, internal clinical study audits, CAPAs, deviations, document control, company annual trends (KRI/KPIs), in addition to hosting numerous external sponsor/client audits to qualify Quartesian as their preferred vendor. As BCP chair, she implemented a business continuity plan for Quartesian with Business Impact Assessments and plan testing conducted annually. She was a key member of the Quartesian-Veranex M&A.
At Veranex, Tanya manages the quality and compliance activities related to building companywide quality management systems, audits — supporting ISO 9001 and 27001 certification compliance activities — along with ESG, cyber security, and data privacy related initiatives.
Tanya started her career in 1998 working as an auditor for Accenture (Anderson Consulting) conducting operations and financial audits. Subsequently she held several senior corporate and IT audit roles, operations risk and compliance management positions at Prudential Securities, CitiStreet (a Citigroup Company now ING), and AICPA managing internal operational and IT security audits as well as third party SAS70 Type II, SSAE16 SOC 2 (Type 2) external audit engagements conducted by Big 4 companies.
Her expertise lies in regulatory compliance — GCP; computer system validation; quality management; corporate strategy development; clinical research; risk management; and cybersecurity and data privacy.
Tanya received a B.S. in mathematics (H) from University of Kolkata, India, and business administration from IISWBM, India. She is a Certified Information Systems Auditor (CISA) and a Certified Data Privacy Solutions Engineer (CDPSE) from ISACA. She is a member of ISACA and IAPP.