Ravikumar Bana

• Strategically leading the establishment of an enterprise-wide IT Governance Framework across all four missions of Dubai Health: Care, Research, Learning, and Giving.
• Driving cross-functional governance integration across IT departments including: Budget & Contracts, Procurement, Change Management, Release & Deployment, Incident & Problem Management, Project Management (PMO), Software Development Lifecycle (SDLC), Business Relationship Management (BRM), Service Desk, and Service Delivery.
• Developed and implemented end-to-end SOPs, process workflows, SLAs, KPIs, and RACI matrices aligned with COBIT, ITIL v4, ISO 27001/20000, and UAE regulatory mandates (DDA, CAA).
• Integrated Ivanti ITSM platform governance across change, incident, and problem workflows to ensure auditability, risk visibility, and compliance alignment.
• Collaborated with Enterprise Architecture teams to embed TOGAF-aligned EA practices into each phase of the PMO Lifecycle.

• Advised on ISO 27001 readiness, ITSM process alignment, and GRC structuring
• Developed and reviewed cybersecurity policies, risk registers, and internal audit tools
• Supported incident response planning, access control practices, and privacy compliance

• Achieved OneTrust Fellow of Privacy Technology Certification, enhancing enterprise-wide privacy and compliance strategies.
• Designed and implemented the SaPRA (Security and Privacy Risk Assessment) framework on the OneTrust platform, enabling automated risk scoring and integrated privacy workflows.
• Contributed to the Cybersecurity and Data Privacy Framework rollout in collaboration with CISO, BISO, and EPB, as part of the Privacy & Risk Steering Committee.
• Led regulatory readiness initiatives aligned with GDPR, ISO 27701, and global/regional privacy laws.
• Established scalable policy controls, compliance KPIs, and audit mechanisms embedding privacy-by-design principles across the organization.

• Led IT service delivery operations, overseeing delivery governance, quality assurance, and compliance monitoring for major clients in healthcare and the public sector.
• Ensured adherence to SLAs, process KPIs, and contract terms via structured governance models and internal audits.
• Implemented Continuous Service Improvement (CSI) frameworks and root cause analysis for service efficiency and reduced downtime.
• Ensured regulatory alignment with ISO 27001, ITIL, and client-specific audit and compliance requirements.
• Played a key role in risk assessments, audit readiness, and cross-functional delivery reviews.
• Led service delivery initiatives, ensuring alignment with organizational goals and client expectations.
• Streamlined operational processes, enhancing efficiency and reducing service disruptions across multiple teams.