Risk assessment and management
Great interpersonal skills
Good organizational skills
Participating in information technology risk assessments, IT audits, Sarbanes-Oxley (SOX 404) compliance assessments, and IT consulting engagements ·
Conducted audits of information technology systems and infrastructures to verify that systems are secure and support the related applications or business processes.
Collaborated with my team members in developing project plans, work programs, evaluating system controls, documenting results, making recommendations, and communicating information to clients.
Performing assessments of ITGC and Application Controls by testing for Access Control, Change Management, and IT operations in line with COBIT or FISCAM framework.
Analyzing and documenting all information systems and related controls, and developing appropriate audit program to test the controls identified.
Developing and maintaining effective interpersonal relationships with client's staff/management and audit staff & management.
Analyzing the adequacy of the security and processing controls as they relate to each audit, and the effectiveness of general computer controls in effect in the IT environment.
Performing walkthrough and detail testing of
controls to determine if controls are properly designed and operating
Collaborated in audit process, including planning, risk assessment, execution, reporting and follow up.
Performed walkthrough and detail testing of controls to determine if controls are properly designed and operating effectively.
Conducted SOX annual testing in line with control requirements, and review the execution of various IT key control tests.Analyzed and report SOX control deficiencies and document test results based on testing performed
Collaborated with our team to provide input into decisions on audit scope, staffing requirements and work assignments, leading and supervising the team.
Led a 5-member team to validate that access control, disaster recovery, business continuity, incident response and risk management needs are adequate.
Performed risk assessment; document related risks and key controls; develop appropriate audit programs to test the control risks identified and evaluate operational compliance.
Documented tests performed and the results to ensure work papers support noted observations, conclusions and recommendations, to reduce disagreements with clients.
Performed testing of identified security areas
in line with professional standards and tests the effectiveness of computer
systems and their information security components.
Conducted walkthroughs, test procedures and documented test results and exceptions of about 5 to 6 audits in a year resulting in savings of over $200k USD in fines and penalties
Documented tests performed and results to ensure work papers support noted observations, conclusions and recommendations, reducing disagreements with clients by more than 75%
Conducted risks assessments, documented related risks and key controls which helped identify risks of material misstatements benchmarks (e.g. 5% of income or 1% of assets)
Reviewed work papers and prepared written
summaries of findings and recommendations, reducing disagreements by more
than 80% Planned, supervised, coordinated, assigned and
evaluated the work of 8 subordinate internal auditors
Managed and led operations, liabilities and general administration of a branch with assets of over $30m USD and 40 employees and transformed the loss-making branch to profit within 6 months
Conducted periodic audits of various departmental operations, systems and procedures thus reducing weaknesses and misstatements by 87%
Evaluated the effectiveness of controls relating to credits discipline and security administration thereby improving the quality of credits disbursed
works and reports of 32 branches' internal controllers, engagement feedback,
and reporting to internal control management
Certified Information System Auditor - CISA
Associate Certified Accountant - ACA
Companies Worked For:
Job Titles Held: