Karen Livingstone - CPA, CIA, CISA

Summary

Senior Compliance/Audit Professional with 15+ years experience in corporate

governance, risk mitigation and process improvement within the finance,

operations and information technology (IT) disciplines. Successful

project manager with a credible track record in cost reduction and process

improvement projects and strategies. Multi-industry experience facilitating

"best practices" knowledge. Exceptional communication skills with the

ability to affect change and work effectively with experienced leadership,

as well as direct and indirect reports.

Education

Master of Accounting/Management Information Systems (M.a.CC), Florida

Atlantic University, Boca Raton, Florida

Bachelor of Business Administration (B.B.A.), Florida Atlantic University,

Boca Raton, Florida

Industries Served

Technology, Retail, Insurance, Utility, Pharmaceutical, Aerospace,

Entertainment, Health Care, Financial Services, Manufacturing,

Publishing/Media, Public Accounting

Principal Areas of Practice

Information Technology/Processes Knowledge

Networking, IT Security, Disaster Recovery/Business Continuity, Change

Management, User Access Administration, Systems Administration, Storage

Management, Job Scheduling, Help Desk, Wintel, Unix (Sun Solaris, AIX,

HP/UX), AS/400, Perimeter Protection (firewall, router, IDS), Vulnerability

Assessment, Data Center Operations

Success Attributes

. Ability to negotiate and execute

. Leverage technology and compliance

. Cross functional collaboration/communication

. Articulation of complex ideas

. Continuous process improvement

. Management of people and processes

. Best practices

Professional Experience

Audit Director - HEICO Corporation, Hollywood, Florida (2005-2009)

A publically traded aerospace company with 34+ operating units located in

the U.S. and abroad

. Designed, executed and monitored all financial, operational and IT risk

mitigation activities for 34 domestic and international subsidiaries.

Scheduled all audits with corporate and subsidiary business unit

leadership considering peak financial reporting cycles and other needs

. Streamlined the risk assessment process by using relevant quantitative

and qualitative criteria (materiality, historical and forecasted

consolidated financial information, subsidiary line of business, high

growth, new systems implementation, complex accounting issues, and new

acquisition status) in accordance with regulatory guidance promoting the

use of a scaled scoping approach and reduced testing activities resulting

in a significant cost savings

. Recruited, hired, and mentored a team of professionals with skill sets,

competencies and capabilities required to achieve audit and compliance

activities removing reliance on third-party consultants achieving a cost

savings of $1.1M

. Educated and assisted new acquisitions with the development of financial

and IT-related policies, procedures, and processes aligned with corporate

requirements

. Partnered with senior leadership to develop and implement a rationalized

SOX internal controls framework in accordance with PCAOB No. 5 and SEC

guidance (prior to publication) resulting in a $1.4 M cost savings

. Partnered with external audit firm to successfully negotiate reliance on

the work performed by the Internal Audit function resulting in the

reduction of audit fees by one third/$300K

. Designed and assisted with the implementation of a formal Fraud

Management Program in accordance with regulatory guidance inclusive of

data analytics and consistent with authoritative guidance and external

audit requirements

. Selected, configured and trained internal staff, subsidiary unit

Controllers and external auditors on an audit/compliance software

solution automating all testing, remediation and documentation changes

increasing the overall ease and efficiency of the audit/compliance

process

. Developed and implemented a methodology to configure preventative

controls within the ERP system (aligned with financial and IT policies

and procedures) significantly reducing the amount of detective controls

tested

. Administered the anonymous Whistleblower Hotline and worked with general

counsel on issue resolution

. Managed the Internal Audit budget

. Provided regular reports to the Audit Committee on the company's system

of internal controls, significant audit recommendations and

investigations into fraudulent activity

Executive Director - Enterprise Risk Management Inc., Coral Gables, Florida

(2002-2005)

A professional services firm offering audit, security and regulatory

compliance services

. Developed and managed practice for the outsourcing of financial,

operational and IT and compliance audits for numerous public and

financial services organizations

. Performed compliance audits at numerous financial institutions with

regard to FFIEC, OCC, BSA, GLBA, PCI and Basal II regulations

. Developed and managed the practice for the provision of SAS 70 services

. Supervised, trained and evaluated the performance of internal project

consultants

. Performed and managed SOX compliance activities focusing on the

identification and mapping of key controls to control objectives and

financial reporting risks, as well as the development of financial and IT-

related policies and procedures for several manufacturing and financial

services corporations

. Performed and supervised numerous IT security audits inclusive of

perimeter protection devices (firewall, router, intrusion detection) and

database, operating and application systems for various clients

. Consulted (pre-implementation) and reviewed (post-implementation)

financial, process and IT security controls configured within differing

ERP systems

. Performed and managed multiple financial application controls reviews

including web-based e-banking and credit card processing systems

. Speaker for multiple professional associations such as the Internal

Auditors Association (IIA), the Information Systems Audit and Control

Association (ISACA), and the Florida International Bankers Association

(FIBA)

. Engaged in development activities and client proposal generation

Senior Integrated Audit Manager - Knight Ridder, Inc., Miami, Florida

(1997-2002)

Second largest publically traded media publisher

. Managed 50% of the integrated Internal Audit function reporting directly

to the Vice President of Internal Audit. Responsible for all phases of

risk assessment, planning, fieldwork and report generation for integrated

audits performed at properties located throughout the U.S.

. Reviewed and performed financial and operational audits

. Reviewed and performed IT general and application controls reviews

inclusive of physical security, program change controls, backup and

recovery, disaster recovery planning, system administration and multi-

platform security

. Managed the IT audit budget and assisted with the preparation of Audit

Committee meetings

. Consulted on the redesign of financial processes operating in a shared

services environment from both a control and operational efficiency

perspective

. Audited the implementation of new and/or modified computer systems to

ensure compliance with the SDLC methodology

. Managed numerous network security assessments utilizing both commercial

and shareware hacking tools and techniques to evaluate vulnerabilities

and risks associated with critical network devices

Senior Internal Auditor - Florida Power and Light Co., Miami, FL (1994-

1997)

Publicly traded Energy Company with presence in 27 states and Canada

. Responsible for performing financial, operational and IT audits over

various processes and utility-specific applications

. Participated as a team member on various system projects providing

consultation on system development lifecycle and internal control

requirements

. In-charged all audits (financial, operational, IT) for the Nuclear

Division and performed risk assessments with the division's President

Auditor - Arthur Andersen LLP, Miami, Florida (1992-1994)

Big 4 Public Accounting/Consulting firm

. Participated in the performance of financial audits with the financial

engagement team

. Performed general control reviews in support of financial audits for

several clients with varied IT environments

. Documented financial control processes in flowchart form using

transactional flow analysis

. Developed audit programs for the review of access control software

packages and operating systems with security features in the mainframe,

midrange and microcomputer environment. Trained clients' IT audit staff

on the audit, control and security of the OS/400 operating system

Associations, Memberships, and Volunteer Work

Instructed courses in Accounting and Auditing Information Systems at

Florida Atlantic University for several terms. Volunteer mentor for the

Women in Community Service (WICS) Program.

. SOX Stewardship (risk assessment, testing, remediation, reporting)

. SOX Rationalization/Cost Reduction

. Internal Audit Startup, Resource Alignment, Training

. Financial, Operational, IT Audit

. Fraud Management

. Continuous Monitoring

. Policy/Procedure Development

. Internal Control Framework Development

. Process Re-engineering

. Project Management

. Financial Application Systems Audit

. IT General Controls Audit

. Operating Systems Audit

. Firewall, Router Configuration Audit

. Financial Application Systems Design and Configuration

. Strategic Planning

. Disaster Recovery/Business Continuity

. SAS 70 Reviews

. GAAP, CAAS, COSO, COBIT, ERM, IIA, IPPF, ISACA, PCI, ITIL, PCAOB, FFIEC,

OCC, BSA, GLBA, Basal II

.

Contact this candidate