IT Project Leader/Implementation Expert
Resume:
Lori Myers, CISA, PMP 214-***-**** (cell)
*** **** *****, *******, ** 75019 ******@*****.***
Qualification Highlights
Information Technology (IT) leader in the areas of IT governance, risk and compliance, project management, system development, security and technical support.
Big-4 experience performing audits and managing projects for various clients and industries.
Established the direction of several IT and IT Audit departments, including risk analysis, planning, resource scheduling, managing programs/projects and performing IT controls reviews.
Conversant in IT Management best practices, processes, standards, and procedures (e.g., COSO, ERM, COBIT, PMI, ITIL, ISO, CMMI).
Adept in communicating with and influencing all levels of management, including senior executive management, line management, user departments, cross-functional teams, third-party providers and all areas of IT from the process owners to highly technical staff.
Competent in leading a direct report or matrixed team of staff and service resources.
Accomplishments
Appointed to assist Deloitte & Touche LLP National leadership in developing and training Global Partners and Senior Managers on a new IT Risk Assessment methodology.
Performed IT Risk Assessments for annual audit and IT strategic planning for various clients and industries (e.g., retail, oil/gas, energy, healthcare).
Designed and implemented integrity techniques that ensure financial reporting reliability, operational efficiency and effectiveness, and compliance with laws and regulations.
Reduced IT SOX controls between 30-50% after the issuance of Auditing Standard No. 5.
On several projects, provided assurance that appropriate business process and security controls were included in the software design.
Implemented IT scorecard to monitor and reduce IT costs and improve efficiencies.
Increased project methodology efficiencies (delivering on time, budget, and requirements) during a review of a hospital-wide electronic health record application.
Developed IT Security Policies to establish direction and standards for Information Security and HIPAA Privacy for a hospital.
Developed IT controls repository, based on Control Objectives for Information Technology (COBIT 4.1) for a hospital management services company.
Professional Experience
Myers & Associates LLC, Dallas, TX 2008 – Present
Owner/Principal
Founded IT Governance, Risk and Compliance Consulting business.
Dallas Children’s Hospital
Performed a project pre-implementation review of the enterprise-wide, integrated application supporting an electronic health record, resulting in improved issues management and testing procedures.
Developed an enterprise-wide IT risk model for the hospital linked to the IT strategic plan.
Led project to create information security policies based on ISO, HIPAA and Privacy regulations.
Dallas Hospital Management Services Company
Developed IT controls repository, based on Control Objectives for Information Technology (COBIT 4.1) to enable the standardization of critical IT controls across all IT assets (networks, operating systems, applications and databases).
Created an automated approach to continuous monitoring and controls auditing.
Deloitte & Touche LLP, Dallas, TX 2005 – 2008
Senior Manager
Provided value-added IT Governance, Risk & Compliance (IT GRC) services in the areas of:
IT Governance and Strategy - Established IT governance structures, policies and procedures and ensured IT plans were linked to the business’ strategic plans.
IT Risk Assessments - Reviewed risks within IT strategic plans and evaluated IT risks across the Governance, Process, Applications and Infrastructure layers.
IT Management and Processes - Facilitated departmental improvements and change.
Internal Audit - Performed IT audits and several SOX readiness reviews.
External Audit - Performed external audit of Information Technology.
Project Management - Acted as program/project manager on multiple projects.
IT Process Improvement - Evaluated current state processes, recommended improvements.
Security Impact Assessments - Assessed current state security, recommended improvements.
Sarbanes-Oxley Readiness - Assisted with gap analysis, remediation, retesting.
Control Rationalization - Reduced manual or redundant controls and assisted with design of
automated controls.
Project Pre-Implementation - Reviewed project plans, issues, risk, and change management.
ERP Application Controls - Reviewed business process and security controls.
Disaster Recovery - Audited DR procedures.
RadioShack Corporation, Fort Worth, TX 2003 – 2005
IT Audit Director
Internal Audit Department
Developed the IT Audit department to become a quality, value-added audit department by developing audit processes, hiring and training staff, selecting audit software and training staff on audit tools. Developed a risk assessment model, an automated work-paper system, audit policies and procedures, computer assisted audit techniques using Audit Command Language (ACL) and quality assurance procedures.
Performed audit of enterprise Peoplesoft application to provide management assurance that IT security and business process controls, security roles and adequate segregation of duties were in place and operating effectively.
Sarbanes-Oxley
Performed quality reviews of completed documentation, validated IT controls design and operational effectiveness, communicated action plans to remediate design and operational gaps and ensured appropriate controls were in place and operating effectively.
Sears, Roebuck and Co., Hoffman Estates, IL 1993 – 2003
IT Process & Planning Manager / Corporate Governance (2002-2003)
Tele-commuting from Dallas, TX
Defined the new project, change and problem management processes for the Sears IT Enterprise.
Facilitated a team of IT representatives to define and embed the new processes into daily operations and management performance monitoring.
Sears, Roebuck and Co.
IT Process & Planning Manager continued
Utilized the COBIT framework in the design of the IT Processes and integrated the IT Management practices of PMI / PMBOK (project management), ITIL (infrastructure and support) and ISO (security) standards into the policies and procedures.
Successfully developed and delivered process training to 600 IT and Project Management personnel.
Educated IT management on the benefits of defined and measurable IT processes and controls and implemented scorecard to measure reliability, efficiency and effectiveness of the IT processes.
Sears Accounting Services Center, Dallas, TX
IT Service & Support Manager (1999-2002)
Managed team to support Finance systems (mainframe, client/server, workstation and network) stability and availability to the 400 Sears Accounting Center associates.
Responsible for ongoing support, upgrades, and operational improvements.
Directed the development and testing of the Accounting Center Disaster Recovery Plan, integrated with the Business Continuity Plan.
Reviewed new contracts to ensure Service Level Agreements were defined for all 3rd party IT contracts.
Sears Internal Audit Department, Hoffman Estates, IL
IT Audit Manager (1993-1999)
Managed 15 IT Audit associates.
Implemented continuous auditing techniques using ACL.
Arthur Anderson’s review determined continuous audit software processes to be “best in class”.
McDonalds, Oak Brook, IL 1992-1993
IT Audit Supervisor
Successfully implemented COSO in the Audit process. Provided training to the Audit department and business managers, resulting in improved process standardization and compliance.
Education and Certifications
Northern Illinois University, DeKalb, IL
B.S. Computer Science and B.S. Finance
CISA, PMP
Personal Contributions
Children’s Medical Center – Care Volunteer
Network of Executive Women – Board Member
ISACA – Newsletter Committee
Contact this candidate