Brian Frantz ***** Montague St.
Tampa, FL *****
abnp03@r.postjobfree.com
OBJECTIVE
Obtain an IT Audit and Compliance position that will enable me to utilize my leadership, analytical, and interpersonal
skills to make a positive contribution to the organization.
WORK EXPERIENCE
WellCare Health Plans - $2 Billion publicly held healthcare company Tampa, FL
Senior IT Audit Consultant Mar. 2008 - Present
• Participated in creation of a new IT Internal Audit function that was previously outsourced – Defined audit
process, marketed audit purpose, developed relationship with IT, established repeatable SOX process.
• Coordinator for SOX IT General Control and Application Control initiatives – Conduct testing, coach clients on
maintenance of controls and documentation, guide remediation of deficiencies.
• Performing comprehensive risk assessment of IT Environment consisting of interviews and focus groups to
identify unmitigated risks. Evaluating relative risk against complexity to remediate, this will drive prioritization
of initiatives.
• Manage and test Oracle Financial Application SOX Controls (Accounts Payable, Fixed Assets, and Financial
Close). Corrected an access issue that allowed users to enter and post journals to the General Ledger.
• Manage and perform IT Audits (scope, planning, fieldwork/testing, final report). Identified hundreds of missing
system Patches and lack of antivirus using Nessus and GFI Languard Tools in a Configuration Management
Audit. Proposed implementation of a project prioritization and tracking process during a Project Management
Audit.
• Participate in Business Operational Audits – Influenced the implementation of a Business Impact Analysis for
Business Continuity Planning and Disaster Recovery. Suggested adding an address validation to a Claims
returned check process to ensure we meet state contract requirements for paying a claim. Encouraged
business to take ownership and create a process for granting, transfers, and removal of role based security
access.
• Manage SAS 70 reviews
• Discuss Audit status and issues with IT Vice Presidents
Progressive Insurance - $15 Billion publicly held auto insurance company with 3000+ IT resources Cleveland, OH
Senior IT Auditor Sept. 2006 - Feb. 2008
IT Auditor May 2005 - Sept. 2006
• Led the IT Audit Team in the implementation and execution of Section 404 for Sarbanes Oxley. Reviewed and
evaluated IT control design, and reduced deficiency count by over 100. Helped initiate a role based security
provisioning and monitoring process across the company.
• Initiated use of COBIT while participating on a $200 million development project to ensure proper controls are
built into the application. Projected the QA testing estimate for the project was well short of actual time
required. Identified critical data (SSN, Credit Card #) was not planned for encryption potentially violating
Payment Card Industry (PCI) laws.
• Standardized the Software Change Management process across an organization with 3000+ users by
implementing an $8 million tool (Serena ChangeMan and TeamTrack) for the company mainframe and client
server applications. Created stronger controls throughout the SDLC process for initiation, testing, approval,
and implementation of production code changes.
• Provided training and presentations to 100+ SOX resources (management and subject matter experts) to
provide knowledge of roles and responsibilities for SOX, and supervised 20 IT Testers responsible for testing
IT General Controls.
• Chaired and provided SOX deficiency results to Corporate CFO in quarterly meetings of 4-6 people.
• Implemented a SOX Software Tool (Axentis) to facilitate a workflow, house documentation, and improve
efficiency of testing and communication. Provided training on the tool to 200+ users.
• Formulated relationships with external auditors (PwC) and IT Clients. Directed any interaction with
management, observed walkthroughs, maintained a deficiency database, and enforced remediation of
deficiencies.
• Managed audits for the Agent Business group. Identified issues in an online policy document signing process
of fields not updating properly and communication emails not sent to Progressive customers to e-sign
documents. Coordinated conversion to corporate standardized software change management process.
Senior Systems Analyst/Programmer August 2003 - May 2005
Systems Analyst/Programmer June 2002 - August 2003
• Involved in all phases of the SDLC process – Maintained, updated, and supported claims system. Performed
analysis, coding, and testing enhancements. Improved the subrogation process to help recover millions of
dollars from other insurance companies.
• Applied systems solutions to business problems through the design and programming of automated systems.
Created a program to transfer claims data from the Claims System to Progressive’s website so customers
could view their claims information online through the internet.
• Developed documentation and flowcharts for critical claims system transactions (Payments, Reserves,
Recoveries) and performed SOX testing to verify the accuracy and validity of the claims system for initial year
of SOX financial reporting.
• Resolved production support on-call issues and daily issues submitted in Remedy ticketing system. Used the
job scheduler recovery notes to assist in resolution of issues.
• Led Disaster Recovery exercises ensuring claim system was recovered, and managed nightly quality
assurance cycle.
EDUCATION
Cleveland State University, Cleveland, OH June 2004
Masters of Business Administration
Miami University, Oxford, OH May 2002
Bachelor of Science
Double Major: Management Information Systems / Finance
TRAINING/CERTIFICATIONS/SKILLS
• Dale Carnegie Training – Effective Communications & Human Relations
• Certified Information Systems Auditor (CISA), ISACA Member, IIA Member, COBIT, COSO
• COBOL, IDMS, Lotus Notes, Mainframe, Unix, SQL/DB2, Microsoft Office Applications (Word, Excel, Access
PowerPoint, Visio, Outlook, Windows)
• AutoAudit Software and Axentis SOX Tool
• Exposure to Oracle and PeopleSoft
• Exposure to PCI and HIPPA