Manager Internal Audit

JAMES A. ORLAND, CPA

*** ****** **** ****: 973-***-****

Kinnelon, NJ 07405 ac55ee@r.postjobfree.com

RISK MANAGEMENT & CORPORATE GOVERNANCE SENIOR MANAGER

Business Advisor with Senior Management & Audit Committees

Finance: Risk Management – Internal Audit – Sarbanes Oxley

Operations: Project Management & Reengineering – IT Integrated Audits/Data Mining/ACL – Fraud Reviews

Management: Hiring – Consultant Team Building – Career Development

Multi-dimensional leader with global experience in internal audit roles, working as an outsourced provider as well as directly for internal audit departments. Effectively partner with CFO to develop risk management programs in concert with business plans. Extensive manufacturing, distribution & sales-driven industry experience. Highlights include:

Manage Internal Audit programs for multiple public-company clients. Conduct global business risk assessments resulting in risk management action plans and internal audit coverage plans for operational, finance, IT, fraud and compliance risks.

Coordinate global internal & external audit activities and Sarbanes Oxley testing for clients to maximize efficiency.

Successfully managed multiple clients to first-year Sarbanes Oxley compliance and increased efficiency in subsequent years.

Utilize career development life cycle approach to hire, train, promote, as well as utilize contractors and borrowed staff to maximize efficiency.

Proven problem solver with ability to work across organizational silos to establish the relationships necessary to get things done.

Catalent – Somerset NJ

10/17 – Present

Perform SOX for an international company. Review SOX framework and update the framework. Perform walk throught’s and make SOX selections and create test workpapers.

CBIZ – Harrisburg, PA

7/17 – 10/17

IT Consultant

Perform a customer service audit that included a web portal and a tax module for the creation of 1099 & 1098 forms. Created narratives, test plans and tested key controls for both area’s.

Alexander Wang – NY, NY

4/17 – 7/17

Sr. Consultant

Created a SOX program that included process narratives, key controls, test plans with expected steps and documentation. Covered 5 business processes, including Payroll, Accounts Payable, Financial Close, Fixed Assets and Revenue.

Experis – Parsippany, NJ

11-16 – 4-17 & 7/17

Sr. Consultant

Perform internal auditing, SOX Financial and IT auditing and special projects for an audit consulting firm. The special project is to value Work in Progress for a recent acquisition in the pharmaceutical industry, New Jersey in Iowa and North Carolina. Draft audit findings, and have exit meetings. Create a sox control process for a luxury retailer and process narratives for the entire company.

09/16 – 10/16 Dodgeville WI

SOX Auditor

Perform SOX testing for a retail clothing corporation – Lands End for Financial and IT controls. Review test scripts and evaluate and process test selections. Review SSAE16 reports and evaluate results and user control considerations.

05/16 – 7/16 Roseland, NJ

Remediation Coordinator

Coordinating findings remediation for a Fortune 500 payroll services provider ADP. Create Archer reports in order to evaluate high risk IT findings and interact with the finding owners. Create the business role so that others may follow the same methodology. Develop and drive the completion of audit finding remediation plans to achieve baseline compliance for identified deficiencies and control weaknesses. Facilitate the completion of remediation efforts with IT, Business and vendor stakeholders

Evaluate remediation plans and determine if they are adequate to fix the risks that are exposed. If inadequate, interact with the finding owners and key stakeholders in order to guide adequate remediation.

Tata Consultancy Services (Outsourced offshore provider of IT services)

5/14 – 5/16

IT Compliance Manager

Perform quarterly IT SOX Audits and SSAE16 audits for an outsourced IT provider for a publishing company John Wiley in Somerset NJ. Perform annual scoping, creating test procedures, expected evidence and establishing remediation plans. Map IT resources to IT SOX requirements. Periodically update control framework by comparing controls to company policy and COBIT to ensure that risks are monitored and tested. Perform general and application control reviews for computer information systems. Perform information control reviews of access controls, system development standards, operating procedures, system security configuration, programming controls, communication controls, backup and disaster recovery, and system maintenance. Prepare audit finding reports and working papers to ensure adequate documentation exists to support completed audits and conclusions. Follow up on audit findings to ensure management and control owners have taken corrective actions

Ensure that policy and procedures are adequate and update based on requirements. Review IT internal control processes and determine if in compliance with IT Security objectives and company policies. Meet with finding owners in order to address remediation requirements. Perform semi-annually access reviews to ensure that provisioning is approved by management and is aligned with job descriptions. Evaluate and drive IT remediation efforts and determine if they are adequate to address issues and provide for best practices. For SSAE16 evaluated ITGC’s and provided to external auditors. Interacted with external auditors to minimize findings and combine them in order to achieve 98% compliance rating.

Consulting

3/09 – 05/14

Internal Audit Manager/Consultant

Perform risk assessments, audit program creation, plan audits, execute audits, prepare drafts, resolve remediation and issue final reports. Work on audit assignments in various businesses; supply chain, unclaimed property, HR and payroll, month-end close, revenue and disbursements. Analysis of exceptions and provide guidance for remediation efforts. Perform operational, and compliance IT audits as assigned. Follow up on Financial and IT audit findings in order to ensure that remediation took place according to audit recommendations and management responses. Evaluate contracts to ensure that terms and service level agreements are met. Perform pre-application reviews and ensure that project plans are adequate, and have appropriate controls and that issues are resolved. Write policy and procedures for upgrading the control environment. Write desk procedures for employees involved in the monthly closing process. The companies include high tech manufacturing, financial services and specialty retail. SOX areas have included both financial and ITGC controls. Monitor application enhancement for process improvement. Retail clients include Lands End, Coach and Manufacturing Veeco and Pitney Bowes and Financial Services American Express. Pharma client Novartis. Media Pearson Education.

CBIZ RAS / Harborview (National Accounting & Professional Services Firm – Big 8)

3/02 – 9/08

Senior Audit Manager

Perform risk assessments, audit program creation, plan audits, execute audits, prepare drafts, resolve remediation and issue final reports. Created and gave a presentation on a CPE training class in the area of COSO based risk assessments. Plan and oversee the implementation of annual internal audit plans for a staff of nine. Use SOX as a launch pad for COSO risk and control based audit programs in order to ensure that audit objectives are efficient & are successfully addressed, and customized as appropriate. Evaluate SAS 70 reports in order to evaluate UCC and determine the risks posed by exceptions in the reports. Participate in IT data center and disaster recovery audits. Establish SOX framework & dashboard to continually monitor compliance and remediation efforts. Developed linked excel spreadsheets to simplify the testing and updating of SOX testing. Perform project management of SOX 404 teams. Monitor enhancement of applications for process improvement recommendations, as well as lead remediation efforts with key stakeholders and provide guidance. Conduct evaluation of risks and mapping to COSO and COBIT to ensure that risks are addressed. Write policy and procedures for companies in order to assist in SOX requirements.

International Specialty Products/GAF – Wayne, NJ 1997 – 2002

Audit Manager

Manage the annual audit planning stages for IS and Financial audits including annual business unit risk assessments. Train and develop staff in COSO methodology and the integrated audit approach, including hiring and the annual review decision process. Perform IT data center & disaster recovery audits. Develop audit programs which embed IS downloads into operational reviews

Performed Due Diligence acquisition reviews, based upon inventory and A/P database analysis, obtained a $550K price decrease from an escrow account.

Using ACL reviewed for duplicate payments and saved over $700k

Union Camp – Wayne, NJ 1996 – 1997

Audit Supervisor

Perform IS and Integrated Operational Reviews. Involved in the audit planning, risk analysis compilation for IS and Financial audits. Train staff in using data downloads in order to perform audits that use entire databases to evaluate operations. Involved in several special projects:

Reviewed an inventory that indicated that safety stock was not a component of inventory settings, this caused increased costs of $700K at one plant, while 20 plants had the same issue.

Performed a pre-implementation review of the Company wide A/P and Purchasing Module and resolved an issue during go-live training that stalled the progress of 20+ employees for 2 days.

Loctite Corporation – Hartford, CT 1993 – 1996

Audit Supervisor

Perform IS and Integrated Sophisticated Operational Reviews. Perform reviews that included supply chain and the evaluation of ABC costing systems. Created customer/product/order profitability reviews which were accepted by the Board of Directors as a quarterly requirement. Performed IT data center & disaster recovery audits

Performed reviews to establish the ability to predict future scrap reporting for finished goods.

Developed reports to determine the adequacy of credit limits and the evaluation of A/R.

Federal Paperboard – Montvale, NJ 1989 – 1993

Senior Auditor/IS Auditor

Perform IS and Integrated Operational Audits. Perform extensive pre-implementation and application reviews. Ensured adequate controls were designed into all in house applications, identified an application weakness that could have easily allowed inventory to leave the plants.

Technology: Archer, ACL, VISIO, SAP, Oracle, Lawson, BPCS, AS400 and homegrown applications.

Education and Certificates: Seton Hall University – M.B.A. Finance

William Paterson College – B.A. Accounting CPA & CISA (inactive status)

Contact this candidate