Tel.: - 832-***-****; Email Address: -firstname.lastname@example.org
An IT Auditor with years of experience in performing Audit for Commercial Clients using the applicable frameworks; COSO, COBIT, PCI DSS. In-depth knowledge of Sarbanes-Oxley Act (SOX), HIPAA, Risk Assessment, IT General Controls (ITGC), SSAE 18 attestation and ERP security assessments.
Microsoft word, Excel, Share Point, SAP, Oracle Financial, Team Mate, Audit Management System, Audit Command Language (ACL), PowerPoint, SQL, Risk Assessment, SOX Audit - (ITGC).
MOSS ADAMS AN INTEGRATED PROFESSIONAL SERVICES FIRM IN HOUSTON, TEXAS. TITLE: -SENIOR IT AUDITOR.
December 2016 to present
Perform audits of IT general controls (ITGC) such as, access control, change management, IT operations, disaster recovery and platform reviews (Windows and UNIX OS).
Perform all stages of IT audit, including planning, fieldwork/execution, reporting, and follow-up.
Perform SSAE 18 reviews for large clients in the Manufacturing, Healthcare and Financial industry.
Perform audits using COBIT, COSO, PCI DSS, HIPAA Frameworks and Standards.
Perform IT application controls testing with Retail Banking and Insurance clients.
Perform Sarbanes-Oxley (SOX) 404 testing of critical systems and applications that financially impact the client and communicate with the client’s external auditors on general computer control related matters and SOX testing procedures.
Conduct IT risk assessments over areas of the global information technology environment to highlight major technical risks and gaps over such environments.
Evaluate effectiveness of control activities in order to provide reasonable assurance regarding client’s achievement of their business objectives over certain business processes to include accounts payable, accounts receivable, and cash disbursements.
Test and evaluate the effectiveness and adequacy of General Computer controls on the Organization’s policies and procedures.
Prepare audit scopes, reported findings and presented recommendations for improving data integrity and operations.
ARMANINO LLP, AN INDEPENDENT ACCOUNTING AND BUSINESS CONSULTING FIRM IN DALLAS, TEXAS
TITLE: - IT AUDITOR.
January 2013 to December 2016
Identified some Key controls and evaluated existing controls using best practices such as COSO, COBIT, ITIL, ISO27002 best practices criteria to define standard requirements for achievements of key IT and business objectives.
Handled of special projects such as Segregation of Duties (SOD) and SOX Compliance business challenge projects, PCI DSS, HIPAA and identify conflicts or inadequate internal controls and provide recommendations.
Conducted risk assessments over areas of the global information technology environment to highlight major technical risks and gaps over such environments
Performed internal and external IT risk assessments, conducted gap analysis against industry standards, and provided recommendations on mitigation options
Reviewed IT infrastructures databases, operating systems and network devices.
Held meetings with subject matter experts identified as contact persons for processes being audited.
Performed all stages of audit, including the audit planning, fieldwork, reporting and follow-up.
Conducted testing of Sarbanes-Oxley (SOX), OMB Circular A-123 Audit and Service Organization Control (SOC) SSAE 18 Review, using COBIT framework.
Reviewed and analyze financial and operational transactions, documents, records and reports in order to obtain facts and verify accuracy.
COTTON AND COMPANY AN AUDIT AND ACCOUNDING FIRM IN ALEXANDRIA VIRGINIA. TITLE: - IT AUDIT ASSOCIATES
January 2010 to December 2012
Identified and communicated IT audit findings to senior management and clients.
Led IT Implementation and testing of internal controls over financial reporting: Sarbanes Oxley Act (SOX), performs Walkthroughs of controls and evaluates operating effectiveness of controls.
Performed audit of IT general controls such as access control, change management, IT Operations, disaster recovery and platform reviews (Windows and UNIX OS)
Performed various audit engagements using COBIT and FISCAM frameworks, both in commercial and government entities.
Conducted root cause analysis of vulnerabilities and coordinates with appropriate stakeholders to remediate findings on IT audit engagements within schedule and budget constraints.
Performed and document audit activities in accordance with professional standards such as COBIT, COSO, PCI and SOX internal control frameworks Audit Project.
Extensive experience in IT auditing with emphasis on commercial public companies and federal government departments using ITGC, Application Controls, COBIT and FISCAM frameworks.
Evaluated segregation of duties over application security involving the company's ERP systems (SAP and Oracle Financials) and execute audit strategy.
Knowledge of Control Objectives for information and related Technology (COBIT) framework developed by the information Systems Audit Control Association (ISACA).
INTERCONTINENTAL BANK PLC LAGOS, NIGERIA
TITILE: - INTERNAL CONTROL & COMPLINACE OFFICER
April 2006 to December 2009.
Provided assurance services, with responsibility for supervising auditors
Reviewed for compliance with organization's policies, state financial regulations and monitored for due diligence
Reviewed system of controls in place for adequacy through substantive and compliance testing.
Carried out prepayment audit of transactions for correctness, proper authorization and source document completeness
Conducted Value for Money Audit of significant transaction and post-payment reviews
Analytical performance review through comparison of budgets with actual figures, variance analysis, monitoring and reporting.
Conducted Personnel/ Payroll Audit, Operational and Work Flow Audit for resource optimization.
Generated and communicate periodic audit/ assurance reports, and follow-up for remediation of exceptional incidents.
Fixed assets audit, LPO tracking and inventory stock -taking to monitor and safeguard assets.
Obafemi Awolowo University, Ile Ife, Osun, Nigeria
Bachelor of Science in Computer Science June 2006
CompTIA Security + Certified
CISA: (Candidate sitting for exam by December 2018)
Information Systems Audit and Control Association (ISACA)
Institute of Internal Auditor (IIA).
Available upon request