Austen Mudi
Upper Marllo*boro, MD 404-***-****
***** ******.****@*****.***
PROFILE
A professional IT Auditor with strong analytical, problem solving skills. I am detail oriented and thorough person which ensures I get things done right the first time. I possess a career history of 3 years of combined experience in information technology audit, compliance audit and 3 years of Risk Management in the financial sector. I possess know-how of IT governance, ITGCs, IT Application Controls testing and review and yearly audit plans.
EDUCATION
Bachelor of Science, Technology Graduated 2010
University of Llorin, Llorin, Kwara State, Nigeria GPA:3.8
WORK EXPERIENCE Denver, Colorado
FRAC SHACK AMERICA June 2017 to Present
IT Auditor
Performing Sarbanes-Oxley (SOX) audits and performed ITGCs and application controls for internal controls testing as part of audit readiness projects.
Performing tests of Access controls, Change management and IT Application controls with attention to the applications or infrastructure in scope.
Comparing reports of projects in production data base with those migrated using the software configuration tools for any anomaly while testing controls around change management.
Performing substantive testing by obtaining front end reports from applications under review and compared it with a back-end report to validate the accuracy and the completeness of the report.
Documenting work performed by preparing work papers.
Reporting control weaknesses/deficiencies and related testing exceptions.
Identifying and communicating IT Audit findings to audit committee and management.
Performing Service of Organization Control (SOC) SSAE 16 Review, checking for the auditor’s unqualified opinion, CEUC’S etc. using COBIT and COSO frameworks.
Executing IT Infrastructure testing – databases, Active Directory, Servers and operating systems.
Reviewing Business Continuity plans.
Testing IT internal controls as part of financial statement audit, Internal and operational audits, Attestation of engagement, and Audit readiness.
Testing, detecting and preventive control effectiveness.
Participating in the execution of audits at the firm's affiliate locations from the Planning phase to Follow-up phase.
Identifying opportunities for process improvement in the organization’s IT Policies and Practices.
Performing Business Continuity and incident management audits.
Performing technical security testing to identify potential threats and vulnerabilities.
Utilizing data analytics tools to streamline audit processes.
HOME DEPOT Florence, South Carolina
Staff IT Auditor December 2016 – April 2017
Assessed the design appropriateness and operating effectiveness of Information Technology controls throughout the business cycle.
Performed all aspects of IT audit process from planning, execution, reporting and follow-up.
Assisted with audit scope determination, risk and control identification, design of audit program, policies, standards and procedures evaluation, control testing, and evaluation and analysis of results.
Performed Access control, Change Management control, IT Operations Control and IT application controls.
Identified deficiencies in the design and operating effectiveness of controls and provide recommendations.
Evaluated potential opportunities and threats associated with emerging technologies, regulations, and industry practices.
Provided status of the internal control environment within business units and provide recommendation to mitigate the control weaknesses between the current and recommended state.
Supported clients with audit readiness initiatives.
DIAMOND BANK Nigeria
Risk Assurance Team July 2013 – April 2016
As part of a centralized unit responsible for assessing and monitoring risks across the company (market, credit risk, compliance risk, operational risk) I liaised with business units to ensure risks are understood and properly managed
Coordinated audit readiness projects and assisted in their execution to ensure the bank was ready for its annual compliance audit
Ensured bank in compliance with regulations as stated in the Central Bank of Nigeria Act, Banks and Other Financial Institutions Act (BOFIA), the Companies and Allied Matters Act (CAMA), in accordance with the Corporate affairs Commission (CAC), the Financial Reporting Council of Nigeria (FRCN) and the Securities and Exchange Commission (SEC).
Provided support and knowledge to all departments and units within the bank to reduce any potential loss through potential risk situations by assessing problems to understand their source and impacts through consultation and planning, collection and analysis of data and gathering “best practices” information from organizational and external sources.
Investigated complaints and breaches and provided recommendations for improving business services standards and communicated same to Operational Risk Manager and CIO.
Supported and tested legislative and regulatory compliance by administering compliance frameworks and performing regular testing and reporting of results to appropriate management
Supported the Operational Security Risk Manager in the investigations of internal or external fraud events to minimize loss to the bank.
Provided recommendations towards the improvement of applicable business operational processes from these events to mitigate that fraud risk from reoccurring
Assisted in performing the Effective Challenge of assessments completed by first line of defense control managers, determining if risks have been properly identified, evaluating if control objectives have been accomplished, and recommending enhancements to the controls which mitigate risk in the bank’s processes.
Technical Knowledge Certifications Applications
ITGCs Comptia Sec+ Certified Acrobat Reader, PeopleSoft
Risk based Audit Walkthrough MSI Sarbanes-Oxley trained Professional-Certified Audit Command Language
Certified Scrum Master Scrum Master Teammate, UNIX,LINUX
Internal Audit CISA-Scheduled Date Q2 2019 IDEA, Oracle fusion, AIX-IBM
SOX SharePoint, SQL, Accurate
SOC 1 Type 2 Review Microsoft Office/Dynamic
PCI DSS SAP, NetSuite,Windows
COBIT Oracle fusion/JDE/PeopleSoft
Splunk