IT Audit Manager

Luis Boggia

Calle **bis N****, City Bell, (****), Argentina

IP Phone: +1-310-***-**** Phone: +54-221-*******

E-Mail: ***********@*****.***.** Skype: Luisgboggia Profile: http://ar.linkedin.com/in/luisboggia/en

Dear Hiring Manager,

My name is Luis Boggia.

I introduce myself and offer my professional services, if my skills are compatible with your needs, for your evaluation or referral to whom consider relevant for this evaluation.

I consider myself proficient and highly qualified to management a Governance, Risk and Compliance (GRC) for assist organizations in optimizing their protector functions by improving the quality and effectiveness of their internal audit and compliance functions.

I am specialized in performing IT audits and consulting, identifying risks and making recommendations, improvements and changes needed for improve the business processes, the internal control and mitigate the technology risks.

I am certified as CGEIT (Certified in the Governance of Enterprise IT), CISA (Certified Information Systems Auditor), and CRISC (Certified In Risk and Information Systems Control) by ISACA International.

I have performed several IT audit revisions, planning and executing reviews of effectiveness of IT General Controls (application / process / systems / infrastructure / security), Disaster Recovery Plan (DRP), Business Continuity Plan (BCP), physical security and evacuation plans, both domestically and internationally, using Computer Assisted Audit Tools (ACL, Arbutus, Autoaudit Languard and others), on different environments (mainframe, midrange and microcomputers), with over 28 years experience in these environments.

Since 1997 I work at Banco de la Nación Argentina

-Since 2006 as IT Audit Supervisor.

-Between 1999 and 2006 as IT Audit Support Manager

-Between 1998-2000 I was the team leader of 20 IT auditors in the Y2K project

In the last 7 years was my responsibility, planning and executing the controls of effectiveness of technology Disaster Recovery Plan (DRP) and the Business Continuity Plan (BCP), in all own datacenters in nationwide and latam at Banco de la Nación Argentina, applying the laws and best market practices. This include the reviews of effectiveness of physical security and evacuation plans.

I also participated in the stage of definition for the new Building in Argentina for the main DataCenter at Banco de la Nación Argentina, through the vision of audit.

In the last 4 years, I have been the supervisor on IT audits performed in Latin America branches of Banco de la Nación Argentina.

I am currently living in Argentina, with double citizenship Argentinian and Italian (with EU passport from Italy).

I have Visa B1/2 (valid until 2020) and I need sponsorship for work in US (Visa H1B or EB3).

My native language is Spanish (fluent), and I have intermediate knowledge of English and Italian with ability to read, write, and speak/listen (not fluent).

My English may not be optimal, but my ability and quality of work cover that weakness.

I'm employed, but actively seeking an opportunity to join a large, global, well-known and progressive company that will help elevate my career, with expectancy for promote my career in USA.

For me would not be a problem relocate to U.S, with or without assistance for moving.

My baseline pretension is 95k, but my pretensions and my availability date are negotiable, looking to satisfy both sides.

You feels free to perform any other inquiries

Yours faithfully.

Luis Boggia

Argentina

Skype: Luisgboggia

http://ar.linkedin.com/in/luisboggia/en

Luis Boggia

Calle 28bis N3202, City Bell, (1896), Argentina

IP Phone: +1-310-***-**** Phone: +54-221-*******

E-Mail: ***********@*****.***.** Skype: Luisgboggia Profile: http://ar.linkedin.com/in/luisboggia/en

IT Audit Supervisor

I am professional with over 28 years of experience on IT, specialized in performing IT audits, identifying risks and making recommendations, improvements and the changes needed for improve the business processes, the internal control and mitigate the technology risks.

Career Objective

Perform management Governance, Risk and Compliance (GRC) for assist organizations in optimizing their protector functions by improving the quality and effectiveness of their internal audit and compliance functions.

I will like development the annual IT audit plan based on the business impact analysis (BIA) or enterprise IT risk assessment, ensuring that laws, internal policies and procedures, by means of IT audit general reviews (application / process / systems / infrastructure / security), Disaster Recovery Plan (DRP), Business Continuity Plan (BCP), physical security and evacuation plans, both domestically and internationally.

Areas of Expertise

Audit plan development

Audit of Evacuation Plans

Risk assessment matrix

Review and analyze audit evidence

IT Audit General Controls

Formulate opinions and make recommendations

IT Audit Logical Security

Reports to Board or Executive Management

IT Audit of Compliance SDLC

Computer Assisted Audit Tools

IT Audit of Disaster Recovery Plans (DRP)

COBIT, COSO

Audit of Business Continuity Plans (BCP)

ISO17799, ISO27001, BCRA4609

Audit of Physical security of IT assets

Mentoring/Training of new IT auditors

Technological Expertise Worked On

Mainframe environments based on z/Os/MVS/OS390, RACF, TSO, ISPF, SDSF, JES2, CICS, SMF, Endevor, Control-M, COMPLETE, ADABAS/Natural, Natural Security, ADASAF, SAG Utilities (Sysmain, Adasel, Predict, CA-Endevor, CICS, ACL for z/Os, ARBUTUS for z/Os, COBOL, PL-1, FORTRAN and others;

Wide-range and Microcomputers environments based on Unix, Aix, MS Windows, Active Directory, FORTIGATE, Microsoft Office Suite products, MS Visio, ACL for Windows, ARBUTUS, Lotus Notes, TEAMMATE, AutoAudit, CLIPPER 5, DBASE, BASIC, and others.

Certifications

CISA (Certified Information Systems Auditor) – ISACA: 2004

CGEIT (Certified in the Governance of Enterprise IT) – ISACA: 2009

CRISC (Certified in Risk and Information Systems Control) – ISACA: 2010

Education /Training/ knowledges

Bachiller Nacional: (High School) Instituto José Manuel Estrada, La Plata: 1983

Course Internal Auditor ISO 27001: ADACSI – (ISACA Buenos Aires Chapter): 2009

Course of PSP (Physical Security Professional) – West Corp Arg. ASIS International: 2012

Lenguage Spanish (Fluent), English and Italian (intermediate)

Associations

Member of ISACA International

Member of ADACSI (ISACA Buenos Aires chapter)

Member CGEIT Certification Committee (2010-2011) - ISACA International

Member of the Government and Regulatory Advocacy Subcommittee 2 (2012-2015) - ISACA International

Member CISA Certification Committee (2012/2016) –ISACA Buenos Aires chapter

ISO Subject Matter Expert (SME) (since 2012) - ISACA International

Information Security Subject Matter Expert (SME) (since 2015) - ISACA International

ISACA’s Privacy Principles Subject Matter Expert (SME) (since 2015) - ISACA International

Supervisor into ISACA International exams day, in Buenos Aires (June 2013, December 2013, and June 2014)

Professional Experience

Banco de la Nación Argentina (1997 – today)

Bank founding in 1891 entirely with state capital, covers all over the country and is the largest commercial bank in Argentina that bring high value to its customers, and employees. Perform the function of a financial agent of the Federal Government and assists small and medium enterprises. The Bank operates across the Argentina, Brazil, Uruguay, Paraguay, Chile, Bolivia, United States, Spain, Panama and Grand Cayman. Has 670 national branches, 16 international branch and more that 16000 employees. Is the Argentina’s largest Banking.

Positions Filleds

2006 – Present

IT Audit Supervisor

1999 - 2006

IT Audit Support Manager

1998 - 2000

Team Leader IT Audit Project Y2K

1997 - 1999

Ssr. IT Auditor Specialized

Details

IT Audit Supervisor : 2006–Present

Accountable at the IT Audit Management of preparing audit work plans based on objectives defined in COBIT for evaluate the security, confidentiality, integrity and availability of the information, the Physical security of IT assets, the Disaster Recovery Plans, the IT General control, and the SDLC of applications.

Contributions

Developed and implemented IT audit plans for all projects at corporate office and customer service centers in all locations (local, regional and international), planning memos, and determine audit scope,

Identify technology risks and their respective key mitigating controls,

Prepare risk assessment matrix, and audit programs applying COBIT, COSO, ISO17799, ISO27001, BCRA4609, and others,

Planning and execute reviews of effectiveness of IT General Controls (application / process / system / infrastructure), performed using Computer Assisted Audit Tools (ACL, Arbutus, Autoaudit and others),

Planning and execute reviews of Disaster Recovery Plans, Business Continuity Plan, Physical Security, and Evacuation plans,

Document the IT audit process with risk assessments, workpapers, interviews of clients, and narratives,

Conducting special audit of complex IT project, evaluating and controlling the progress of them,

Review and analyze evidence, and conclusions reached, evaluating findings, formulate opinions, make recommendations, documenting the: IT audit process, risk assessments, workpapers, interviews, and narratives,

Analyze and detect latent risk factors and possible errors in the processes that lead to risks and suggesting an action plan to remedy it, according to the cost of remediation

Evaluating the performance of 15 IT Audit staff personnel, in accordance with corporate standards for efficiency

Mentoring and Training of new IT auditors,

Write audits reports, and present to Executive Management, and Audit Committee of Board of Directors,

IT Audit Support Manager : 1999-2006

Accountable of tasked with analysis, evaluation and control of computer projects in the Audit Management

Contributions

Conducted the analysis and programming of loan analysis systems, balance scoreboard that allowed to assess the financial status of the branches and to determine the highest risk to project new financial audits

Established self-development programs in different programming languages either the PC-based systems and Mainframe

Supervised and conducted the search and extraction of information from databases as well as generating samples on different audit teams, using ACL for Windows and OS/390, and different programming languages.

Provided advice, support and training in technology to 200 auditors non IT specialized, distributed throughout the country

Performed analysis and determination of functional, technical and budgetary requirements for fixed or mobile hardware to be purchased and configured to distribute among all national auditors representatives.

Supervised 5 IT professionals subordinates, overseeing team members in accordance with corporate standards for efficiency

Mentoring and Training of new IT professionals.

Team Leader IT Audit Project Y2K : 1998-2000

Accountable of evaluation and control of the project Y2K

Ssr. IT Auditor Specialized : 1997-1999

IT Audit General controls

Prior Experience

Ministerio de Economía de la provincia de Buenos Aires

IT Audit Manager

1997

Ministerio de Economía de la provincia de Buenos Aires

Sr. IT Auditor

1992 - 1997

Ministerio de Economía de la provincia de Buenos Aires

Analyst programmer

1992

CyC Confecciones SA

Internal IT Auditor

1991

Boggia Microinformática SC

Owner

1986 - 1991

Contact this candidate