Tim Hannie, CISA
San Antonio, TX 78254
aco71s@r.postjobfree.com
Certified Information Systems Auditor (CISA)
Internal Audit – Risk Management – Information Security – Project Advisory – Project Management (Traditional and Lean
Agile) – Process Improvement (Six Sigma) Systems Development/Implementation – Data Management – Operations Support
PROFESSIONAL EXPERIENCE
USAA, San Antonio, TX
Sr. Risk Advisor 10/2012 - Present
Advise finance and accounting, risk management, fraud, anti-money laundering (AML) and CEO/Board of Directors Support, on
identification and testing of risks and controls. Overseeing programs to identify and manage Internal Controls over Financial
Reporting (ICFR) and COSO 2013 framework compliance. Perform risk assessments on new projects, system
acquisitions/implementations, process improvements, business continuation/disaster recovery planning, and other ad-hoc
assignments. Audit and regulatory exam support.
Senior IT Auditor 5/2008 – 10/2012
Leading audit teams through full cycle audits of the most complex information technology, information security, network, fraud, and
project audits. Operational audit experience includes Fraud, Banking, Procurement, Human Resources, Communications, Insurance
and Financial Services. Leading project advisory and audit team on project engagements across all lines of business. Green belt in
Six Sigma and experienced in Lean Agile project methodologies. Reviewed and audited contracts for systems acquisitions and
assessment of vendor risks and controls.
* Developed program for risk assessing projects for appropriate engagement scoping.
* Developed audit metrics for executive level reporting.
* Developed and delivered training to develop staff proficiency in project consulting.
* Developed and delivered training to department to develop technical audit competencies.
Information Systems Security Advisor 10/2003 – 5/2008
Protected employee and customer data through process and system improvement. Directed the development and implementation of
IT projects to ensure highest security standards. Evaluated and audited potential and current vendor systems, facilities, policies, and
hosted data centers to ensure security of USAA data (ISO17799 audits). Created department disaster recovery plan for critical
business systems. Contributed to enterprise security guidelines and policy. Wrote and delivered security compliance training for
enterprise use. Performed data analysis and reporting using MS Access and Excel.
Supported: PeopleSoft HR Core, Time & Labor, EPM, ELM, Resumix, Cognos, Virtual Edge, Avaya CMS, Crystal Reports, MS
SharePoint, several vendor hosted Web applications, and databases on Oracle, SQL, DB2, TSO, IMS, RACF, LAN, and Unix.
Training: PeopleSoft, PeopleTools, Virtual Edge, Resumix, CICS, DB2.
* Developed and implemented system access auditing process which allowed USAA to resolve chronic problem with excessive user
access.
* Recognized by USAA’s Security organization as one of the top 5 security analysts at USAA.
* Helped HR avoid over $1 million in losses due to potential information security breaches.
* Developed employee accountability process and system to account for employee's health and injuries during disaster scenarios.
HR Program Mgr - Web Development 7/2002 – 10/2003
Drove HR's Web development process to improve the efficiency of the HR organization, reduce associated costs, and provide world-
class self-service to the employee base and job seeking candidates via online channels. Advocated for enterprise resources to support
and implement HR development projects under my leadership. Performed data analysis and reporting using MS Access and Excel.
* Drove development and implementation of enterprise manager portal and employee self-service portal, which retired excessive
content reducing maintenance by 75% saving $500,000 annually.
* Developed first extranet for employees at USAA.
* Drove development and implementation of a change request intake process which improved internal customer experience and
reduced work load by 50% saving $200,000 annually.
* Delivered all projects on time and on budget, average project cost range $750,000 - $1 million.
SBC Communications Inc. (Now AT&T), San Antonio, TX 3/2001 – 7/2002
Compensation Consultant
Provided compensation, analysis and counsel to Human Resources Generalists and supervising managers within their business units.
Performing job evaluation and market pricing services (utilizing MercerPRISM survey database). Advised business units on the
utilization and administration of the management compensation program and organizational design. Performed data analysis and
reporting using MS Access and Excel.
* Partnered with SBC Tax Department to identify $5 million in tax credits for SBC.
* Reduced 500 Finance and Accounting core jobs into 50 benchmark jobs.
* Ensured the on-time delivery of two large and significant department projects through exercise of project management techniques.
Staffing System Operations Manager 6/1998 – 3/2001
Improved process and operations efficiency through the development and implementation of IT solutions to support Staffing.
Initiated, and managed IT projects to coordinate IT resources for systems development. Provided help desk support for users
nationwide. Developed and delivered training on systems and methods and procedures. Led cross-functional development and
implementation efforts to integrate and improve systems in other business areas. Performed data analysis and reporting using MS
Access and Excel.
* Developed entire suite of web-based Staffing tools for SBC saving over $1 million dollars in outsourcing costs.
* Reduced resume processing time by 50% reducing costs $300,000 annually.
* Reduced candidate response costs by 50% and improved processing efficiency saving $100,000 annually.
* Reduced Staffing requisition processing time 100% saving $600,000 annually.
* Reduced Staffing new employee training time by 50% saving $500,000 annually.
EDUCATION, CERTIFICATION & ASSOCIATIONS
St. Mary's University, San Antonio, TX
Bachelor's Degree - B.B.A. – Magna Cum Laude
3
Tim Hannie Page
* Certified Information Systems Auditor (CISA)
* Information Systems Audit and Control Association (ISACA) – Member