RUTH ANN KRUPP, CISA
Wantagh, New York 11793
516-***-****, acqdo6@r.postjobfree.com
SUMMARY
Managed and performed many IT General Controls for Sarbanes Oxley, IT Security Audits, and Internal Audit integrated reviews. This included testing of system access, change management, application development, disaster recovery, and computer operations/server controls.
KEY RESULTS
Some of the significant results are:
Participated in joint financial reviews. As a result, key financial systems were backed up off-site.
Completed the IT Security Review of the automation project for the NYC Transit’s Metro Card. From our review, security controls were implemented that reduced the potential for fraud.
Designed and developed the IT budget/risk assessments for all projects relating to data centers, security and operating software, and application systems
Identified IT risks and developed recommendations for mitigating the risks in compliance with COBIT, resulting in additional controls over the key financial and Windows Operating Systems,
Participated in the disaster recovery test off-site in New Jersey. As a result of our review, management upgraded the contract to support the entire banking network.
EXPERIENCE:
2007- Present MADISON DAVIS – TECHNOLOGY AUDIT CONSULTANT
2004- 2007 JEFFERSON WELLS - TECHNOLOGY PROFESSIONAL
Created IT Sarbanes-Oxley business process narratives and flowcharts, completed and tested risk control matrices, and supported the client on IT key controls requirements.
Completed business continuity and security reviews of application systems, for both in-house and out-sourced systems. (at financial services firms and the state government )
Acted as a liaison between Technology and Business Management. Developed data analysis reports for both business and audit review.
Identified IT risks and developed recommendations for mitigating the risks in compliance with COBIT and GAAP, resulting in additional controls over key financial applications.
2000- INSURANCE SERVICES OFFICE
2004 SENIOR TECHNOLOGY AUDITOR
Participated in technical reviews of Internet, Database, and Data Center Operations. From the Internet review, Network Operations can now monitor the status of the Firewall.
Participated in joint reviews with financial auditors for reviewing newly acquired businesses. From a recent review, management implemented our suggestions for consulting services, back-up and recovery, and server administration.
Completed the audit of the Payroll, Location, ClaimSearch Security, and EFT systems. All of our security and control recommendations were implemented to reduce the potential for fraud.
Assisted in evaluating potential risks and modifying the annual audit strategic plan.
RUTH ANN KRUPP
1997- METROPOLITAN TRANSPORTATION AUTHORITY
2000 SENIOR TECHNOLOGY AUDITOR
Participated in reviews of the Internet, Local Area Networks, and the Data Center
Disaster Recovery Drill. From our review, CyberCop monitor software was installed.
Completed the review of various automation projects for the NYC Transit’s MetroCard. As a result of our review, management was able to add security controls to reduce financial fraud.
Evaluated the security for both LIRR and NYC Transit vending machine to ensure PIN compliance with either NYCE or FDMS. Assisted in training the audit personnel in security
1995 - EMIGRANT SAVINGS BANK
1997SENIOR EDP AUDITOR
Participated in the disaster recovery test off-site in New Jersey. As a result of our review, management upgraded the contract to support the entire banking network.
Completed audits of the data center and technical support areas.
1992- NYC CONTROLLER
1995 EDP AUDIT SUPERVISOR
Supervised EDP Audit Staff of three employees in audits of data centers.
Produced computerized reports for the Financial Auditors to help them analyze systems, such as the Foster Care System, for closed cases.
Participated in the Health Data Sciences’ implementation of the clinical health care system at Jacobi Hospital, in compliance with HIPAA.
1985 - CITIBANK
1992IT AUDIT/ASSISTANT VICE PRESIDENT
Supervised EDP Audit Staff of three employees in the audits of data centers, security software, data bases, operating system software, and applications systems.
Provided consulting services for the implementation of new systems, such as Accounts Receivable, Insurance, Integrated Payment Products, and Landmark Money Market System.
Designed and developed the EDP budget/risk assessments for all projects relating to data centers, security and operating software, and application systems.
Developed the integrated approach with the financial auditors to include them during the development of new systems. In addition, developed a test strategy for each new system.
CLIENTS SEGMENTS SERVED
Global Investment/Savings Banks
Insurance Property Casualty Industries
State and Local Government Sectors
Public Hospital and Transportation Industries
COMPUTER EXPERIENCE
WINDOWS 2003, SAP R/3, SQL, ORACLE, DB2, FIREWALLS, UNIX, VISIO, ACL, and
MICROSOFT OFFICE PRODUCTS.
EDUCATION:
Long Island University - M.B.A. in Business Administration
St. John's University - B.A. in Mathematics