Nana Yeboah

Columbus, Ohio / 614-***-**** / ad0woo@r.postjobfree.com

CISA ISACA member SCRUM MASTER IT AUDITOR

SUMMARY OF QUALIFICATIONS

Certified IT Auditor with over five years of experience in performing audits for Federal and Commercial agencies using SOX, SOC, HIPAA, SSAE 18, and FISCAM.

SKILLS

●Microsoft Office

●Microsoft SharePoint/ShareDrive

●RISK management

●ITGC controls

●Active Directory

●ServiceNow

●Excellent Leadership

●Cobit, ISO-27001,COSO, SOC

●FISCAM, FISMA, OMB A-123

●Excellent teaching skills

●Excellent Communication

CERTIFICATION

International SCRUM Master

Certified Information Systems Auditor (CISA)

EXPERIENCE

IT Senior Auditor

First Financial Bank April 2023 - present

●Performed security assessments and risk advisory services based on the client's business objectives and according to contracts.

●Assesses the ITGCs using best practices and audit guidelines in compliance with NIST800-53, COSO, and COBIT standards.

●Evaluate the organization's project management policies and practices.

●Utilized company’s Active Directory to ensure process access request.

●Performed daily monitoring for appropriate access controls, verified integrity and availability of all hardware, server resources, systems, and key processes.

●Utilize data analytics tools to streamline audit processes.

●Communicated with IT and Business Management on issues remediation, process, and control improvements.

●Conduct audit follow-up to evaluate whether risks have been sufficiently addressed.

●Conduct audit in accordance-with IS audit standards and a risk-based IS audit strategy

Lead Tech Risk Consultant

Department of Homeland Security August 2022 - January 2023 ( contract)

●Lead weekly corporate communications between stakeholders, key partners and support team to gather facts and information on workflow (i.e which controls can be assessed depending on remediation status.)

●Performed integrated audits requiring technical skills for evaluating network and application development and compliance with corporate security policies from planning phase to completion, also used OMB Circular A-123, FISCAM in performing audits.

●Provided scheduling support by scheduling meetings/appointments, writing/drafting/distributing meeting minutes and agenda, following up on action items, using MS Office Suits

●Performed and tested ITGC and Application Controls using FISCAM, SSAE 18, and NIST 800-53r4

●Engaged with the IT team to identify and resolve client issues discovered during the Audit and Review process.

●Performed quality assurance review of assessment forms to ensure documentation meets standards

●Assisted with walk-throughs and held meetings with clients to discuss areas to be tested: Access Control, Configuration Management and Contingency Planning, and Security training.

●Lead and execute audit life cycle according to DHS standards

●Facilitates in all sprint planning meeting, daily stand-up meeting, sprint review meeting, sprint retrospective meeting, and refining product backlog

Lead Auditor

PWC October 2021 - June 2022

●Assisted with walkthroughs and held meetings with clients to discuss scope of engagement .

●Gathered RFI’s to conduct quality auditing.

●Prepared and completed EGA’s per assigned systems.

●Work with the IT management team to evaluate controls, perform assessments, monitor regulations, and ensure company compliance.

●Addressed gaps and non-compliance for multiple projects by analyzing data security controls to identify weaknesses and design strategies

●Create pivot tables to support data analysis

●Used ServiceNow to pull evidence needed for specific control

●Reviewed ITGC testing conducted by offshore team

Staff Auditor team

KPMG May 2021- October 2021(contract)

●Documented test of design (TOD) for offshore team

● Testing and Documentation of key SOX and IT General controls leveraging a defined process compliance monitoring process

●Using KPMG framework to test general controls

●Prepared for walkthroughs with client

●Gathered evidence from POC

●Assisted with team building

●Worked with the IT management team to evaluate controls, performed assessments, monitored regulations, and worked with auditors to ensure company compliance.

●Conducted SOC Reports(1&2)

Associate Auditor

Clickhouse Consulting Jan 2018 - May 2021

●Performed and tested ITGC and Application Controls using COSO, FISCAM, HIPAA, SSAE 18, and NIST 800-53r4.

●Perform audits on UNIX, Windows, Mainframe, other IT Infrastructures and Disaster Recovery.

●Managed the PBC’s and PBC List for the audit team.

●Assisted in Developing audit plans and programs to evaluate control areas on projects such as financial statement audit, SOX testing, SOC, COBIT, and FISCAM.

●Tested ITGC (Access, Change Management, Contingency Planning) controls and Application controls using FISCAM framework.

●Worked with the engagement team to identify and resolve client issues discovered during the Audit and Review Process.

●Maintain a good working relationship with clients to enhance customer satisfaction and work with client management and staff at all levels to perform Audit Services.

Contact this candidate