It Audit Information Technology

Enobong Udofa

IT Audit

425-***-**** ************@*****.*** Dallas, TX LinkedIn

Adept at compliance program management and reporting, recognized as a results-oriented, competitive and solution- focused individual with great interpersonal relationship, communication, analytical and Time Management skills. Poised to tackle new challenges in internal controls, regulatory compliance, and risk mitigation areas.

IT Audit & Compliance Security Audits COSO and COBIT Framework

Project Management Data Privacy

Information Security NIST Publication

SOC 1, SOC 2 SOX Compliance Audit

Technical Skills & Documents: Information Technology General Controls (ITGCs), Application Control, Unix & Linux Review, ERP Security, Policies and Procedures PROFESSIONAL EXPERIENCE

IT AUDITOR (TECHNOLOGY RISK) ERNST & YOUNG June 2022 – June 2024

Tested Access Controls, Change Management, IT Operations, and Disaster Recovery controls using COBIT and COSO Frameworks, ensuring robust security measures

Initiated and successfully concluded risk-based IT audit engagements across varied industries, overseeing the entire audit process

Expertly performed risk assessments, encompassing identification, evaluation, and documentation of IT business risks and controls, driving sound risk management

Spearheaded audits and assessments of Client Public Cloud Applications, evaluating security and compliance against regulatory requirements and industry best practices

Developed and executed audit plans, ensuring comprehensive coverage of relevant areas and meticulously reviewing documentation and procedures for cloud security control effectiveness

Conducted interviews with application teams, fostering collaboration, and synthesized audit results for reporting to senior management and external auditors

Demonstrated proficiency in auditing management software such as SharePoint and Teammate for streamlined audit processes

Evaluated IT processes and systems, identifying control gaps and providing recommendations for policy, procedure, and practice enhancements

Ensured high-quality client service, including coordinating the auditing of financial statements, disclosures, and deliverables to meet or exceed client expectations IT Audit DTT Consulting – Maryland Greenbelt January 2021– April 2022

Experience testing Access Controls, Change Management, IT Operations, and Disaster Recovery controls using NIST, COBIT and COSO Framework.

Conduct risk based IT audit engagements from initiation to closing for various clients across different industries.

Perform risk assessments, including identification, evaluation, and documentation of IT business risks and controls

ENOBONG UDOFA 425-***-**** ************@*****.*** Professional experience continues…

Created and maintained comprehensive testing support documentation, including workpapers, testing reports, and issue write-ups.

Verify that user access to the database is controlled through proper authentication methods

Test the implementation of role-based access controls to ensure that users have only the necessary permissions

Verify that sensitive data is masked or obfuscated in non-production environments.

Check for encryption mechanisms for sensitive data, both in transit and at rest

Test the organization's ability to respond to and recover from data breaches or other security incident Test the organization's ability to respond to and recover from data breaches or other security incidents

Confirm that duties related to the database, such as development, administration, and auditing, are segregated to prevent conflicts of interest and potential abuses

Evaluate the database backup and recovery procedures

Test the ability to restore the database from backups in case of data loss or system failure

Document control weakness and related testing exceptions

Review disaster recovery plans for the database and ensure they are tested periodically

Prioritize and assist in scheduling audit tests to be performed and interact with auditees to obtain necessary information.

IT Audit DTT Consulting – Maryland Greenbelt January 2019– December 2020

Conduct SOX testing, SOC SSAE 18 Review, using COBIT and COSO frameworks

Knowledge in requesting for Audit evidence (PBC's) and ensuring (PBC's) are accurate for testing

Identified internal control weaknesses and provided value added suggestions for remediation, and ensure internal control are in place to manage fraud and financial risk

Perform walkthrough and testing relating to Information Technology General Control (ITGCs) for financially related ERP systems (PeopleSoft, Oracle Financials, SAP) for various leading clients in public and private sectors

Performed Test of Design (TOD) and Test of Operating Effectiveness (TOE) evaluations for controls

Prepare and identify Corrective Action plan that recommends solution to identified finding to Senior Management and Client

Provide guidance, evaluation and advocacy on audit response

Document control weakness and related testing exceptions

Collaborate with audit teams to understand data behind key processes, risk and controls to develop analytic control tests and analyze and interpret their results.

Completed audit papers by thoroughly documenting audit tests and findings EDUCATION and CERTIFICATIONS

Bachelor of Science in Geology,

Certificate: CISA, ISACA, June 2021

Certificate: Sec +, CompTIA, March 2020

Contact this candidate