Director of Internal Control and SOX Compliance
Resume:
ZJ SHEN
adchjm@r.postjobfree.com
QUALIFICATIONS
● CPA Certified - Active
● Big-4 experience conducting Internal Audit, SOX, SSAE 18 (SOC 1) and Regulatory Compliance Audit
● Over fifteen years of experience in a variety of industries, including high-tech, financial and insurance companies with emphasis on financial, SOX, operational, IT and compliance audits.
● Excellent combination of public and private industry auditing experience - ability to learn and adapt to any industry in a short amount of time
● Extensive experience in risk and control environment assessment
● Solid education in both accounting and information system
● Excellent combination of auditing/accounting and analytic skills WORK EXPERIENCE
NOV’14 – AUG’19
DIRECTOR OF INTERNAL CONTROLS AND SOX COMPLIANCE
HORTONWORKS INC, SANTA CLARA (MERGED WITH CLOUDERA INC.)
● Built and developed internal control framework and compliance program from ground up, i.e. IPO stage to full SOX 404b compliance, including 9 key business cycles and 11 in-scope SOX applications for IT General Controls
● Reported to Audit Committee (AC) chairman monthly for updates on SOX 404b compliance efforts and on a quarterly basis to AC board for regular compliance reporting
● Worked closely with external auditors on controls assessment, process walkthrough, risk assessment, materiality threshold, new accounting guidance, etc.
● Prepared internal control assessment memos over various issues identified by management or external auditors to determine the severity of issues, i.e. material weakness, significant deficiency, or deficiency
● Worked closely with Chief Accounting Officer (CAO) and Audit Committee on significant issues identified and remediation efforts
● Assisted CAO with accounting policy administration and quarterly certifications to support SEC 302 and 906 certifications
● Performed internal audit of business areas with high complexity and risk, e.g. commission management and calculation; revamped the commission process by making process enhancements and moved commissions team from sales operations to accounting/finance for enhanced process/control oversight and more accurate accounting reporting
● Built close relationships with key SOX business stakeholders to help drive change and enhancements in business processes, train business units to have control mindsets, and educate teams on SOX compliance requirements, etc.
● Implemented SOX tool to drive efficiency in the documentation of SOX workpaper and testing
1
● Managed a global team of three direct reports, including IT, business and financial auditors/managers, along with external professional consultants SEP’13 – NOV’14
INTERNAL AUDIT / SOX MANAGER
ECHELON CORPORATION, SAN JOSE
● Directly reported to the Audit Committee SOX internal control risk assessments, testing status, and tracking of issues on a quarterly basis.
● Assessed company’s internal controls under the COSO 2013 framework by performing gap analysis and mapping entity level and process level controls to the principles and key components of the framework; identify ITGC controls that support the consistent operation of automated controls; and assess management review controls to establish sufficiency of design and documentation.
● Solely responsible for the annual SOX program by performing the SOX risk assessment using the top-down approach; conducted quarterly SOX key control testing; process walkthroughs; evaluated controls to eliminate redundant or low risk controls to streamline the SOX program.
● Responsible for quarterly reporting to Audit Committee on SOX compliance and testing results, prepared Audit Committee schedule and work plan, reported and tracked open exception items.
● Supported the annual planning activities and quarterly expense review/re-forecast activities for the company’s shared organization, including Operations, Corporate Marketing, Finance, Legal and General and Administrative departments; research on significant variances between the actual versus budget spending results.
● Drived Conflict Minerals compliance project by researching requirements and responsible for implementing an ongoing compliance program by working cross-functionally with Corporate Quality, Legal, and External Reporting groups; identified products/parts and the key contract manufacturers that use the 3TG (conflict minerals) in manufacturing process; monitored and tracked EICC survey results; oversaw the preparation and filing of SEC form SD for compliance. APR’09 – AUG’13
SR. MANAGER, FINANCIAL COMPLIANCE
BLUE SHIELD OF CALIFORNIA, SAN FRANCISCO
● Developed annual risk assessment for the SOX program to ensure that the key controls identified provide reasonable assurance that the company has adequate coverage in all material aspects.
● Team lead for SOX reviews in the financial and operational areas such as financial close, investments, treasury and cash management, accounts payable, payroll, human resource, claims processing, ITGC, change management, etc. for the parent company and its subsidiary.
● Trained staff on understanding business processes, identifying controls and testing of control design and effectiveness. Managed staff by assigning audit work and monitoring actual vs. budgeted time to ensure the work is progressing as planned and within budget.
● Managed SSAE 18 SOC 1 (formerly SAS 70) audit engagement teams with approximately 60 stakeholders and subject matter experts from various levels of management within business units as well as third party service providers for timely and 2
accurate deliverables to ensure effective audit execution. Additionally, served as the liaison between the business units and the auditors to identify controls to mitigate risks and help resolve issues.
● Developed process analysis documentation, flows, and risk control matrices for the operational and financial areas, as well as continued enhancement of these processes to ensure accurate reflection of the current business process and controls. Make recommendations to process owners on the development and implementation of new controls, where applicable.
● Partnered with process owners to assess various business areas and help educate, design and implement controls to mitigate potential risks.
● Liaison between the external auditors and the Controller’s group during the annual financial audit and the regulatory audit to ensure smooth audit execution.
● Developed SOX audit plan, resource allocation/utilization, and prepared reports to the Steering and Audit Committees.
● Conducted internal audits such as treasury and investments and medical loss ratio
(regulatory compliance) and ITGC controls testing. AUG’04 – MAR’09
SUPERVISING SENIOR ASSOCIATE, INTERNAL AUDIT, RISK AND COMPLIANCE SERVICES
KPMG LLP, SAN FRANCISCO
● Project lead for Sarbanes-Oxley engagements for major healthcare client, large financial institutions, leading high-tech SaaS client and biotech clients, which entailed following responsibilities:
Assisting clients with the identification of key business and general computer application controls and risks,
Documenting process analysis flows and narratives,
Developed risk control matrices,
Assessing and evaluating internal control environment,
Scoping of key business processes,
Performing testing and documentation of internal controls, and
Making recommendations to enhance existing controls and/or mitigate risks.
● Trained and managed audit teams of 1 – 4 staff on internal audit and SOX engagements. Provided guidance on audit approaches, business process walkthroughs and evaluations, control design and test of effectiveness.
● Developed process analysis documentation flows and control matrices for business processes such as financial reporting, commercial claims, claims incurred but not yet recorded, accounts receivable, procurement, accounts payable, payroll, human resources, treasury and cash management, etc.
● Utilized a risk-based, process-focused approach for internal audit and regulatory compliance reviews of the following business areas: commercial claims, trust, cash management, accounts payable, loan servicing, deposit service, branch operations support, wire processing, electronic banking operations, bank branch audits, Bank Secrecy Act (BSA), Regulation W - Affiliate Transactions, and NACHA (National Automated Clearing House Association).
● Assisted in the preparation and review of financial statements for compliance with GAAP and Statutory accounting requirements.
3
JAN’98 – JUL’04
AUDIT MANAGER, INTERNAL AUDIT
AXA FINANCIAL, NEW YORK
● Developed control matrices on trusts, mutual funds, and real estate audits to identify the various objectives, risk factors, and control activities in place.
● Performed control assessment and tested compliance of Broker/Dealer operations, such as control services, with prescribed policies and procedures.
● Performed analytical review procedures on financial statements to ensure consistency with general economic conditions and/or management’s corporate objectives.
● Analyzed and reviewed client valuations for investments in equity securities, bonds, and real estate.
● Evaluated efficiency and effectiveness of managerial and operational controls and provided recommendations for improvement.
● Assisted in the preparation of subsidiary financial statements and reviewed such financial statements for compliance with GAAP and other regulatory requirements.
● Planned, supervised and administered responsibilities within engagements and between concurrent engagements at multiple locations.
● Trained and reviewed staffs’ work for various engagements. EDUCATION
Bernard Baruch College, Zicklin School of Business Bachelor of Business Administration in Accounting and Computer Information Systems – Dean’s List
Carnegie Mellon University
Chemical Engineering
SKILLS
Working / Operating Knowledge of:
● ERP System: Oracle Netsuite, SFDC, Xactly, OpenAir, Workday
● Microsoft Office: Word, Excel, Access, PowerPoint, Visio Flowchart
● Auditing/Analytical Software: AuditBoard (aka SOXHub), TeamMate, ACL
● Project Software: SmartSheet, Microsoft Project
LANGUAGE
Fluent in written and conversational Chinese (Mandarin) ACTIVITIES
Member of the Institute of Internal Auditor (IIA)
4
Contact this candidate