Fuseini Alhassan, CISA
Dallas, TX Tel: 469-***-**** Email: admj24@r.postjobfree.com
Professional Summary
IT Auditor with 4 years’ experience in internal audit, experience in the planning, performing and reporting of internal audit procedures. Understanding of ITGC and ITAC over Access, Security, Change and IT Operation management (including Backup, Batch Jobs and SOC Review) procedures Experienced in Enterprise Risk Management, Business and Process Audit, and Internal audit. Experienced in policy and procedure reviews, Operational and Compliance audit.
Education & Certification
Certified Information Systems Auditor (CISA)
Certified in Risk and Information Systems Control (CRISC) – In Process
BSc Building Technology, KNUST, Kumasi - Ghana
Skills
• Risk Assessment • ERP Applications: Oracle Financials, SAP, Peoplesoft
• Operating Systems: Windows, LINUX, UNIX/AIX • Tools: MS Office Suite, Visio, Auto Audit, Teammate
• Databases: MYSQL, DB2, Oracle SQL • Regulations: SOX, HIPPA, GAAS
• Network Devices: Firewalls, Routers. Anti-viruses • Framework: COBIT, COSO, NIST, ISO
Work Experience
IT Auditor Jan 2019 – Present
4 Square IT Consulting Houston, TX
Prepare risk assessments; determine objectives and scope of audits
Develop audit programs, perform walk through, plan and utilize data analytics as appropriate
Ensure policies and procedures are implemented and processes are well documented and also performed internal reviews which identified compliance problems that called for formal attention
Provide day-to-day execution of internal audit engagements and projects such as SOX, compliance audit, and operational audit
Liaise with external auditors during annual audit and ensured that deficiencies are re-mediated in timely manner before follow up
Review controls around Administrative, Technical and physical safeguards as related to HIPPA compliance
Review of IT General Controls (ITGC) and various applications, databases and operating systems
Extensive knowledge of ERP systems (SAP and PeopleSoft), Microsoft Dynamics, and NetSuite
Participate in all phases of IT Audit – Planning, Fieldwork and Follow up using applicable framework. COBIT, COSO, NIST and prepare appropriate testing Matrix
Perform Audit of IT Infrastructure and applicable Database- Operating System, UNIX, SQL, Oracle and DB2
Performs audit tests and prepares work papers which document work performed and conclusions reached
Prepares summary memoranda, closing conference agenda, planning meeting memos, etc., that accurately describes results of tests performed, the nature of control weaknesses and exposures and identify practical recommendations for improvements
Documents and evaluates as part of audit projects assignments, the internal controls present in the manual and automated systems being reviewed, identifying internal control strengths and weaknesses
Perform SOC Reports audits, special projects such as RPA risk assessment, Vendor Management Audit and Control Mapping.
Performed Business process audits such as Journal Ledger Audits, SAP Configuration Audits and Conflict of Interest Audits.
Staff IT Auditor June 2017 to Jan 2019
4 Square IT Consulting, Houston TX
Assisted in the execution of the annual internal audit plan as directed and preparing reports to communicate audit results to management and making recommendations as appropriate.
Assisted in coordinating the improvement recommendations with external parties and liaising with accounting and finance staff to implement changes.
Performed infrastructure audit - O/S, active directory, server, and databases etc.
Assisted in evaluating the IT infrastructure in terms of risks to the organization and establishing controls to mitigate loss.
Performed IT general controls audit and IT application controls testing and risk-based IT audits in core IT functions.
Provided independent audit support in conjunction with the company SOX 404 assessment.
Assisted in testing and documenting the financial and information systems for data integrity and quality.
Assisted in the preparation and periodic review of a comprehensive company risk assessment.
Business Analyst Jan 2015 to May 2017
Eni Ghana Exploration and Production Ltd
Ensured all artifacts complied with SDLC Policies and guidelines.
Led two projects implementing a more robust, electronic documentation management system, one for the SAP service area and the other for the global IT Quality Services group.
Prepared written recommendations for changes and improvements which resulted in new contract.
Identified alternatives in context of business opportunity and business processes.
Assisted in creating project scopes by preparing Work Breakdown Structure (WBS) for the project team by using context diagrams and case models.
Managed multiple projects by working closely with project sponsors and stakeholders to ensure project objectives and deadlines are met.
Performed requirements elicitation via interviews & workshop facilitation.
Documented functional & technical requirements based on the business requirements using structured techniques.
Partnered with cross functional teams to create, edit, revise, and design policy and procedure documentation required by IT Quality Assurance.
Created user guides, FAQs, quick start guides, and training materials as appropriate.
Maintained related documentation and provide implementation training as well as on-going application support.
CISA, CISM, CRISC, CISSP, CPA or CIA, IIA, Windows, UNIX, AIX, Oracle, SQL, DB2, ISACA, SOX, SOC, ITGC, HIPPA, GAAS, RPA, ICFR, IT, NIST, PCI, HITRUST, SAP, ACL, SSAE, IPPF, ACAMS, CFA, CFE, IAD, CFE