Brannaa B. Neya

Name

BRANNAA B. NEYA

Current Job Title

Senior Associate

Current Employer

Guidehouse LLP

Security Clearance(s)

Secret Clearance (SC)

Degree/Education

Bachelor of Science - Accounting, University of Maryland University College, 2010

Professional Certifications

•Certified Information System Auditor (CISA)

•Information Technology Infrastructure Library (ITIL)

Years of Experience

5+ years of audit/examination – IT Controls

13+ years of work experience

Relevant/Key Qualifications

Ms. Neya has over 13 years of general financial management of which 5 Years of IT Audit. She has technical knowledge related to IT control (Access Control, change control, Configuration management, Application Control), IT Controls reporting and process documentation mapping. Ms. Neya has obtained technical knowledge of relevant guidance and professional standards such as; Office of Management and Budget (OMB) Circulars, NIST 800-53, FISCAM, COBIT and Sox Standards.

Work History / Work Experience

Guidehouse LLP – Washington DC

October 2019 – Present – Information Technology Auditor – FEMA (DHS)

Perform assessment of Information technology General Control per NIST, FISCAM and A-123 Guidelines.

Utilizing technical expertise related to IT control (Access Control, change control, Configuration management, Application Control), IT Controls reporting and process documentation mapping.

March 2018 – October 2019 – Audit Liaison – Audit Response Branch (DOD - NAVY)

Serve as the liaison between the internal or external Auditor and the Budget Submitting Offices (BSOs), Shared Service Providers (SSP), and external agencies.

Provide oversight and guidance to BSOs on AR procedures and reporting.

Provide oversight on cross-BSO support requests and SSP sample Key Supporting Documentation (KSD) consolidation and submission.

Facilitate support of audits involving External Agencies.

Coordinate discussions between BSOs/ SSPs, and the IPA relative to Provided-by-Client (PBCs), sample responses, process walkthroughs, and site visit planning.

Organize business process overviews between FMO and the IPA.

Provide oversight of BSO lead Site Visit planning and execution.

Provide guidance related to the deliverance of Code X and personally identifiable information (PII).

Manage the Navy’s audit response process using information technology such as the Audit Response Center (ARC) Tool.

October 2018 – March 2019 – Audit Readiness (DOD- ARMY)

Developing P2S Milestone one Business Process Standardization for the US Army

Preparing Kickoff meeting while writing Overview, Narrative and Scoping document for the Plant to Stock Process standardization.

Identifying Regulations, systems and processes that align with Plant to Stock Standard.

Identifying Process Standard Team POCs and place data call for Plant to Stock

Evaluating the initial development approach for each sub-process

Evaluating NFRs/CAPs exist for the sub-processes

Tracking statuses for the maps, details, risks, controls, and supporting documentation.

Ettain Group - Wells Fargo

May 2018 – September 2018 – IT Audit readiness

Assist in the identification, coordination and testing of key IT controls relevant to SOX, SOC, PCI, and other compliance standards

Conducted an IAM Risk and Policy Management on Internal and external applications with the Goal and objective to:

Perform a control standards assessment and identity management procedures for applications not on boarded to IAM Strategic solution in an effort to manage the residual risk for application locally managing user access with continuing monitoring required through on-going EAM (Enterprise Access Management) Control standard validation.

Collected and analyzed questionnaire responses and artifacts provided provisioning, De-provisioning and Certification access controls, including information security policy Exception (ISPEM), Matters required attention (MRA), Corrective Action, Issues and Recommendation (I&R) and change requests.

Prepared and provided an Executive Summary Report of the assessment that outlined the Goal, Objectives and Scope of Mitigating Controls Assessment – Summary report of exception identified – Artifact samples collected -Risk level Assignment – Recommendations and final Mitigating Control Sign off approval by LOB and by I’AM Risk Management.

Comsystek LLC

2017 –2018 - IT Audit readiness

Performed IT controls to include Access Controls, Change controls, Application Controls, Configuration Management and Contingency planning.

Assisting client for audit readiness to identify and assess business controls, risks, process gaps and work flow inefficiencies.

Support management through risk identification, control testing and process improvement procedures.

Evaluate Test of Design through walkthroughs that include understandings, inquiry, and observation of the control and collection of evidence.

Investigate and develop audit solutions for unique and/or complex situations.

Evaluate the adequacy and timeliness of management's response and the corrective action taken on all significant weaknesses noted in audit reports.

Articulated audit findings, risks and detailed recommendations to mitigate the associated risks to Management.

Deloitte & Touche LLP

2016 –2017 – IT Operational Audit

Participated in conducting Validation and Test Resolution (VTR) for a government agency to include

IT Audit Program management.

Validation and test resolution preparation that include extracting and reviewing documentation from GRC Risk Vision for the assigned system.

Prepared the rules of engagement, system owner memorandum and VTR plan for the assigned system.

Performed Security assessment control with regard to conducting system owner interview, examining artifacts and testing evidences using NIST 800-53 and FISCAM framework.

Validate and Test Resolution Report by developing the VTR system reports, and creating POA&Ms.

Remediation Support - providing remediation guidance for the findings identified during the controls testing.

PEF Consulting

2012 –2016 - Audit Readiness

Performed assessment of IS controls as part of financial statement audit, Internal and operational audits, Attestation engagement, and Audit readiness.

Tested the design and effectiveness of internal controls by completing walk-throughs of business processes.

Conducted IT controls to include Access controls (AC), Segregation of Duties (SOD), Security Management (SM) And Security Application Controls.

Conducted testing of Sarbanes-Oxley (SOX), OMB Circular A-123 Audit and Service Organization Control (SOC) SSAE 16 Review, COBIT and FISCAM frameworks.

Documented control weaknesses and related testing exceptions.

Identified and communicate IT audit findings to senior management and client.

Documented work completed by preparing work papers.

Maintained a good working relationship with clients to enhance client satisfaction.

Performed all stages of audit, including planning; fieldwork; reporting; and follow-up.

Reviewed of IT General Controls (ITGC); Applications controls and its underlying infrastructures.

Documented clients' internal controls (both IT controls and some business cycle controls) prepared audit reports detailing results of audits and provided written recommendations to the lead for review

Simpaq, Inc.

2010 –2012 – Staff Accountant

Performed general accounting functions including preparation of journal entries, posting to General Ledger Accounts, account analysis and balance sheet reconciliations.

Reconciled vendors and inter-company general ledgers.

Prepared invoices; processed customers' credit card payments; sorted Vendors Invoice and established Check payable to them.

Posted receipts to appropriate general ledger accounts and monitored payments due from clients.

Reconciled vendor statements and handled payment complaints or discrepancies.

Capital One NA

2010 –2012 – Relationship Banker III

Manage client portfolio relationships using CRM.

Developed and implemented creative, cost effective programs which increased client retention rates by 80% compared to the prior year.

Oversaw sales forecasting, goal setting and performance reporting for all accounts.

Analyzed and reported on customer activity, business trends, and areas of concern.

SunTrust Bank, Inc.

2005 –2010 – Financial Service Rep III

Market Bank products such as commercial loans, Mortgage or Merchant account to qualified clients.

Assessed clients' financial situations to develop strategic financial planning solutions.

Collaborated with the compliance department to eliminate procedural errors and margin breaks.

Successfully acquired an average of 20 new customers per month, generating a 95% growth in revenue.

Implemented marketing strategies which resulted in 20% growth of customer base.

Contact this candidate