Suleiman Musa
Birmingham, AL ***** Phone: 205-***-**** Email: *********@*****.***
SUMMARY
ITGCs, ITAC, Risk-Based audits, Risk Assessment; Policies, Standards and Procedures, Walkthrough, IT Infrastructure, SOX, Disaster Recovery, SOC1 Type 2, SSAE 18 review, SOC 1, 2 & 3 testing, PCI DSS, Cloud Computing and Cybersecurity audits.
EXPERIENCE
Cadence Bank
04/2020 - Present Senior IT Auditor
Assist in the development, and completion of a comprehensive risk based, internal audit plan, including IT SOX compliance testing.
Plan, scope and develop specific audit programs that conform to established Internal Audit Department policies, standards and procedures.
Perform Information Technology (ITGCs) and IT Application controls (ITAC) testing to establish the design appropriateness and operating effectiveness.
Engage in multiple audits and special projects simultaneously, most with dedicated teams responsible for execution.
Ensure the quality of all internal audit work complies with Internal Audit Department Charter, established policies and procedures, and established professional standards.
Prepare and review reports of audit results with business unit management.
Work with managers of various business units to coordinate responses and review action plans, as necessary, to respond to deficiencies and/or recommendations noted from internal, external audits, regulatory examinations, as well as deficiencies self-identified by the business.
Develop a trusted partner’s relationship with business unit management by providing value-added services and proactive strategic advice to the business unit management beyond the effective and efficient execution of the audit plan.
Execute IT infrastructure testing – Operating System, Active Directory, Server and Databases (SQL, DB2 & Oracle)
Through continuous education, maintain and improve knowledge of corporate governance, risk management, internal controls, and internal audit processes.
Perform IT security testing, technology control processes, PCI DSS compliance, SOC I, II and III, SSAE 18 and working knowledge of GDPR regulations.
Cadence Bank
03/2017 – 04/2020 IT Auditor
Execute SailPoint control testing – New user/provisioning, terminated users/deprovisioning and certification.
Perform post-implementation review of management's work, assessing the design adequacy and the operating effectiveness of the SDLC phases, identifying risks and gaps in the implementations, cascading issues, and recommendations to appropriate stakeholders.
Execute RACF and ACF 2 tools testing as part of Mainframe system.
Conduct cloud computing audit testing security access control, encryption, compatibility, confidentiality, integrity, and availability.
Execute cyber security/Information Security control testing to determine preventive, detective, corrective, and compensating control within the enterprise.
Perform SOX and PCI Compliance audits. Execute Service Organization Control (SOC I, II and III) testing and review (SOC I Type II, now SSAE18 Review,) using COBIT and COBIT frameworks.
Develop a good working relationship with the business leadership and colleagues to improve the audit experience by the business units.
Perform Infrastructure testing Databases, Operating System, Servers, and Network devices (Firewalls, Routers, Switches, Hubs, and Remedy Ticketing Systems).
Identify and communicate IT audit control weaknesses to senior management and audit manager.
Document work completed by preparing detail work papers for management review.
Good knowledge of ERP systems control testing – SAP and Oracle Financials.
Engage in all phases of IT audit process -planning, execution, reporting and follow-up as needed.
Sound understanding of business processes and testing of relevant internal controls.
Execute vendor management audit both local and international.
Ecobank Transnational Incorporated
10/2007 – 02/2016 Internal Control Analyst
Acted as the first line of defense, responsible for the primary controls within the bank, focusing on Operational, Compliance, and Regulatory risks.
Ensured compliance with key controls inherent in new policy and products of the bank.
Daily monitoring and review of account opening documentation in line with CBN KYC/KYCB policy.
Periodic review and assurance for a timely rendition of branch regulatory returns.
Trained branch staff members to reinforce compliance issues as and when required.
Streamlined the credit verification process to improve accuracy and reduce response time to customers.
Performed random sample checks on sourcing patterns to ensure business is delivered within banks set parameters.
Ensured that new processes are tested and covered from a control’s perspective and added to the controls scope as needed.
Conducted thorough reviews of ongoing processes for process improvement.
Ensured system accesses are aligned as per department security level.
EDUCATION
2001 – 2006 OBAFEMI AWOLOWO UNIVERSITY BS, Accounting and Management
SKILLS Access, Power Point, MS Project. Teammate, SharePoint, COSO/COBIT and SOX.
CERTIFICATION Certified Information System Auditor (CISA), 2021