Adewale P. Bello CISA
312-***-**** adyo85@r.postjobfree.com Chicago, Illinois.
OBJECTIVE
To obtain a challenging position as an IT Auditor in a reputed organization where I can utilize my knowledge and skills to ensure the security and reliability of information systems.
PROFESSIONAL SUMMARY
A highly motivated and detail-oriented IT Auditor with 8+ years of experience in conducting IT audits, risk assessments, and compliance reviews. Skilled in identifying weaknesses in information systems and recommending appropriate controls to mitigate risks. Proficient in using various auditing tools and techniques to ensure the confidentiality, integrity, and availability of data. In-dept knowledge of Sarbanes-Oxley Act (SOX), SOC, HIPAA, PCIDSS, ITAC control assessment, IT General Controls (ITGC) and SAS70/SSAE16 attestation. Experience with audit framework like COBIT, COSO, NIST AND ISO. A clear and expert knowledge in all stages of audits process including planning, fieldwork, reporting, and follow-up. Dedicated to maintaining up-to-date knowledge of industry standards and best practices.
CERTIFICATION
Certified Information Systems Auditor (CISA).
Certified SAFe 5.0 Scrum Master (SSM).
CORE STRENGTH AND TECHNICAL SKILLS
SOX Audit
RMF
Disaster Recovery Plan
NIST 800 SERIES
FISMA
FEdRAM
ISO 27001
Audit report preparation
IT General Controls
Business Continuity
Policies & Procedures
Implementation Reviews
Information security
Security Plan Review
Data Privacy
Issue Remediation
Audit program development
Data analysis
PROFESSIONAL EXPERIENCE
LAUTERBACH & AMEN LLP, NAPERVILLE, ILL. Jan 2020 till present
IT Auditor / Compliance Consultant
Perform testing over IT controls and PCI compliance initiatives in a matrixed operating environment. Partner with key application owners to identify gaps in their applications relevant IT General Control, automated business (application) controls, and PCI compliance.
Actively participate in conducting IT controls audit and review related compliance with section 404 of the Sarbanes-Oxley Act and test the adequacy of internal control in change management, Access Controls to programs and Data systems, Information Technology Operations, Program Development-System Development life cycle, Third party/Vendor Risk Management.
Conduct testing of Sarbanes-Oxley (SOX), OMB Circular A-123 Audit and services Organization Control (SOC) SSAE 16 Review using COBIT and FISCAM frameworks.
Effectively perform and document audit activities in accordance with the Professional standards and the Internal Audit Departments audit methodology.
Assists IT leadership with identification of key IT risks and quantification of potentials impact to the business.
Assist with the SOX compliance audit program, including walkthroughs, IT general Control (ITGC), IT application control (ITAC) and key reports testing.
Prepare IT Audit universe and assist Division Manager of Internal Audit in Preparation of annual audit plan based on Risk Assessment.
Understanding of IT audit standards and frameworks (e.g., COSO, COBIT, ISO27001 and NIST) and data security and privacy regulations (e.g., PCI, SOC, SOX, HIPAA).
INSPIUM DIGITAL, ATLANTA, GEORGIA. Feb 2015 – Nov 2019
Senior IT Auditor
Conducted IT audits to evaluate the effectiveness of information systems, including security, accuracy, and completeness.
Performed risk assessments to identify potential threats and vulnerabilities in information systems and recommended appropriate controls to mitigate risks.
Conducted compliance reviews to ensure compliance with industry standards, laws, and regulations.
Developed and maintained audit programs, procedures, and checklists to ensure consistency and completeness of audits.
Prepared audit reports and presented findings and recommendations to management and stakeholders.
Coordinated with IT and business units to ensure timely implementation of audit recommendations.
Conducted follow-up audits to ensure the effectiveness of implemented controls.
Participated in the development and implementation of IT policies and procedures.
Conducted training sessions for IT and business units on IT audit best practices.
JUSHAD OIL AND GAS NIG LTD Jan 2011 –Dec 2014
Governance risk and Compliance Consultant
Communicates with the company’s external auditors on general computer control, related matters and SOX test procedures.
Facilitate and lead working sessions with key applicant owners, project managers IT peers to help education on IT general controls and compliance initiatives. Also evaluating projects for potential impacts to ITGCs.
Working knowledge of relevant technologies (e.g., SAP, Oracle, MS SQL databases, Windows and UNIX/LINUX platforms, Cloud computing, voice, and data networks.
Successfully executed all phases of the audit process for moderately complex projects as required by frameworks and relevant Standards guidelines for work paper documentation such as COBID, NIST, and COSO.
Experience evaluating and/or implementing compliance programs for ISO27001, SOC2, SOX, and / or PCIDSS.
Elevate risks in a timely and appropriate manner and facilitate regular risk reviews documenting impact and likelihood, owner mitigation steps.
KPMG PROFESSIONAL SERVICES, LAGOS NIGERIA. AUG 2007 – DEC 2010
FINANCIAL AUDITOR AND ANALYST.
Analysed information provided by the client, reviewed business processes and systems of internal controls.
Co-ordinating and directing of subordinate on the team, made recommendations on improving internal controls which were duly implemented and appreciated.
Participated in special reviews and investigations including verification of assets under construction and payments to contractors.
Identifying areas for improving the accounting, internal control and operational efficiency of the client through the performance of test of controls.
Performing tests of completeness, existence and accuracy of Revenue, Fixed Assets, Accounts Receivables, Payroll, WHT, VAT, Accruals and other liabilities, Exchange difference and operating expenses.
Preparation of audit programs, circularization letters to banks, debtors and creditors, company secretaries and solicitors of the client in order to obtain third party confirmation.
EDUCATION
BSc Electronics and Computer Engineering Lagos State University Nigeria