Internal Controls Risk Management

FESSEHA MULUGETA

Charlotte, NC

704-***-****

******************@*****.***

PROFESSIONAL SUMMARY

Detail-oriented Internal Auditor with a robust background in Information Security governance, risk management, and internal audit compliance. With over 4 years of experience in evaluating internal controls audit templates and processes and collaborating with management to identify areas for enhancement. Proficient in evaluating internal controls and compliance with regulations such as SOX, COSO, and NIST. Expertise in conducting risk assessments, audit preparation, and developing remediation plans for compliance findings. Recognized for building strong relationships with stakeholders across technology, finance, and operations to enhance internal processes and foster a culture of accountability.

SKILLS

● Internal Controls Implementation

● SOX Control Testing & Documentation

● Internal Control Frameworks (COSO)

● Risk Assessment & Management

● Audit Preparation & Compliance Auditing

● Policy Development & Management

● Regulatory Compliance (SOX, HIPAA, GDPR)

● IT General Controls (ITGC)

● Vendor Risk Management

● Strong Analytical & Critical Thinking Skills

● Project Management

● Excellent Written & Verbal Communication

EXPERIENCE

GRC and Audit Analyst Cognosante Inc, Amerisource Charlotte, NC Jan 2017 – Jan 2024

● Spearheaded planning and execution of regulatory audits, facilitating seamless communication between the Audit Committee and government bodies, improving audit efficiency by 20% and reducing review time by 15%.

● Spearheaded the formalization and execution of compliance frameworks, including NIST SP 800-53, FedRAMP, HITRUST, and FISMA, achieving successful Authority to Operate (ATO) certifications for 4 federal agencies at both moderate and high impact levels.

● Developed training materials that addressed commercial business processes specifically related to fraud risk mitigation; achieved a 90% completion rate among finance employees in understanding vital controls and procedures.

● Led a comprehensive review of internal controls for the Audit Committee, identifying non-compliance with government regulations, which led to a 25% improvement in regulatory adherence.

● Collaborated with internal and external partners to ensure compliance with regulatory requirements, resulting in zero non-compliance issues during audits.

● Coordinated the tracking and reporting of project status, milestones, and potential roadblocks, effectively managing multiple competing priorities.

● Executed comprehensive audits of operational systems ensuring alignment with CPA standards, which resulted in a significant reduction of compliance-related findings by over 35%, strengthening overall organizational integrity..

● Developed a strategic plan for addressing deficiencies in compliance with laws and government regulations, enhancing organizational transparency and reducing audit issues by 40% within six months.

● Partnered with control and process owners to develop remediation plans for identified findings and implemented process improvements that reduced compliance gaps by 30%.

● Created risk assessments and compliance analysis reports to communicate risks and insights to senior management, driving informed decision-making.

Risk and Compliance Analyst Cognosante Inc, Amerisource Charlotte, NC Jan 2014 – Jan 2017

● Conducted thorough compliance audits, identifying and mitigating 15 high-risk areas by implementing tailored action plans aligned with NIST and ISO 27001 standards, resulting in 30 resolved compliance issues.

● Conducted comprehensive compliance audits that identified and mitigated high-risk areas, implementing action plans aligned with NIST and ISO 27001 standards.

● Enhanced risk assessment protocols by collaborating with cross-functional teams, leading to a significant decrease in compliance violations.

● Developed training programs on compliance and internal controls for employees, achieving high satisfaction rates and improved knowledge retention.

● Monitored compliance metrics and generated detailed reports for senior management, improving visibility into risk exposure and reducing audit preparation time by 3 weeks.

● Implemented an automated compliance tracking system using GRC software, enhancing audit readiness and documentation accuracy.

EDUCATION

PhD in Public Administration

Northcentral University San Diego. CA (Expected 2025) M.D in Human Services Counseling

Liberty University California, MD

Bachelor’s Degree in Business Analysis

UNC Charlotte Charlotte, NC

Bachelor’s Degree in Bible and Theology

Global University Springfield, VT

CERTIFICATIONS

Certified in Risk and Information Systems Control (CRISC) - In-view Certified information Systems Auditor (CISA)

Power BI Developer (Colaberry School of Data Analytics) TECHNICAL ACUMEN & FRAMEWORKS

Governance Risk and Compliance (GRC) Software: ServiceNow, RSA Archer. Productivity Tools: Google Suites and Microsoft Office Tools (MS Word, Excel, PowerPoint), Power BI Standards & Frameworks: ISO 27001, NIST, COBIT, SOX, GDPR, HIPAA, PCI DSS, SOC 2, ITIL, COSO

Contact this candidate