Risk Management Internal Controls
Resume:
Brandon Motangu
New Albany, Ohio ***** *********@*****.*** 614-***-****
PROFESSIONAL SUMMARY
Experienced IT Auditor with a strong background in overseeing complex audit projects, managing audit teams, and evaluating risk management and internal controls. Adept at developing audit plans, executing evaluations of IT security frameworks, and maintaining effective client relationships. Seeking leverage expertise in IT risk management, governance frameworks, and audit processes to contribute to continued success.
PROFESSIONAL EXPERIENCE
Sr It Audit
Perika Technologies – Houston Texas
October 2022– Present
Creates and manages a sustainable process to manage ongoing responsibilities associated with the SOX and PCI compliance audit using COSO and COBIT frameworks.
Trains leadership of relevant business units regarding ownership of their processes.
Performs review of business processes to identify risk and recommend mitigating controls.
Examines Cyber Security controls, testing preventive, corrective, detective, and compensating controls.
Conducts Test of Design (ToD) and Test of Operating Effectiveness (ToE) to evaluate control effectiveness and identify areas for improvement.
Oversee day-to-day auditing functions for large, complex audit projects, ensuring they are conducted in accordance with Lowe’s auditing methodology and completed within project timelines and key milestones.
Leads the execution of preliminary audit plans, reviewing and approving process documentation via process maps, flowcharts, and workpaper standards.
Ensures that all in-scope risks and controls are identified during the planning phase of audits, and collaborate with Senior and Staff Auditors to ensure effective testing of internal controls.
Develops comprehensive audit test steps to evaluate key control points, ensuring the adequacy and effectiveness of internal controls within business processes and IT systems.
Writes audit reports, ensuring that the quality meets the expectations of Directors and Vice Presidents, while clearly communicating findings and recommendations.
Effectively manages audit project timelines, discussing project expectations with team members, maintaining consistent communication, and addressing any issues that arise during the audit process.
Identifies development opportunities for staff auditors and recommends performance coaching to improve team effectiveness and audit quality.
Maintains strong client relationships by providing open communication throughout the audit process, addressing any potential concerns, and keeping management informed about project status and issues.
Participates in rotational committee work, including issue follow-up activities, and training coordination.
Key Achievements:
Conducted audits for large-scale IT systems, identifying key control weaknesses and recommending improvements that reduced security vulnerabilities by 20%.
Assisted in executing complex, multi-phase audit projects, ensuring thorough risk assessments and delivering valuable insights to senior management.
Enhanced audit quality by refining workpaper documentation, improving consistency and efficiency across engagements.
IT Auditor
Frost Bank – San Antonio, Texas
August 2021 – September 2022
Assisted in executing audit reviews across IT general controls (ITGC), network security, and database systems to assess their effectiveness and alignment with industry standards.
Developed and executed risk assessments, identifying key risk areas and proposing testing procedures to evaluate the adequacy of internal controls.
Supported audit teams by reviewing process flows, assessing risk management strategies, and ensuring thorough documentation of audit findings and conclusions.
Collaborated with clients and internal teams to address audit findings and recommendations, ensuring transparency and fostering stronger internal control frameworks.
Contributed to writing audit reports, documenting findings, and providing insights to clients and senior management.
Supported the Auditor in Charge by coordinating all aspects of the audit lifecycle, including risk-based planning, leading control walkthroughs, executing fieldwork, and managing issue identification and reporting, ensuring seamless project execution.
Designed and executed tailored audit procedures to verify the effectiveness of internal controls, systematically documenting processes, reviewing evidence, and identifying potential issues, ensuring alignment with project goals and timelines.
Prepared clear, organized, and complete documentation to support work performed, including draft findings, ensuring that all project deliverables met quality standards and were presented in a professional manner.
Junior IT Auditor
BICEC Bank
Yaoundé, Cameroon
June, 2020 – July, 2021
Assisted in the execution of IT audits, focusing on system access controls and data privacy.
Supported the evaluation of IT infrastructure to identify gaps and recommend process improvements.
Collaborated with the compliance team to ensure adherence to regulatory standards.
Gained hands-on experience in audit planning and the use of audit tools like Nessus.
Key Achievement: Contributed to the successful remediation of critical vulnerabilities, improving system security.
Key Achievements:
Identified critical network security vulnerabilities that led to the implementation of enhanced cybersecurity protocols, improving risk mitigation by 30%.
Delivered comprehensive reports on database security, resulting in the strengthening of data protection policies across key systems.
EDUCATION
Bachelor of Science in Information Technology / Accounting / Auditing
Catholic Technology College
December 2015
Relevant Coursework: IT Governance, IT Risk Management, Network Security, Auditing Principles, Internal Control Systems, Fraud Prevention.
CERTIFICATIONS
Certified Information Systems Auditor (CISA) – In progress
CompTIA Security +
SKILLS
Audit Project Management: Expertise in overseeing complex audit projects from inception to completion, ensuring milestones are met and audit objectives are achieved.
Risk Identification & Control Assessment: In-depth experience with identifying, assessing, and testing IT risks and controls in various business and IT environments.
IT Governance & Security Frameworks: Deep understanding of IT governance frameworks such as COBIT, NIST, and ITIL, with hands-on experience implementing best practices.
Internal Controls & ITGC: Proficient in evaluating internal controls, IT general controls, and security strategies across large IT infrastructures.
Client & Stakeholder Management: Strong communication skills for maintaining positive relationships with clients, executives, and internal stakeholders.
Technical Writing & Reporting: Advanced writing skills for drafting clear, actionable audit reports and executive presentations.
Leadership & Team Development: Experience in leading audit teams, managing workloads, and coaching staff to improve performance and skillsets.
Regulatory Compliance: Knowledge of regulatory requirements and standards relevant to IT audits, including SOX, GDPR, HIPAA, and other industry-specific regulations.
Contact this candidate