- Coordinated with stakeholders and performed audit on departments.
- Determined audit scopes, tested IT controls and accurately reported audit findings.
- Identified high risk areas and made recommendations for risk mitigation and process improvement.
- Reviewed and examined policies, procedures and records, as well as interviewed workforce members to ensure compliance with standards and regulations.
- Performed and documented audit activities in accordance with professional standards based on frameworks such as COBIT, ITGC, PCI, HIPAA and SOX.
- Assisted management in identifying gaps between controls and processes, made recommendations to breach gap as well as to mitigate identified control weaknesses.
- Conducted IT audit fieldwork; walkthrough and detailed testing of controls.
- Accurately documented and prepare detailed reports on audit findings.
sr. it auditor
- Responsible for HIPAA Security Risk Assessment, ITGC Audit, and auditing Cerner- P2 Sentinel.
- Point of contact for external auditors as regards IT Audit projects.
- Examine whether IT strategy is aligned with Business objectives, identify gaps and make recommendations to breach the gap.
- Collect and analyze data to detect deficient controls, duplicated effort, and non-compliance with laws, regulations, and management policies.
- Support enterprise-wide security awareness program.
- Responsible for timely execution of financial reporting control test work and risk-based IT internal audits. Communicate with management regarding audit findings, recommendations, and possible process improvements
- Consistently exceeded department KPIs
- Project milestones and completion dates met on all audits
- TeamMate administrator responsible for configuring, managing, monitoring, and troubleshooting audit management software and creating customized reports
- Execute SQL queries to extract data fromEDW
senior it auditor
- Successfully delivered the annual IT SOX program (ITGC, Application controls, and Key reports) which includes planning, scheduling, review of work papers, follow-up, and closure.
- Successfully delivered multiple technology audits including Cloud Security, Mobility (BYOD), Third Party, Identity and Access Management, Vulnerability Management, SAP Post-implementation review, etc.
- Worked with operational audit teams and defined approach for integrated audits for better coverage and assurance
- Managed Co-source staff and relationship with external auditors for effective execution of the annual audit plan.
- Built trust-based partnerships with all levels of management to achieve business results and reduce risk