Summary

IT Audit Professional with significant accomplishments in information systems, operational, and compliance auditing including Sarbanes Oxley. Industry experience includes insurance, health care, banking, manufacturing, retailing, distribution, and public accounting. Competencies include COBIT, ITIL, ISO 17799, software change management, and disaster recovery. Skilled in ACL, OnBase, TeamMate, Visio, SQL Developer, Monarch, Oracle SQL Developer, Teradata, and MS Office.

Professional Experience

Confidential

IT Auditor Successfully completed assigned IT Audit areas for Real EC. Subsidiary of Lender Processing Services . Scope of audit was logical access and encryption. Testing focused on access to production domains and, source and compiled libraries, quarterly access reviews, and new user provisioning, Encryption testing focused on compliance with AES Advanced Encryption Standards and access to encryption keys. Completed assignment under budget.

Confidential

IT Auditor - Successfully tested 64 IT key general computer controls and related IT application controls. Worked with Control Owners and Subject Matter Experts SME's in defining JD Edwards data sets and test cases. Testing tools included Microsoft Access, Excel, and Visio. Used IMB Showcase Query and Access to create, edit, and run JD Edwards queries. Results documented in OnBase enterprise content management ECM . Assignment completed in June.

Confidential

IT Auditor - As consultant for ProResources audited privileged access rights for 6,000 Oracle users. Analyzed Oracle RBAC role based access controls to identify those deemed financially significant. Additionally, audited R11 and network log-in ids' against company's standard naming convention. Assigned successfully completed in May.

Confidential

IT Auditor - As consultant for Izar Associates created and executed audit programs to test IT Quality Assurance Testing Team process controls. Audited controls over device acquisition, privileged access, device tracking, and inventory security. Created and executed SQL queries to extract billing and device data. Tools used included Teradata for billing data and Oracle Developer for device data. Assignment successfully completed in January.

Confidential

QA Analyst - As consultant for ConsultUSA, assigned to a team of IT analysts responsible for developing and executing test cases for a 160 billion loan portfolio acquired from National City Bank. Used Toad for Data Analysts to Create and execute SQL queries. Test results documented in Mercury Quality Center. Reported defects and worked with developers in identifying root causes and solutions. Assignment successfully completed in July.

Confidential

SOX IT Auditor - As consultant for Robert Half Technology, assigned to Kaiser's IT security department performed role based testing for 5,000 Epic System users. Validated appropriate access for 300 distinct user profiles by querying production database mirror. Epic modules tested included Cadence, Care Ambulatory, Chronicle, Prelude, and Resolute. Assignment successfully completed in July.

Confidential

IT Auditor - As consultant for Hudson Global Resources Management, assisted Internal Audit in completing their 2008 audit plan by December 31, 2008. Successfully completed RACF mainframe security, web portal security, and telecommunication spend audits. Tools used include Monarch Business Intelligence software, Visio, Access, and Audit Command Language. Reviewed AutoAudit automated work papers for compliance with departmental standards. Assignment successfully completed December, 2008.

Confidential

Data Analyst As data miner for RHI Management Resources, used ACL, Monarch, and Access as primary data analysis tools to perform ETL on large non delineated flat files. Used Med Initiatives Inform Pro a GUI web based SQL application to analyze 10-12 million monthly prescription drug claims. Assignment successfully completed March, 2008

• Successfully recalculated monthly premiums for one million members.
• Created large databases for researching and cross-validating member transactions.

Confidential

IT Auditor - Conducted risk-based IT audits of billing, enterprise change management, and post print automation applications. Audited privileged access for 28,000 users. Tools used include ACL, Mobius, MS Project, and Lotus Notes. Lead IT audit of semi-annual disaster recovery exercise. Completed audit of IT General Controls for department using Information Systems Questionnaire ISQ in support of Florida state insurance examiner

• Created Sarbanes Oxley quarterly test plan for Pro Bill billing application and Enterprise Change Management.
• Worked with 40 mission critical software applications teams to define requirements for Sarbanes Oxley Software Change Management testing.
• Lead project team in creating SharePoint software change management solution for telecommunications Speech Self Service insurance premium payments.
• Working knowledge of COBIT and ITIL.

Confidential

IT Auditor - Used ACL for data analysis and statistical sampling, implemented and trained users on TeamMate automated work papers and Visio flowcharting. Performed compliance and statistical sampling for Internal Audit, OCC, and internal bank customers. Conducted application audits of TMO The Mortgage Originator and Alltel's Advanced Loan System ALS . Position eliminated when Charter acquired by Citizens Bank.

• Analyzed origination and servicing mortgage application databases supporting management's compliance audit needs.
• Conducted fraud audits and analyzed acquisition loan portfolios.

Confidential

IT Risk Consultant - As consultant for RHI Management Resources performed risk-based IT audit of First Energy's ERP Oracle implementation. Assignment completed.

• Worked with accounts payable project team, evaluated segregation of duties, and process used for assessing and correcting identified implementation issues. Used Access to analyze bug tracking and defect resolution.

Confidential

Internal Auditor - Established one person internal audit department for NYSE listed company. Performed financial, operational, and compliance audits. Assisted project implementation team during company's conversion to Oracle Financial s. Used Excel and Access to perform data analysis and reconciliation of mainframe data sets to Oracle data loads. Position eliminated when Medusa acquired by Southdown.

• Led project team in successfully reconciling accounts payable, accounts receivable, fixed assets, and inter-company accounts from mainframe legacy applications to Oracle Financial s.
• Implemented companywide ERP compliance program for monitoring 500 Oracle controls.