· Articulate and seasoned Internal Audit IT practitioner with extensive practical experience in undertaking both system and risk based Internal Audit for major private and public sector organisations.
· Specialising Internal Audit, Corporate Governance, Risk Management issues and project management following industry best practices. Conduct risk assessments, including control self-assessments, analysing risks with departmental managers as well as identifying, describing and estimating the risks affecting the business.
· Oversee risk management encompassing due diligence in terms of evaluating the entity’s 'risk appetite', formalise risk reports for key stakeholders and senior management teams, board of directors so they understand the most significant risks, to business heads to ensure they are aware of risks relevant to their parts of the business and to individuals to understand their accountability for individual risks.
· Monitor compliance with the mitigation actions resulting from identified risks in each department, working closely with those departments by monitoring compliance with identified risk mitigation action plan.
· PCI-DSS SAQ Level 1, 2 and 3 compliance: maintaining payment security for store, process or transmit cardholder data. Guidance for maintaining payment security is provided in PCI security standards. Use of self-validation tool to assess the level of cardholder data security i.e., Self-Assessment Questionnaire (SAQ) for PCI Data Security Standard requirement.
· ISAE3402 SOC 1, 2 and 3 auditing
· ITGC SAP Audit Reviews
· Provide support, education and training to staff through taking ownership of the enterprise risk management framework and methodology, support the design, development and implementation of the risk management programme across brands and help ensure its integration into a broader compliance monitoring programme
· Assist in the management and support for administration of third-party due diligence processes and procedures (anti-bribery, anti-corruption and modern slavery)
· Experienced qualified internal auditor and adjunct lecturer with a Masters in Audit Management and Consultancy.
· Highly process-oriented, proven talent for creating and implementing streamlined policies, procedures and work-flows.
· Broad experience helping public and private commercial sector entities, (practice, manufacturing, technology, health and education) to identify and address internal control and strategic, organisational, tactical and technology-related risk factors and business needs.
· Sound experience of working in a training/communications role within a compliance, regulatory environments with close liaison with Legal Counsel.
· Subject matter audit expert with exposure extended to Sub-Saharan African developing sectors in all aspects audit provision and consultancy. Capacity to work with a broad range of cultures and to build effective relationships internally and externally.
· Trained specialist knowledge on fraud and has been integral in numerous fraud-audit investigations.
ISO27001 Certified ISMS Lead Auditor (CIS LA) Cert. No. 757521
ISO27001 Certified ISMS Lead Implementer (CIS LI) Cert. No. 488301
ISO27001 Certified ISMS Foundation (CIS F) Cert. No. 412615
Certified GRC Auditor (GRCA) Cert. No. GRCA-74380
Certified GRC Professional (GRCP) Cert. No. GRCP-74380
DBA, Business Corporate Ethics [London Metropolitan University]
Masters MSc. Audit Management & Consultancy [Birmingham City University]
Post-Graduate Diploma Audit Management & Consultancy [Birmingham City University]
Post-Graduate Certificate Audit Management & Consultancy [Birmingham City University]
Professional governance, risk and compliance practitioner. IT audit leadership consultant, coach and people manager, with a successful track record in audit management, employee engagement and project delivery in major corporations. Highly process-oriented, proven talent for creating and implementing streamlined procedures. Broad experience helping Tier 1 FinTech, public and private sector entities, manufacturing, technology, Healthcare Informatics and retail companies identify and address internal control and strategic, organisational, tactical and technology-related risk factors and business needs. Articulate and seasoned internal auditor with specialism in risk based Internal Audit, Corporate Governance, Risk Management issues and project management following industry best practices.
* Analytical and accomplished professional with 25+ years practical experience in all areas of auditing, training, business process re-engineering;
SOC I II & III Audit (Readiness Assessments, Remediation and Pre-audit attestation work;
* Internal audit encompassing ITIL, IS/IT ITIL, COSO/COBIT governance frameworks.
* Risk based internal auditing, ISO compliance reviews
* Sarbanes Oxley (SOX) audit reviews; ISO/IEC27001 & ISO9001; DNV audits & TickIT,
* Quality Management Systems Auditing (Det Norske Veritas & LRQA covering ISO 27001; ISO9001, ISO20000, ISO14000, ISO13485 Standards audits.
* CMMi and PML encompassing Agile, SCRUM and Waterfall methodologies
Specialties: Experience in investigation and anti-Fraud Work and the ability to interrogate reports for transactional audit purposes.
Datamining through the use of Computer Assisted Audit Tools (CAATs): Audit Command Language (ACL); Business Objects; Crystal Report Writer; IDEA. Pentana, Ideagen, TeamMate, Doxis4.