Uploaded File
add photo
Lanre
lanrebabalola6@gmail.com
682-222-3333
1010 East Arkansas Lane, Apt 188
Arlington, TX 76014
Senior IT Auditor
15 years experience W2
2
Recommendations
Average rating
79
Profile views
Summary

Experienced IT Audit/Control professional with over 8 years of experience in auditing and controls most especially in IT operations, Business process, Cybersecurity testing of controls, and control advisory roles in special projects. Specialized skills in Enterprise security and control implementations, information technology, and business process risk assessments.

My primary goal is to ensure the security of organizational IT assets and the achievement of corporate objectives. My professional callings help my employers/clients to achieve and maintain compliance with regulatory requirements, improve internal controls, and reduce financial and operational risk.

SUMMARY OF QUALIFICATION/SKILLS

Perform Business Process Control testing, Cybersecurity Control Testing, PCI DSS, ITGCs & IT Application Controls testing, ISO such as 27001, 20000 and 23001, infrastructure audit – Database, Network, Operating Systems, Servers. Third Party Risk Assessment, Policies, Standard and Procedures document reviews.

IT Audit Tools

Microsoft Products: MS Word, MS Excel, MS PowerPoint, Outlook Express, and ACL.

SUMMARY ACHIEVEMENTS:

  • Responsible for the execution and delivery of IT and business process audits to ensure business risks were recognized and appropriately mitigated before the company was adversely affected.
  • Developed technical documentation for the infrastructure and Business Continuity Plan.
  • Assessed audit and test program and security controls using organization IT Security Policy Handbook to provide information necessary to determine their overall effectiveness.
  • Developed audit plans and programs, following COBIT. Set up a control matrix based on specific client application needs during the planning phase of audits.
  • Participated in integrated audits - carrying out ITGC testing in support of financial statements audits.
  • Reviewed documentation of clients' internal controls (both IT controls and business cycle controls).
  • Established QAR (Quality Assurance Review) program implementation; achieved uniform adherence to standards and streamlined audit activities resulting in reduced redundancy and wider audit coverage.

Experience
IT Auditor
Banking/Financial
Jan 2020 - present
  • Automation, analysis, and monitoring of system audit business rules using CAAT tool (ACL) for Interest recalculation and reconciliation, COT recalculation, current accounts leakages analysis, etc.
  • The evaluation of controls over the payroll process for the purposes of supporting the execution of an external audit.
  • Design and implementation of application security and controls including configuration and access controls; design and implementation of business processes and monitoring procedures; and traditional project, system, business process, and technical infrastructure.
  • Verify applications and support systems are meeting information security policies, (e.g. automated scans are performed monthly, patch management, configuration management, etc.).
  • Participate in the review of management's self-identified risks and control gaps for the client organization.
  • Evaluation of relevant implementation risks throughout a project to provide management with comfort that the design and implementation of controls satisfy financial reporting, operational, and regulatory requirements in an efficient and effective manner.
Auditing Reconciliation Regulatory Reporting
Remove Skill
Senior IT Auditor
Banking/Financial
May 2008 - Aug 2018
  • Assessed the design appropriateness and operating effectiveness of Information Technology controls throughout the business cycle.
  • Performed all aspects of the IT audit process from planning, execution, reporting, and follow-up.
  • Assisted with audit scope determination, risk and control identification, design of audit program, policies, standards and procedures evaluation, control testing, and evaluation and analysis of results.
  • Performed Access control, Change Management control, IT Operations Control, and IT application controls.
  • Identified deficiencies in the design and operating effectiveness of controls and provide recommendations.
  • Provided status of the internal control environment within business units and provide a recommendation to mitigate the control weaknesses between the current and recommended state.
  • Assessed the adequacy and effectiveness of the internal control environment using a risk-based methodology such as COSO, COBIT, ISO, and ITIL.
  • Supported clients with audit readiness initiatives.
  • Evaluation of relevant implementation risks throughout a project to provide management with comfort that the design and implementation of controls satisfy financial reporting, operational, and regulatory requirements in an efficient and effective manner.
  • Evaluation of relevant implementation risks throughout a project lifecycle to provide management with comfort that a project will accomplish its desired outcomes.
  • Evaluated infrastructure security practices and implement improvements.
  • Designed and implemented application security and controls including configuration and access control design and implementation of business processes and monitoring procedures and traditional project, system, business process, and technical infrastructure.
  • Assessed/designed the security and controls of networking components including firewalls, routers, telecommunications equipment, etc.
  • Evaluated business applications, IT controls and infrastructure, as applicable, to address relevant risks to financial statements or business operations. IT auditing may provide assurance and will identify control weaknesses that represent areas of risk in an IT environment as it aligns with an organization's business objectives.
  • Understanding of how to optimize the value and performance of the audit function.
  • Evaluated controls over other business processes for the purposes of supporting the execution of an external audit.
  • Evaluated controls over the payroll process for the purposes of supporting the execution of an external audit.
  • Analyzed systems, network, and application security and recommended/developed security measures to protect information against unauthorized access, modification, and/or loss.
  • Developed and conducted information security risk assessments, reported findings and recommended corrective action, inapplicable, to management.
  • Coordinated & oversaw information security third-party service providers to validate contracted services were provided according to contract and/or service level agreements.
  • Conducted individual staff performance reviews after each audit and performance evaluations on a bi-annual basis.
  • Automation, analysis, and monitoring of system audit business rules using CAAT tool (ACL) for Interest recalculation and reconciliation, COT recalculation, current accounts leakages analysis, etc.
  • Provided security support for information systems throughout the Risk Management Framework (RMF) lifecycle.
  • Worked closely with business and technical stakeholders to select and help implement security controls as outlined within the information security policy and regulatory framework.
  • Ensured conformance to regulatory compliance bodies such as PCI DSS and ISO 27001, 20000, and 23001.
  • Advised on the design and development of secure systems architecture as well as industry best practices and information systems technologies available to meet security requirements.
  • Reviewed System Security Plans (SSPs), reviews and uploads supporting security artifacts and evidence, generated risk reports, and facilitated continuous monitoring process for authorized systems.
  • Verified applications and support systems were meeting information security policies (e.g. automated scans are performed monthly, patch management, configuration management, etc.).
  • Ensured compliance with SLA, process adherence, and process improvisation to achieve operational objectives.
Auditing COBIT Compliance Risk Assessment Regulatory Compliance Risk Management Information Security Change Management Reconciliation Regulatory Reporting COSO
Remove Skill
References
Average Rating

0 recommendations
Team Lead Systems/Internal Audit Review and Process Automation
Professional/Consulting Services
Jan 2006 - Apr 2008
  • Participated actively in different data analysis reviews using CAAT tools.
  • Participated in Network operations review to assess risk and put a Business continuity planning (BCP) in place for continuity of operations in the event of a disaster.
  • Participated in various application development projects at various stages ranging from project management documentation, requirement specification, in-built controls review, and change control/migration.
  • Involved in Disaster Recovery Plan projects with a focus on accurate documentation and best practice, controls, and process development.
  • Evaluated ITGCs and IT Application Controls using COSO and COBIT Frameworks for client Organization.
  • Executed cyber security audits, testing preventive, corrective, detective, and compensating controls for the client organization.
  • Evaluated IT operations, backup and restoration, and disaster recovery audits.
  • Performed SDLC, Business Continuity, and incident management for a client organization.
  • Assisted with Operational and Compliance audit processes such as the documentation of management directives – Policies, Standards and Procedures, and internal controls narratives.
  • Participated in the review of management's self-identified risks and controls gaps for a client organization.
Auditing COBIT Compliance Cyber Security Project Management Information Security COSO Data Analytics
Remove Skill
References
Average Rating

0 recommendations
Edit Skills
Non-cloudteam Skill
Education
Bachelor's in Economics
Lagos State University
Certifications
CISA (Certified Information System Auditor)
ACDA (Certified Data Analyst)
COBIT 5 Foundation Certificate
ISO 20000 Lead Auditor
Skills
Auditing
2021
12
COBIT
2018
12
Compliance
2018
12
COSO
2018
12
Information Security
2018
12
Change Management
2018
10
Reconciliation
2021
10
Regulatory Compliance
2018
10
Regulatory Reporting
2021
10
Risk Assessment
2018
10
Risk Management
2018
10
Cyber Security
2008
2
Data Analytics
2008
2
Project Management
2008
2
Microsoft Excel
0
1
Mitigation
0
1