Betsy Afor
Oakland,CA
Summary
Knowledgeable IT Professional with over 9 years of comprehensive experience in performing both risk and compliance based internal and external audits. Adept at various industry tools and standards including COSO, COBIT, SOX Testing, ISO, Service Organization Control (SOC), Cyber security assessments, HITRUST assessments and SDLC post and pre implementation audits. Highly effective at time management and interacting productively with clients. Able to work well independently or as a member of a professional accounting and auditing team.
Overview
11
11
years of professional experience
1
1
Certification
Work History
Sr. Manager - IT Internal Audit and Risk Managemen
Finastra
11.2024 - Current
- Leads internal audits and coordinate with external auditors on various compliance engagements, cyber assessments and internal control evaluations.
- Monitors industry, technological and economic developments to stay current on potential risks
- Manages integrated audits coordinating and addressing financial and operational technology risk and also addressing compliance requirements and performing testing across multiple frameworks.
- Review SOC reports as part of compliance projects to assess third part compliance and identify compensating controls for third party deficiencies for national and international vendors
- Mentor and train staff auditors on audit techniques and departmental documentation standards, project management and client relations.
Experienced IT Risk Manager, IT Risk Manager
GAMA-1 Technologies
02.2023 - 11.2024
- Engaged from beginning to completions of various compliance projects which includes; writing proposals and presentations, planing engagement strategy, defining objectives, managing budget and resources, managing expectations of stake holders, managing project deadlines and ensuring quality deliverables.
- Collaborate with compliance teams, ISSOs and system owners to ensure accuracy of Pre and Post assessments system documentation
- Leads internal audits and coordinate with external auditors on various SOX engagements, cyber assessments and internal control evaluations
- Lead SOC engagements, HITRUST, ISO, NIST from planning, execution and completion
- Monitors industry, technological and economic developments to stay current on potential risks
- Executes remediation roadmaps to achieve risk maturity milestones and remediation across organizational levels
- Manages integrated audits coordinating and addressing financial and operational technology risk and also addressing compliance requirements and performing testing across multiple frameworks such as ISO, SOC, HITRUST. etc
- Review SOC reports as part of compliance projects to assess third part compliance and identify compensating controls for third party deficiencies for national and international vendors
- Mentor and train staff auditors on audit techniques and departmental documentation standards, project management and client relations.
IT Risk Manager
BDO USA
01.2022 - 02.2023
- Leads internal audits and coordinate with external auditors on various SOX
engagements, cyber assessments, ISO27001, SOC, HITRUST and internal control evaluations - Monitors industry, technological and economic developments to stay current on potential risks.
- Executes remediation roadmaps to achieve risk maturity milestones and
remediation across organizational levels - Organizing and leading walkthrough with business process and application
owners, assess effectiveness of ITGCS and provide recommendations to
improve efficiency, effectiveness and compliance - Responsible for determining gaps identifying process improvements
working with clients to develop and implement solutions for gap raised
SENIOR IT RISK CONSULTANT
Protiviti
08.2020 - 01.2022
- Organizing and leading walkthrough with business process and application owner, assessed effectiveness of ITGCS and provide recommendations to improve efficiency effectiveness and compliance
- Coordinates SOX compliance audits managing resource allocation and time and reporting on status to upper management
- Review SOC reports as part of compliance projects
- Managed and trained junior auditors on audit techniques and departmental documentation standards.
IT RISK ANALYST
CROWE LLP
02.2019 - 03.2020
- Performs IT risk assessments, Cyber security assessments and IT general control and information security evaluations against industry accepted frameworks such as COBIT, ISO 2700 and NIST-800
- Performed gap analysis related to clients SSAE-18 (SOC 2) compliance programs
- Established policy and procedures that would meet various clients compliance requirements such as HITRUST and PCI DSS
- Performed third part risk assessments for both national and international vendors
- Educated process owners and control owners on documentation retention for audit and compliance purposes
- Worked with project teams in agile SDLC to incorporated internal controls as part of project development.
IT AUDITOR
Brightway Professionals And Associates
03.2015 - 08.2018
- Established good relationship with clients to enhance customer satisfaction and work with client management and staff at all levels to perform audit and advisory services
- Conduct testing of Sarbanes-Oxley (SOX) OMB Circular A-123 Audit and Service Organization Control (SOC) SSAE18 Review using COBIT and FISCAM frameworks
- Research and summarize new rules and regulations and document applicable controls and potential gaps.
Education
Bachelor of Science Information Technology and Networking -
National Advanced School of Posts And Telecommunications Yaoundé
01.2015
Skills
- SOX Testing and Audits SSAE 18
- PCI
- NIST
- COBIT
- ISO27001
- BSA/AML and KYC
- FISCAM
- GRC
- GDPR
- Proposal writing and presentation
- Executive briefings and project reporting
- Ability to meet High priority datelines
- Written and Verbal Skills in English and French
- Project Management
- Research and Reporting
- Microsoft Office Tools
- Risk assessment and Compliance
Certification
- CISA (Certified)
- CompTIA Security + (Certified)
- Certified Privacy Management Professional – OneTrust (Certified)
- AWS Cloud Practitioner (Certified)
- CRISC and CISM (in Progress)
Timeline
Sr. Manager - IT Internal Audit and Risk Managemen
Finastra
11.2024 - Current
Experienced IT Risk Manager, IT Risk Manager
GAMA-1 Technologies
02.2023 - 11.2024
IT Risk Manager
BDO USA
01.2022 - 02.2023
SENIOR IT RISK CONSULTANT
Protiviti
08.2020 - 01.2022
IT RISK ANALYST
CROWE LLP
02.2019 - 03.2020
IT AUDITOR
Brightway Professionals And Associates
03.2015 - 08.2018
Bachelor of Science Information Technology and Networking -
National Advanced School of Posts And Telecommunications Yaoundé