Summary
Overview
Work History
Education
Skills
Certification
Languages
Timeline
Generic

Betsy Afor

CA

Summary

Results-driven IT Audit & Compliance Professional with 11+ years of experience across SOX, ITGC remediation, SOC, ISO, NIST, and cybersecurity assessments. Proven ability to execute remediation plans, strengthen internal control environments, and support IPO readiness in fast-paced technology organizations. Adept at coordinating with IT, Security, and Engineering teams to embed sustainable processes, deliver evidence-ready documentation, and accelerate audit closure.

Overview

11
11
years of professional experience
1
1
Certification

Work History

Sr. Manager, Internal IT Audit and Risk Management

Finastra
11.2024 - Current
  • Led internal audits and coordinated with external auditors on various compliance engagements, cyber assessments and internal control evaluations.
  • Developed short-term goals and long-term strategic plans to improve risk controls and mitigation.
  • Executed ITGC remediation activities across access management, change management, and IT operations to address SOX and SOC control gaps.
  • Worked across AWS, Okta, Google Workspace, Workday, NetSuite,and Jira environments enhancing implementation of control improvements and standardize evidence procedures.
  • Strengthened joiner/mover/leaver workflows, enhancing provisioning, de-provisioning, and periodic access review processes.
  • Improved change management controls by establishing approval documentation requirements, pre-deployment testing evidence, and standardized review procedures.
  • Promoted enterprise-level risk management practices and strong culture focused on preventive policies and procedures, control performance and documentation.
  • Employed strong program management skills to successfully define and manage ongoing initiatives designed for risk management, compliance and security.
  • Mentored and trained staff auditors on audit techniques and departmental documentation standards,project management and client relations.
  • Collected, validated, and organized evidence including logs, screenshots, configuration exports, access listings, workflow approvals, and deployment records.


Sr. IT Risk Manager, Experienced IT Risk Manager

GAMA Technologies
02.2023 - 11.2024
  • Led Security assessment and authorization processes and procedures. Define assessment scope and coverage.
  • Provides guidance and training to process owners on SOX audits, control performance, documentation and best
  • Executed remediation roadmaps to close ITGC, SOC, ISO, and NIST gaps and achieve risk maturity milestones across multiple organizational levels.
  • Coordinated with system owners, ISSOs, and compliance teams to implement corrective actions and validate design and operating effectiveness.
  • Drove closure of SOX ITGC weaknesses, improving provisioning, change controls, and evidence retention.

IT Risk Manager

BDO USA
01.2022 - 02.2023
  • Executed targeted ITGC remediation in access, change, and IT operations domains to prepare clients for SOX testing and walkthroughs.
  • Monitored industry, technological and economic developments to stay current on potential risks
  • Organized and led walkthroughs with business process and application owners, assess effectiveness of ITGCS and provide recommendations to improve efficiency, effectiveness and compliance
  • Managed resource allocation and budgets and reporting on status to upper management.
  • Reviewed SOC reports as part of compliance projects to assess third part compliance and identify compensating controls for third party deficiencies for national and international vendors
  • Mentor and train staff auditors on audit techniques and departmental documentation standards,project management and client relations
  • Identified gaps and partnered with client IT teams to implement sustainable process improvements aligned with control objectives.

SENIOR IT RISK CONSULTANT

Protiviti
08.2020 - 01.2022
  • Organized and led walkthrough with business process and application owner, assessed effectiveness of ITGCS and provide recommendations to improve efficiency effectiveness and compliance
  • Coordinated SOX compliance audits managing resource allocation and time and reporting on status to upper management
  • Reviewed SOC reports as part of compliance projects
  • Managed and trained junior auditors on audit techniques and departmental documentation standards


IT RISK ANALYST

CROWE LLP
02.2019 - 03.2020
  • Performed IT risk assessments, Cyber security assessments and IT general control and information security evaluations against industry accepted frameworks such as COBIT, ISO 2700 and NIST-800
  • Performed gap analysis related to clients SSAE-18 (SOC 2) compliance programs.
  • Performed third part risk assessments for both national and international vendors


INTERNAL IT CONTROLS ANALYST

GENESYS
09.2018 - 12.2018
  • Determined gaps in strategy and identified opportunities for process improvement
  • Work with senior management to develop and implement innovative, strategic solutions to address gaps raised.
  • Testing of organization's controls and draw conclusions as to the efficiency of controls.

IT AUDITOR

Brightway Professionals And Associates
03.2015 - 08.2018
  • Conducted testing of Sarbanes-Oxley (SOX) OMB Circular A-123 Audit and Service Organization Control (SOC) SSAE18 Review using COBIT and FISCAM frameworks
  • Researched and summarize new rules and regulations and document applicable controls and potential gaps.

Education

Bachelor of Science - Information Technology and Networking

National Advanced School of Posts And Telecommunications
Yaoundé
2015

Skills

  • SOX Testing and Audits, SSAE 18, PCI, NIST, COBIT,COSO, FISCAM
  • Executive briefings and project reporting
  • Ability to meet High priority datelines
  • Written and Verbal Skills in English and French
  • Project Management
  • Research and Reporting
  • Microsoft Office Tools
  • Risk assessment and Compliance

Certification

CISA (Certified Information Systems Auditor)

CompTIA Security +

Certified Privacy Management Professional – OneTrust

AWS Cloud Practitioner.

CRISC(In Progress)

Languages

English
Native or Bilingual
French
Native or Bilingual

Timeline

Sr. Manager, Internal IT Audit and Risk Management

Finastra
11.2024 - Current

Sr. IT Risk Manager, Experienced IT Risk Manager

GAMA Technologies
02.2023 - 11.2024

IT Risk Manager

BDO USA
01.2022 - 02.2023

SENIOR IT RISK CONSULTANT

Protiviti
08.2020 - 01.2022

IT RISK ANALYST

CROWE LLP
02.2019 - 03.2020

INTERNAL IT CONTROLS ANALYST

GENESYS
09.2018 - 12.2018

IT AUDITOR

Brightway Professionals And Associates
03.2015 - 08.2018

Bachelor of Science - Information Technology and Networking

National Advanced School of Posts And Telecommunications

Similar Profiles

CREATE PROFILE