Denise Langley

Monitors compliance with defined internal control policies and procedures in relation to Sarbanes Oxley.
• Designed, authored, and presented a Management Self Identified Issue (MSI) development process to TRM department. Received acceptance from senior leadership, Implemented, managed and developed metrics for the new process.
• Facilitated over 20 audits per annually, providing insights into MSIs, audit walk-through and evidence gathering. Designed, implemented a new process that allows TRM team better insight to their policies, controls and processes, increasing the MSI Action Plan (AP) count by 37. I managed over 120 action plans during the year, closing 68 AP; all submitted on time

• Managed CRI Assessments, SIG Assessments, and SCA assessments from preparation on evidence gathering, daily touch-point meetings, area walk-throughs to the Final Report.
  • Policy and Control Standard analysis and management: Ensures all PCS documents are up-to-date and published in corporate document repository
  • Active member of the WINS, volunteering for leadership roles. Committee member for Dallas site’s TYKTWD. Organized and led team building event for all ‘kids’ Received positive reviews from committee members, parents and children.
  • Appointed the Dallas site coordinator for Career Development Fair (CDF).
• Performed detailed regulatory research to stay current with industry standards and emerging compliance obligations.
• Utilized risk reporting tools to generate comprehensive reports that informed executive decision-making processes.
• Executed risk assessment analyses to identify vulnerabilities and recommend enhancements to existing controls.
• Collaborated with cross-functional stakeholders to align risk management practices with organizational objectives.
• Reviewed internal controls and provided recommendations for improvement, enhancing overall risk management frameworks.
• Presented findings and recommendations to senior management, supporting informed decision-making on risk-related matters.
• Established positive relationships with external partners such as regulators, auditors, and rating agencies through clear communication channels.
• Participated in regulatory audits and examinations, ensuring full compliance with relevant laws and regulations at all times.
• Collaborated with cross-functional teams to address identified risks proactively, supporting long-term strategic planning efforts.

• Facilitated comprehensive audits to assess Technology Risk compliance with regulatory standards and organizational policies.
• Developed strategic advisory reports to guide clients in enhancing their Technology Risk compliance frameworks.
• Executed Technology Risk Framework analysis to identify compliance gaps and recommend actionable improvements.

Determined audit scope for financial statement and external third party applications for approximately 290 deployments and their infrastructure.
• Restructured Audit Control within Goldman Sachs Technology framework; added logical security controls, condensed change management controls and repurposed technology operation controls.
• Researched Goldman Sachs’ application automated controls to determine financial impact.
• Investigated compliance deviations and took the necessary steps to remediate the deviations to maintain compliance with Sarbanes Oxley (SOX) and SSAE16 requirements.
• Prepared audit teams for upcoming reviews of production access, change management, security, operations, etc., as required by the COBIT and SSAE16 framework
• Facilitated internal testing of technology SOX risks and controls, Goldman Sachs' internal audits and PricewaterhouseCoopers, Deloitte & Touche and Ernst & Young external audits

• Facilitated audit planning coordination with cross-functional teams to ensure alignment on objectives.

• Managed the award fee process by reviewing IT impacts, instigated necessary actions and tracked to successful completion. Assured IT-related components of award fee items receive 100% award fee.
  • Managed program IT change requests for all tactical and strategic emerging requirements. Reviewed the business case with the owner and presented it to the accounting board for funding determinations.
  • Reviewed of all proposal and process documentation for program IT impacts.
  • Participated in the EVP/GM F-35 Program Integration weekly status meetings as the Technology Representative.
  • Obtained a Secret Clearance