ESEOSA OMHENAKA

• Perform work papers documenting procedures and fully support audit findings.

• Conduct ITGC control testing reviews and documentation. Track and follow up on audit findings.

• Streamlined audit processes by utilizing advanced data analytics techniques, reducing time spent on manual tasks.
• Mitigate and identify risk, performed risk assessment (RCSA), and IT control testing.
• Maintained up-to-date technical expertise by attending relevant conferences, webinars, and professional development courses to stay abreast of industry advancements in IT auditing methodologies.
• Promoted a culture of continuous improvement within the IT department by encouraging open communication channels for feedback regarding audit findings and recommendations.
• Provided a comprehensive testing and review program of the IT environment to ensure that access and security controls are designed, maintained, and operating effectively in accordance with appropriate standards, laws, regulations, and business objectives.
• Performed Sarbanes-Oxley (SOX) and Service Organization Control (SOC I, II & III testing), Review SOC 1 type 2.

• Performed IT audit control testing with inclusion of engagement planning, coordination, scope determination, risk and control identification, audit program design, procedures, test control, and outcomes evaluation.
• Conducted ITGCs testing and IT application control testing, audit readiness, attestation engagements, Infrastructure audit, compliance, and risk assessment.
• Provided expert advice on regulatory compliance matters, supporting the organization in achieving and maintaining required certifications and standards.
• Participated in IT governance initiatives, contributing to the development of robust policies and standards for consistent information security management across the organization.
• Reviewed system configurations and access controls, strengthening overall network security and reducing unauthorized access incidents.
• Performed periodic penetration testing, detecting vulnerabilities that could compromise the integrity of critical systems and applications.
• Assisted in developing disaster recovery plans, ensuring critical systems could be rapidly restored following a catastrophic event.
• Ensured maintenance of critical IT risk and compliance operations by conducting basic procedures.