Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic
Evan Hammond

Evan Hammond

2705 Bourne Way Edgewood,MD

Summary

Evan is proven IT Audit Manager with 10 years of experience in leading complex audits and enhancing IT General Controls. Proven track record of improving IT compliance through effective stakeholder collaboration and regulatory adherence. Expertise in agile methodologies, risk management, and stakeholder communication, ensuring timely project delivery. Evan has strong leadership and problem-solving skills that drive successful project outcomes.

Overview

10
10
years of professional experience
1
1
Certification

Work History

IT Project Manager II / VP & Asst. Secretary

First Citizens Bank
Remote
11.2024 - Current
  • Directed five annual internal audit initiatives across multiple bank divisions, improving regulatory readiness and reducing ITGC deficiencies by enhancing control coverage in access management, change management, disaster recovery, and data interfacing.
  • Gained deep expertise in IT SOX risk management and compliance by partnering with first and second lines of defense to strengthen controls and regulatory alignment.
  • Strengthened ITGC compliance by developing and executing audit testing procedures that reduced control deficiencies and improved adherence to banking regulations, ensuring IT policies aligned with regulatory and audit standards.
  • Streamlined IT audit evidence gathering across all control performers and provided external auditors with internal review and testing procedures, maximizing audit efficiency and supporting their reliance procedures.

IT Risk & Compliance - Managing Consultant

Forvis Mazars
Remote
09.2022 - 11.2024
  • Partnered with Professional Services Group to establish firm's risk-based IT SOX audit methodology, guaranteeing consistent IT SOX compliance across all audits.
  • Efficiently managed teams of three in coordination of eight annual IT Integrated SOX audits. Oversaw every phase of audits, including risk-based scoping and finalizing deficiency documentation.
  • Facilitated stakeholder interviews and walkthroughs, documenting IT and business processes with associated risks via written control narratives.
  • Validated supporting documentation and ensured accuracy of Information Produced by Entity (IPE). Reviewed staff testing of IT General and Application Controls (ITGCs/ ITACs).
  • Communicated identified control gaps/deficiencies to management and presented corrective actions with reasonable timelines for remediation.

IT Advisory - Senior & Lead Consultant

Forvis
Remote
01.2018 - 09.2022
  • Assessed IT risks and control weaknesses within complex IT environments, including cloud systems, ERPs (e.g., SAP, Oracle), and network infrastructure.
  • Recorded audit procedures, testing and findings in electronic work papers, providing clear support for conclusions and proper cross-referencing.
  • Evaluated cybersecurity, data privacy, and protection controls for over 20 essential IT security vendors, ensuring comprehensive coverage of critical technology risk areas and alignment with enterprise data protection standards.
  • Planned and reported on five SOC 1 and two SOC 2 examinations for Fortune 500 clients, guaranteeing adherence to AICPA standards. Presented detailed reports outlining client controls and processes upon completion of examinations.

IT Audit - Consultant

Dixon Hughes Goodman LLP
Remote
08.2017 - 01.2018
  • Achieved over 80% growth in firm’s IT Audit and SOX client portfolio within three years as sole IT consultant.
  • Completed 20 annual assessments of IT controls, assessing governance and operational effectiveness in client processes. Analyzed control gaps and presented findings to management and relevant stakeholders.
  • Assessed controls pertaining to access management, review processes, change management, computer operations, incident management, and IT application controls.

Business Advisory Services - Consultant

Grant Thornton LLP
Arlington, VA
08.2015 - 07.2017
  • Facilitated SOX compliance activities for 5 commercial clients annually, encompassing process flow charting and narrative preparation to document controls.
  • Analyzed client processes and controls, upgrading policies and procedures to advance process improvement and confirm alignment with COBIT Governance framework and SOX compliance standards.

Education

Bachelor of Science - Business Administration

University of Maryland - College Park
05.2015

Skills

  • Internal and external auditing
  • IT process design
  • SOX compliance expertise
  • General IT controls knowledge
  • SOC reporting standards (1 & 2)
  • NIST cybersecurity frameworks
  • COBIT governance framework
  • FFIEC guidelines adherence
  • COSO framework understanding
  • Audit software tools (AuditBoard, TeamMate)
  • ERP applications knowledge (MS Dynamics, Oracle, PeopleSoft)
  • Cloud SaaS platforms experience
  • Database management (SQL Server, Azure SQL)
  • Microsoft Office Suite skills

Certification

  • Certified Information Systems Auditor
  • Pursuing ITIL v4 and CIA certifications

Timeline

IT Project Manager II / VP & Asst. Secretary

First Citizens Bank
11.2024 - Current

IT Risk & Compliance - Managing Consultant

Forvis Mazars
09.2022 - 11.2024

IT Advisory - Senior & Lead Consultant

Forvis
01.2018 - 09.2022

IT Audit - Consultant

Dixon Hughes Goodman LLP
08.2017 - 01.2018

Business Advisory Services - Consultant

Grant Thornton LLP
08.2015 - 07.2017

Bachelor of Science - Business Administration

University of Maryland - College Park

Similar Profiles

CREATE PROFILE