Summary
Overview
Work History
Education
Skills
Certification
Languages
Timeline
Generic

Grace N. Nwosu

Katy,TX

Summary

IT Audit / Compliance Professional with 5+ years of experience in the manufacturing and Healthcare sector. Communicates cross-functionally and at all levels of an organization and a creative problem-solver who transforms ideas into action with system-oriented thinking, intelligent planning, and an ability to successfully work in a team, independently and on multiple projects.

Overview

7
7
years of professional experience
1
1
Certification

Work History

IT Auditor

Chevron
Houston, TX
06.2021 - Current
  • Conduct walkthrough and audit status meetings to evaluate the design and operating effectiveness of controls
  • Participates in all phases of the audit lifecycle
  • Collaborates with external auditors and co-sourced resources during various compliance audit projects
  • Prioritize assigned audit tasks and ensure accurate and timely completion with best quality delivery that meets management expectations deploying applicable frameworks and standards - COBIT, COSO, ISO and NIST
  • Conducts cybersecurity control testing detective, preventive, corrective, and compensating controls to determine appropriateness and control effectiveness
  • Evaluates the Business Continuity Plan and Disaster Recovery plan (DRP)
  • Performs SOX and CCPA compliance audit, verifying control design adequacy and operating effectiveness
  • Performs ERP systems audit – PeopleSoft, Oracle Financials, and other IT Applications within the organization
  • Test IT General Controls (ITGCs) and IT Applications controls (ITAC) to verify design adequacy and operating effectiveness
  • Conducts IT infrastructure control testing of Servers, Active Directory, Operating Systems
  • Develop testing procedures that adequately evaluate identified controls for design and operating effectiveness
  • Documents work done through concise work papers that represent the results of walkthroughs and test of controls
  • Review risk assessment process ensuring maintenance of a risk register, documented impact analysis and risk control matrix and continuous risk evaluations
  • Work with cross-functional teams including IT, security, risk management and compliance to address control deficiencies and implement audit reporting and recommendations

IT Compliance / GRC Analyst

Campbell’s Soups Company
Camden, NJ
06.2019 - 06.2021
  • Lead and executed IT Compliance processes to help manage IT annual testing for internal and external audits, risk assessments, regulatory, legal and policy compliance
  • Facilitated IT Compliance workshops to prepare for IT Assessments including ITGC and SOX
  • Assisted with IT Risk Assessments based on the NIST Information Security framework
  • Involved in the identifying, evaluation and documentation of key IT risks and controls throughout the organization, across multiple information technology platforms
  • Collaborated and reported findings and recommendations to senior management concerning compliance issues
  • Facilitated the ITGC and SOX Assessments by supporting internal and external audit requests
  • Identified and communicated IT audit findings to senior management and client
  • Updated and maintained the recommendation remediation tracker to keep management abreast of the outstanding internal audit findings
  • Conducted internal assessments to determine compliance status with SOC 2 requirements and identified gaps and areas that needed improvement
  • Promoted compliance awareness by supporting training, programs and departmental activities
  • Accommodated ad-hoc activities in support for external compliance activities
  • Managed inventories and track remediation efforts
  • Performed risk assessments and ensured compliance with external and internal requirements

IT Auditor

IQVIA
New York, NY
03.2018 - 06.2019
  • Performed ERP systems audit on PeopleSoft, Oracle Financials, and other IT Applications within the organization
  • Performed ITGC and Application Control testing using SOX, COSO, HIPAA, SSAE-18 and ISO framework
  • Performed and documented audit activities in accordance with professional standards such as COSO and SOX internal control frameworks Audit Project
  • Reviewed IT General Controls (ITGC) and various applications, databases, operating systems, and network devices
  • Lead team kick-off and walkthrough meetings
  • Maintained Governance Risk and Compliance (GRC) tools to help facilitate IT Compliance Activities
  • Assisted in preparing IT audit program to include access control, change management controls and application controls; and identify deficiencies in the design and operating effectiveness of control and provide recommendations
  • Tested and document key SOX and IT General controls leveraging a defined compliance monitoring process
  • Collaborated and reported findings and recommendations to senior management concerning compliance issues
  • Mapped internal controls to compliance requirements and SOX framework
  • Performed all stages of audit planning, fieldwork, executive, reporting and follow up

Education

Master of Arts - Public Affairs and Administration

Metropolitan College of New York
New York, NY
01.2015

Bachelor of Art - Psychology

SUNY College
Old Westbury
01.1988

Skills

  • SOX
  • ITGC
  • Business Continuity Plan
  • Disaster Recovery
  • Data Center
  • Risk Assessment
  • IT application and IT infrastructure Controls testing
  • PeopleSoft
  • Active Directory (AD)
  • CCPA
  • GDPR
  • NIST
  • COBIT
  • COSO
  • PCI DSS
  • HIPPA
  • TISAX
  • ISO 27001
  • Microsoft office suite (Word, PowerPoint, Excel)
  • Share Point
  • Oracle Database
  • SOC
  • Stealth Intercept
  • IBM – Open pages
  • IT Application Controls
  • Internal Controls Testing
  • Risk Management
  • System Development Life Cycle (SDLC)
  • Operational Risk Audits
  • Compliance Audits
  • Corrective Action Plans
  • Audit Remediation

Certification

Certified Information Systems Auditor (CISA)

Languages

English

Timeline

IT Auditor

Chevron
06.2021 - Current

IT Compliance / GRC Analyst

Campbell’s Soups Company
06.2019 - 06.2021

IT Auditor

IQVIA
03.2018 - 06.2019

Master of Arts - Public Affairs and Administration

Metropolitan College of New York

Bachelor of Art - Psychology

SUNY College
Grace N. Nwosu