Kenneth Onwusoro

· Developed and created IT Audit program including access control, change management, IT operations and application controls Identified deficiencies in the design and operating effectiveness of controls and provided recommendations for all clients

· Implemented appropriate security controls for information system based on NIST 800-53 rev 4

· Participated in SAP transaction testing to perform included testing of segregation of duties to assist the client in improving their user management, authentication management, authorization management, access management and provisioning capabilities

· Conducted ITGC walk through and detailed testing by reviewing document and observing procedures to gather useful evidence

· Involved in conducting SOX ITGCs testing and IT application Control testing, audit readiness, attestation engagements, Infrastructure audit, compliance, and risk assessment

· SOX walkthrough meetings with control owners, and internal/external auditors, and perform follow-up discussions as needed

· Performs walk through and executes testing procedures to determine control design/operating effectiveness against industry standards (SOX, COBIT, COSO, FISMA, FISCAM, A-123, ITIL, NIST, FFIEC)

· Conducted and supervised end to end SOX IT audit process including engagement planning, coordination, scope determination, risk and control identification, design of audit program, procedures, test control and evaluate results.

· Drafted well-written audit reports and other communication to foster accurate interpretation.

• Developed and created IT Audit program including access control, change management, IT operations and application controls Identified deficiencies in the design and operating effectiveness of controls and provided recommendations for all clients.
• Implemented appropriate security controls for information system based on NIST 800-53 rev 4.
• Participated in SAP transaction testing to perform included testing of segregation of duties to assist the client in improving their user management, authentication management, authorization management, access management and provisioning capabilities.
• Conducted ITGC walkthrough and detailed testing by reviewing document and observing procedures to gather useful evidence.
• Involved in conducting SOX ITGCs testing and IT application Control testing, audit readiness, attestation engagements, Infrastructure audit, compliance, and risk assessment.
• SOX walkthrough meetings with control owners, and internal/external auditors, and perform follow-up discussions as needed. -Performs walkthrough and executes testing procedures to determine control design/operating effectiveness against industry standards (SOX, COBIT, COSO, FISMA, FISCAM, A-123, ITIL, NIST, FFIEC).
• Conducted and supervised end to end SOX IT audit process including engagement planning, coordination, scope determination, risk and control identification, design of audit program, procedures, test control and evaluate results.

• Managed the review of changes in company processes, standards, and technology to ensure the effectiveness of security controls to meet compliance requirements.
• Identified and reported on new and emerging security risk and risk trends, including participating in risk remediation solution discussions and updates to compliance policy and standards.
• Conducted risk evaluation by examining related risk, key controls and developing appropriate audit measures to test control identified.
• Managed and managed different applications using Archer GRC system to perform activities such as Remediation, Risk acceptance/Exception, Risk assessment, Risk calculator, Gaps & finding etc for multiple clients.