Arielle Happy
Washington DC Metropolitan Area
Summary
Experienced IT Auditor with 5+ years of experience in risk management and financial reporting seeking to leverage expertise in data analysis to ensure compliance and accuracy within a company looking for a challenging role where I can use my technical knowledge to perform audits and identify potential risks. Working with the audit project team to achieve departmental goals and to ensure awareness of changes in business activities and objectives. Evaluating IT control, analyzing and assessing IT controls, risk mitigation, security, compliance, including the entire IT audit process. Communicating effectively with all levels of management to ensure full understanding of IT objectives, risks, and controls. Proven expertise in conducting in-depth audits and devising successful improvement strategies. Methodically evaluated documents and systems and initiated corrections in compliance with established standards. Superb analytical and communications skills enabled optimum results.
Overview
7
7
years of professional experience
1
1
Certification
Work History
IT Auditor/Compliance Analyst
MSC Industrial Supply Co.
07.2022 - Current
- Perform IT General Controls (ITGCs) and IT Application controls ITACs) to determine design adequacy and operating effectiveness
- Perform SOX and PCI audit in complying with various regulations and requirements
- Execute cybersecurity audit testing physical, technical, and administrative control within the preventive, corrective, corrective and compensating controls
- Perform cloud computing audit to determine design adequacy and operating effectiveness
- Review SOC 1 type II, SSAE 18 reports as part of the internal control testing
- Perform backup, recovery, and business continuity control testing to determine design adequacy and operating effectiveness
- Experience performing audits with IT general controls (ITGC) such as Access Control (AC), Change Management (CM) and Contingency Planning (CP) using SOX and COSO
- Participate in the execution of risk-based projects, using the IT audit process from planning, execution, reporting and recommendation follow-up phases if required
- Execute IT infrastructure control testing – Databases, Networks, and Operating Systems
- Utilize various security standards and frameworks to execute audit - CobiT, COSO, NIST, ITIL, ISO ITIL to conduct audit
- Collaborate with the external auditors and co-sourced resources in executing technical audits
- Examine various technology risks and internal controls to mitigate identified risks
- Ensured timely completion of all assigned tasks within set deadlines.
- Analyzed financial data and prepared reports outlining findings and recommendations.
- Involve in recommendation follow-up, based on the result of control testing during the audit.
IT AUDITOR
Cardinal Bank
02.2019 - 06.2022
- Perform IT risk assessment, document related risks, and note key control issues; develop appropriate audit programs to test controls and subsequently evaluate control designs, optimization, and assurance over operational and compliance processes
- Performed review of third-party vendors SOC 2 report to validate that the controls around the sensitive data we share with them are appropriately designed and operating effectively
- Participate in team kick-off meetings with auditees and colleagues to draw up an audit scope
- Present identified issues, and testing exceptions, and recommend an action plan to fix
- Prepare detailed work papers that present the outcome of testing and walkthroughs
- Engage in the IT audit process in conducting an end-to-end audit project from planning, fieldwork, reporting, and follow-up
- Creating and maintaining Tableau dashboards and reports for management and other stakeholders
- Performing audit of IT infrastructure and applicable database- operating system, Unix, Mainframe, SQL, Oracle
- Execute SOC 1, 2, 3, and SOC 1 Type I control testing, and review SOC I type II and SSAE 18 reports
- Perform Information Security and Cloud Computing audit testing primary controls to determine design appropriateness and operating effectiveness
- Perform SOX and PCI annual compliance audits in meeting regulatory mandates using COS, CoBit, FFIEC, ISO, ITIL, and NIST frameworks and Perform walkthroughs to the design appropriateness and operating effectiveness of tested controls
- Junior IT Auditor Associate Execute post and pre-SDLC implementation review to determine design adequacy and operating effectiveness of controls
- Perform access management control testing, provisioning, de-provisioning, attestation, and re-certification
- Possess an understanding of business, IT processes, and testing of primary controls
- Conduct IT General Controls (ITGCs) and IT application controls (ITACs) testing to verify design adequacy and operating effectiveness
- Execute agile methodology to find solution improvement through the collaborative effort of self-organizing and cross-functional teams.
Blue Cross Blue Shield – IT Auditor
Baltimore, MD
11.2016 - 02.2019
- Conduct various risk-based audit, risk management, policies, standards, processes and procedures, technology risk assessment, and third-party supplier risk process and requirements
- Collaborated closely with other team members to develop effective audit plans.
- Perform SOX and PCI audit in complying with various regulation and requirements
- Identify risks and collaborate with team leadership, IT business management and external auditors on audit planning, testing and evaluation procedures, which includes working with the IT business on process, controls, documentation and issues
- Prepare clear, accurate and concise audit work papers that summarize scope, audit plan methodology and conclusions for audit field work to stakeholder groups with limited IT knowledge
- Applied professional judgment in gathering and evaluating evidence for thorough analysis.
- Worked closely with management to discuss external audit results and action plans.
- May support internal and external audit/compliance groups with various activities that may include, testing, documentation, client request materials, and data validation
- Perform backup, recovery, and business continuity control testing to determine design adequacy and operating effectiveness
- Utilize various security standards and frameworks to execute audit - CobiT, COSO, NIST, ITIL, ISO ITIL to conduct audit
- Managed completion of planned audits, reviewed records, and procedures for accuracy to accomplish objectives and appraised policies and plans under audit review.
- Examine various technology risks and internal controls to mitigate identified risks.
- Supervised audit staff to align goals with company and deliver excellent internal audit services.
Education
BS. ML Technology -
University of Douala
Skills
- COBIT
- NIST
- Audit Findings
- ISO
- Windows
- Risk Assessments
- Audit Plan
- Audit Reports
- Teammate
- HIPAA
- Project Management
- Audit Scope
- Compliance Audits
- Professional Standards
- Internal Controls
- SDLC
- CITRIX Office Tools
- Visio
- Report Writing
- Process Evaluations
- Account Reconciliation
- Forecasting
- Audit Planning
- Regulatory Compliance
- Data Analytics
- Compliance Standards
Certification
- CompTIA Security +, 04/01/23
- CISA, 04/01/23
Cell
(571) 288-3408
References
References available upon request.
Timeline
IT Auditor/Compliance Analyst
MSC Industrial Supply Co.
07.2022 - Current
IT AUDITOR
Cardinal Bank
02.2019 - 06.2022
Blue Cross Blue Shield – IT Auditor
Baltimore, MD
11.2016 - 02.2019
BS. ML Technology -
University of Douala