PATRICK ADUSEI
AURORA,USA
Summary
Results-driven Information System Auditor with expertise in SOX 404 compliance, risk assessments, and IT security. Proven track record of enhancing system security monitoring through diligent audit engagements and testing of controls. Committed to delivering high-quality insights that drive organizational growth and compliance. Seeking to leverage strong analytical skills in a dynamic environment focused on risk management and operational excellence
Overview
9
9
years of professional experience
1
1
Certification
Work History
SOC AUDITOR AND SOX COMLIANCE ANALYST
LEVEL 3 COMMUNICATION
05.2020 - Current
- Develop, maintain, and oversee a comprehensive SOX AUDIT program and SOC 2 Type 2 that aligns with the organization enterprise risk appetite and regulatory expectations
- Development of Internal Controls, Internal Controls testing and Risk Management
- Perform Audit testing for ITGC and Application Controls
- Coordinate and perform walkthroughs with external and internal auditors
- Collaborate with cross-functional teams to determine the necessary corrective action plans (COA) and develop effective mitigation strategies
- Update testing documentation in Sox Hub application
- Perform SOX Audit using Cobit 5 or COSO framework
- Engage with Senior Sox Auditors and Managers to ensure testing is completed effectively and efficiently
- Developed and implemented comprehensive risk assessment frameworks
- Perform and document test of design (TOD) and test of effectiveness (TOE) on key controls
- Provided guidance and training to internal audit teams on best practice, enhancing organizational awareness and adherence to policies and procedures
- Develop and implement risk management strategies and mitigation plans to minimize potential threats and vulnerabilities arising from internal controls
- Conduct regular reporting to senior management and appropriate on the status of internal controls, the effectiveness of the control environment, the results of risk assessments, and any change on the regulatory including the detection of emerging risk
THIRD PARTY RISK ANALYST
HOSPITAL SHARE SERVICES
06.2018 - 05.2020
- Company Overview: ACCENTURE HOSPITAL CONTRACT
- Managed a portfolio of sixty vendors relationships, assessing and mitigating risk associated with each partnership
- Implemented a vendors scorecard system, facilitating data-driven decision making and improving vendor selection processes
- Verify answered security questionnaire from vendors
- Submit closing assessment reports including risk findings, risk impact and mitigation to Business Unit
- Conduct thorough analysis and assessment of third-party vendors’ security posture
- Develop and implement risk management strategies and mitigation plans to minimize potential threats and vulnerabilities arising from third-party relationships
- Collaborate with cross-functional teams to identify and escalate potential issues
- Provide guidance on risk management to ensure compliance with regulatory requirements and internal policies
- Review security artifacts submitted by Vendors (PCI-DSS, ISO-27001, SOCs, Pen-Test)
- ACCENTURE HOSPITAL CONTRACT
SOX CONSULTANT
SMARTTHINK LTD
03.2016 - 06.2018
- Completed application-level controls of invoices and payments authorizations covering financial applications and ERP packages
- Tested the effectiveness of key infrastructure controls in network security, disaster recovery and change management
- Conducted walkthroughs and teste 25 controls and defined sample size selection and testing methodology for manual and automated controls
- Identified exceptions and implemented roll forward procedures
- Tested general computer controls provided by operations and business units and identified operation deficiencies
- SOX 404 Remediation Project
- Assisted the Director in fraud investigation
- Planned audits or reviews of selected IT audit areas via system walkthroughs and control risk assessments
- Performed tests of controls on selected systems and prepared work documentation in accordance with department standards
- Worked in the logging and monitoring team as part of the Apple Federal Credit Union SOX initiative
- Participated in SOX Framework sessions and provided tracking and consolidated risk management and deliverables calendar
- Work with Active Directory for authenticating and authorizing all users and computers withing a network of Windows domain type
Education
BACHELOR OF SCIENCE - COMPUTER SCIENCE
KWAME NKRUMAH UNIVERSITY OF SCIENCE & TECHNOLOGY
KUMASI, GHANA06.2002
Skills
Risk & Compliance: Vendor Due Diligence, Third-Party Risk Management (CTPRM), Risk Mitigation, Compliance Testing, IT General Controls (ITGCs), SOX, COSO/COBIT, SAS-70
Regulatory Standards: ISO 27001, NIST 800-53, PCI-DSS, HIPAA, HITRUST, SOC 1 & SOC 2, GDPR
Audit & Security: Vendor Audits & Assessments, Security Questionnaires (SIG), Access Control, Change & IT Controls Testing
Technical Proficiency: ITIL 4, ServiceNow, SharePoint, Microsoft Office Suite (Excel, PowerPoint, Windows), Data Analysis & Reporting
Leadership & Collaboration: Team Leadership, Cross-Functional Collaboration, Contract Negotiation
Disaster Recovery & Business Continuity: Security Assessment Reports (SAR), Recovery Objectives (RTO & RPO)
Certification
- COMPTIA SECURITY +
- CISA
- ITIL 4
- CISM & CISSP PURSING BY END OF YEAR
Affiliations
- Information Systems Audit and Controls Association (ISACA)
- The Institute of Internal Auditors (IIA)
Timeline
SOC AUDITOR AND SOX COMLIANCE ANALYST
LEVEL 3 COMMUNICATION
05.2020 - Current
THIRD PARTY RISK ANALYST
HOSPITAL SHARE SERVICES
06.2018 - 05.2020
SOX CONSULTANT
SMARTTHINK LTD
03.2016 - 06.2018
BACHELOR OF SCIENCE - COMPUTER SCIENCE
KWAME NKRUMAH UNIVERSITY OF SCIENCE & TECHNOLOGY
Similar Profiles
Catherine BlackCatherine Black
Student at Crosskeys College Complementary Therapy Level 3Student at Crosskeys College Complementary Therapy Level 3
ASHENAFI GETAHUNASHENAFI GETAHUN
Nurse B.S.C at North West Command Level 3 HospitalNurse B.S.C at North West Command Level 3 Hospital
Luis JaramilloLuis Jaramillo
Event Producer at Level 3Event Producer at Level 3