Steven Hastings

IT and Business Operations leader with expertise in managing SOX, internal audit, and regulatory compliance projects. Twenty years of experience partnering with organizations (from start-up to large enterprise) in a variety of sectors to improve operational effectiveness. Experience leading a wide range of business functions including IT, HR/benefits, engineering, A/P, A/R, shipping & receiving, inventory, financial close and accounting support, and customer service centers. Proven strength in strategic and critical thinking, collaboration, and relationship management. Track record of driving increased compliance, profitability, and performance improvement.

• IT Project Manager/ Senior IT & Bus SOX / Consultant, RGP, San Francisco, CA, 02/2016, 2021, Planned and executed SOX reviews (IT & Business) and audits, including leading teams, working with internal and external auditors, and completing appropriate documentation. Worked with IT department leads to support and manage review processes. Partnered with leaders to establish policies and priorities that align with business goals and regulations. Identified and presented critical issues assessment and final issues reports to stakeholders. Led completion of SOX project objectives, as an IT Project manager, for eight clients across banking, technology, biotech, brokerage and other sectors. Leveraged expert knowledge of various systems/applications (SAP, Oracle, SAGE, ADP, Concur, etc.) in client consultation to determine best systems and applications controls and IT audit testing programs and Security Program reviews to comply with Federal Fiduciary Guidelines and standards. Designed and implemented process improvements and trained team members.
• Chief Operations Officer (COO), Packet Fusion, Inc., San Mateo, CA, 01/2007, 12/2015, Managed all operational functions for a $60M tech company reporting to the CEO. Managed IT, HR/benefits, engineering, finance and accounting, A/P, A/R, shipping & receiving, inventory, customer service centers, vendor management. Directed project installation, special initiatives, and process analysis. Directed company to significant growth (from 12 employees supporting 100 companies to 60 employees supporting 400 plus companies. Led the operations teams through rapid scaling during revenue growth from $3M to $50M.
• Risk Management and Audit Consultant, Jefferson Wells, San Francisco, CA, 01/2006, 01/2007, Managed a range of teams and projects. Planned SOX projects, prepared SOX documentation, coordinated with external auditors and clients, and reviewed workpapers. Coordinated ad hoc projects, reviews, and deliverables. Created new processes for key controls and initiatives and trained team members. Served as liaison between SOX, IT Compliance PWC, external auditors, IT groups, and business cycle owners. Served organizations in banking, brokerage, technology, manufacturing, and global shipping. Tested rely and non-rely business cycle controls and ITGC and ITAC controls, change management, security access, backup/computer operations, and automated controls for key controls for purchasing, payroll, inventory, order to cash, equity, and revenue. Evaluated clients’ current operations systems and processes to identify improvement opportunities.
• Risk Management and Audit Consultant/Associate, RGP, San Francisco, CA, 01/2005, 01/2006, Completed SOX project for $1.8B financial institution, two $500M tech firms, and a top-five global shipping company. Assessed adequacy of SOX control systems for Charles Schwab, Union Bank, Dolby US, and Dolby international subsidiary. Work performed included process and system review, risk assessment, flowcharts, test programs, documentation, recommendations, and reporting audit findings. Partnered with Security groups to align general IT and key controls.
• Senior Associate, Audit and Consulting, Wells Fargo, San Francisco, CA, 01/1999, 01/2003, Performed internal and external financial reporting review (SOX) and analysis
• Associate, Internal Audit, Charles Schwab, San Francisco, CA, 01/1996, 12/1998, Performed business and IT internal audit review for all business divisions & business cycles

• CISA License
• CISM certified and Cybersecurity coursework (CSX)
• Accounting and Finance coursework at San Francisco State University
• Cobit, FFEIC and NIST coursework

CISA