Remote IT Auditor (CISA, CRISC). SOX, SAP, OEBS, Hyperion, AML, KYC
System, Database and Network administration:
• Windows family OS and Active directory.
• Linux, Unix family OS.
• MySQL, Oracle Pl SQL languages.
• Antivirus packages McCafe, Dr. Web, MS Fore Front.
• Firewall software.
• Network infrastructure configuration.
• Identity management and Single sign on systems.
Business logic knowledge and administration of ERP platforms:
• Oracle EBS (Modules Procurement, Inventory, S2C, Finance, Production, Logistics).
• SAP (Modules Procurement, Finance, Treasury, HR).
• Oracle Hyperion (Modules HFM, FDQM, CNS).
• Oracle BI; Boss-Kadrovik; 1C; Galaktika.
• Warehouse Management Systems: Manhattan, Solvo.
• Front and Core banking systems, Cards transaction monitoring applications, KYC and AML banking solutions.
Application packages experience:
• Windows 7, MS Office (Word, Excel, Power Point, Access); MS Exchange Server; MS Share Point, Lotus notes.
• Business process management modeling software: BPWin, Aris, MS Visio, Industry Print.
• Internal Bank’s solutions for Risk assessment, Monitoring recommendations and Time tracking of auditors.
Key professional skills:
• Working knowledge of Data Quality and Master Data Management.
• Understanding the business purpose of data and how it supports related business processes, e.g. manufacturing and other consumer production workflow (P2P, S2C, Treasury, FSCP, Etc.).
• Knowledge of the financial reporting process (Russian Accounting Standard, US GAAP).
• Ability to communicate working results to the client management as they occur after agreeing on action plans with the relevant functional owner.
• During financial audits, I supported other auditors who are not ‘tech savvy’, e.g. trainings were conducted to enhance Oracle working knowledge of main modules and access rights audit techniques; methodologies and user guides were written (data extraction from OEBS, its data architecture, main fields and their description, etc.).
Benchmarking frameworks and standards understanding: Sarbanes-Oxley act of 2002, COSO, COBIT, ITIL, ISO 17799, ISO 27001, Risk-based audit approach.
• IT control framework was developed in PepsiCo including risk assessment, controls implementation, control owners certification, permanent control testing with follow-ups.
• More than 40 audit projects and follow-up projects were done, reports were presented to the company management, issues were discussed and resolved. Audited areas: System security, Change Management, DRP/BCP, Operational management, P2P, I2C, S2C, FSCP, Treasury, Payroll, Raw milk procurement.
• ITGC and Application SOX controls were designed and implemented. Company successfully passed external audits with more than a 90% pass rate for 7 years.
• Three post implementation reviews of key ERP platforms (Oracle EBS and SAP) were executed during internal and international projects.
• More than 50 functionality enhancements were implemented in the Oracle financials (Oracle E Business Suite and Oracle Hyperion) on Application and General controls layers.
• More than 10 IT audits conducted in Banks (3 of them are joint missions with general practice auditors) with respect to main Core banking systems (Equation, Diasoft, etc.) and IT processes (Change, Incident, Access management and etc.).