Managing an internal IT audit team responsible for compliance with IT general controls performed for various managed service clients, documenting processes used to service managed service clients, and work with clients to assist in meeting their own audit obligations. In addition, the team monitors and reports on monthly service levels as outlined in client contracts and work with internal IT teams and the client to remediate any issues.

Excited and happy to have accepted this role with OnX Canada. Really looking forward to working with the team who have welcomed me with open arms!

Six month contract with NL Hydro's Internal Audit team. Made the hard decision to resign part way through to take permanent position elsewhere.

Internal auditor with Governance, Risk and Compliance

• Query and manipulate data for investigative analysis and reporting.• Frequently use SQL, Excel, and VBA.• Learned an insurance modeling tool, Towers Watson ‘Radar’, to build a Generalized Linear Model verify premium calculations.

• Member of the Working and Steering Committees tasked to bring Johnson compliant with the Payment Card Industry Data Security Standard (PCI DSS). Involved in project planning, coordinating, monitoring project status, and control implementation.• Lead the roll-out of an End User Computing Applications Policy across Canadian operation (RSA Canada and Johnson).• Working with System Operations to identify risks and implement appropriate controls.• Conduct information security due diligence on third party vendors prior engagement.• Documenting and testing of IT General Controls (ITGCs), including Change Management and the SDLC, where testing would be followed by a comprehensive report to management on strong controls, identified risks / gaps, and recommended remediation.• Active in planning and executing security awareness throughout the organization.• Contracted out a complete review of ITGCs in 2012 to EY which started with developing a business case to seek such services and then managed a team of two who did the work.• Play a key role in information security incident response.• Conducted and evaluated physical security assessments on various office locations.• Quarterly reporting of security control status to RSA Security Head Office (UK).• Became leader of a new team in 2007 with one direct report (the System Compliance team which was merged into the Enterprise Risk team in 2009).• Acting as a conduit for the business to address Systems Compliance and Security concerns and working with them to resolve.• Acted as the Business Continuity Coordinator for the Business Continuity National Working Group (2008).• Took initiative by developing and testing Johnson’s first Disaster Recovery Plan.

Similar to role above

• Scheduled and performed quarterly tests around IT General Controls.• Worked with the Systems department to embed processes such as SDLC methodology, helped improve problem management practices.• Reported results quarterly or as required.• Updated process documentation by seeking answers from appropriate Systems staff.

• Initially maintained and improved a Client Management System for the Consulting Department.• Created an application using MS Access and VBA to replace the Client Management system noted above.• Provided training and support above application by traveling to various Regional Offices where to present at forums and trained large groups.• Worked closely with senior management to provide necessary reports for decision making and billing.