Denise King Email and Phone Number

 Leading the delivery of complex technology, cybersecurity, and integrated audits from designing an approach, planning, executing, and scoping through proactive discussions with business and IT management, reporting issues, and resolution closure, including application, infrastructure, and security audits Maintaining IT control systems and processes developed to ensure adherence to IT compliance guidelines and internal policies, including NIST, ISO/IEC 27000, FDA 21CFR Part 11 Acting as a subject matter expert (SME) for IT compliance-related procedures, deliverables, and activities via client audits and questionnaires. Revising and maintaining IT Compliance policies, procedures, forms, and work instructions. Conducting and reporting IT internal audit findings against all internal corporate and IT policies, procedures, and external agency regulations. Overseeing corporate Security Awareness Training and Assessment for all employees and contractors. Performing IT vendor/supplier security reviews. Managing and executing day-to-day compliance operational tasks; client IT questionnaires, compliance metrics reporting, audit finding responses, internal/client audits, IT vendor assessments, and document review. Performing project reviews with a focus on risk assessment, user access, audit trails, and computer system validation. Discussing audit findings with management and ensure appropriate actions are agreed to mitigate risks identified. Performing gap analyses, review audit results, and participate in the identification of root causes to determine and implement corrective actions/preventive actions (CAPA). Measuring and reporting IT Compliance performance against internal and external benchmarks and industry best practices. Supporting the evaluation of the efficiency of controls and improving them continuously. Making recommendations and developing action plans for continuous quality improvement.

 Planned, managed and executed audit plans ensuring accuracy and relevance in the achievement of operational goals and applicable regulations and laws through testing, documentation of workpapers and conclusions Identified and analyzed IT control weaknesses and/or inefficiencies and recommend appropriate actions or improvements  Successfully project-managed, implemented and maintained multiple ISO certifications on a global scale Coordinated on-site 3rd party audits with external registrars and auditors Communicated with all levels of the organization using professional and effective communication skills to ensure audit findings and recommendations are understood Assisted the control owner in identifying causes or contributing factors relating to process variances through application of process mapping and root cause analysis techniques and other special projects Led and provided guidance to other audit staff in the performance of audit engagements or other training opportunities Project managed the establishment of the vendor management center along with security reviews and vendor risk rating

- Training and Documentation Partnered with leadership to provide accurate, relevant, and effective training to ensure compliance to applicable regulatory, customer and ISO 9001, ISO 27001 requirements Utilized instructional design techniques to develop global training for the organization Developed standard survey to collect feedback and use this for continuous improvement and coaching opportunities Composed training related reports and meeting recaps at planned intervals Conducted root cause analysis training and meeting facilitation methodologies and techniques- Quality Assurance Management Facilitated development, implementation and management of key performance indicators (KPIs) for each department area; reported on results using trend analysis Implemented on a global scale the ISO certifications resulting in 76% growth in services worldwide Led Service Desk Best Practices development and implementations on a global scale resulting in consistent, high quality delivery to customers, including standardized new hire training Established corporate quality objectives and customer satisfaction survey reporting to top management quality system results; formulated action plans resulting in improvements within the service life cycle Performed risk assessments/compliance audits against quality and regulatory standards (ISO 9001:2015, ISO 20000, ISO 27000, ITIL, FDA regulations: HIPAA and 21 CFR Part 11) Developed and implemented corporate policies and standard operating procedures (SOP); managed document reviews, revisions, and archiving Created and launched tools for document management and corrective/preventative action Built from the ground up the internal audit program, templates and resources resulting in value-add, consistent inspections Coordinated on-site 2nd and 3rd party audits with external registrars and auditors Conducted compliance control reviews to ensure controls, testing scripts, and risk statements were accurate

- Provided computer end-user training- Developed computer end-user courseware- Provided hardware and software support- Installed software and peripherals- Developed the layout and design of sales presentations- Prepared proposals for prospective customers

- Responsible for the management of the Branch Education Department which included student and instructor management, administrative functions, student morale and retention.- Earned "Teacher of the Year" award - 1988- Taught various business courses which included business math, law office management, medical terminology, computer literacy, and accounting.