Primary focus is helping clients set the vision, governance, and operating model for compliance programs focused on assessing and proactively mitigating key risks with the use of technology.Experience leveraging the latest digital technologies to enable capabilities as part of a compliance program, such as data science and analytics, machine learning, Robotics Process Automation (RPA), data visualization, and cloud technologies.Recent projectsDesigned and implemented an end-to-end, leading practice data analytics solution that proactively identifies potential high corruption risk sales transactions for additional compliance oversight before approval.Designed an analytic that risk scores third-parties and provides insights across both compliance and the business to be used when key decisions are being made throughout the third-party lifecycle.Designed an analytics program focused on correlating multiple datasets to detect trends to mitigate and monitor specific risks and issues identified as part of legal investigations.

Project team lead representing Internal Audit during a full cycle SAP implementation. Performed numerous point-in-time and on-going assessments, including the following areas of focus: project governance, risk assessments, interfaces and conversions, process controls, benefits realization, and business readiness.Managed the Sarbanes-Oxley (SOX) compliance program for IT general controls and application controls. Acted as a liaison with External Audit teams.Planned and managed IT audits related to cloud security, mobile security, information and employee data protection, identity & access management systems, and IT Project Management.Acted as a trusted advisor to the IT organization and business with regard to control implementation and process improvements.

Independently assessed the IT general control and business process control environments for a number of clients in the following areas: access to programs and data, program changes, program development and computer operations. Recommended effective methods and strategies to address weaknesses; communicated progress and results to client management.Performed an analysis of the segregation of duties rule set within the SAP GRC Access Control suite. Identified and tested SAP business process controls within the FI, CO, and MM modules. Provided consultative assistance and performed assessments to optimize a client’s use of SAP and related technologies. Actively partnered with business process owners to implement improved control practices related to system configurations, master data management, and SAP security. Provided consulting to client’s internal audit department during the plan, blueprint, build, and implement phases of SAP implementation project. Provided control and governance expertise to project team throughout phases.Performed business continuity activities for a business group within a Fortune 100 software company. This included performing a business impact analysis for each of the business areas, a dependency and gap analysis for critical processes identified, and developed and implemented strategies to address these gaps. Also assisted in the development of Business Continuity and Disaster Recovery Plans for each business area.Led Federal Information Security Management Act (FISMA) and Federal Information System Controls Audit Manual (FISCAM) reviews for a federal government agency.