SlideShare a Scribd company logo

Bayo Omisore, IT Auditor-Compliance Analyst

Download as DOCX, PDF
B
Bayo Omisore.
1 of 3
Bayo Omisore CISA, CRISC. 773-310-2645 Bayo.omisore@gmail.com PROFILE: IT Auditor with over 13 years of technology audit, risk, security, assurance, compliance, governance and project execution that aligns IT with business objectives. Experience in business process documentation, risks and technology aligned reviews and assessment that provides efficiency and effectiveness. Project implementation experience including risk identification and pre/post implementation reviews. Several implementations and reviews of SOX 404. Industry experience includes Manufacturing, Insurance, Information Services, Moving and Relocation Services, Utility services, Consumer Goods, High Tech and Pharmaceutical industries. EDUCATION: NIGERIAN LAW SCHOOL, Lagos, Nigeria. Barrister and Solicitor of The Supreme Court of Nigeria, October 1995. OBAFEMI AWOLOWO UNIVERSITY, Ile-Ife, Nigeria. Bachelor at Law, April 1994. EXPERIENCE 2009-February 2017 - Methode Electronics Inc., Harwood Heights IL. (Sr. IT Auditor) Audit Lead responsible for managing the information system audit and advisory resource. Execution and supervision all technology audits (applications and infrastructure), and the related business processes. Identifying and evaluating risks within the risk management system covering all the organization’s global business units in Europe, Asia, and North America.  Continuously Identify and evaluate IT and business risks and make recommendations that support business objectives.  Plan and execute audit of operations and infrastructure  Plan and execute SOX 404 audits consistent with standards to achieve audit objectives  Perform control and security reviews on the applications (CMS, Sage 100, Abra, Cognos Shireburn) running business processes.  Review and test infrastructure controls and security on the AS400 and Windows platforms  Document IT and business processes, application and general computer controls and security.  Identify risks around access security, Change Management, and Business continuity operations for both compliance and business objectives.  Test process and control designs and operating effectiveness, document results and findings and monitor remediation of identified issues.  Conduct customer interviews; facilitate customer presentations and data gathering sessions.  Provide guidance and mentoring to the internal audit team members on IT related business issues.  Assess the organization’s adequacy of IT policies, strategies and controls  Promote innovative practices for conducting integrated audits and document IT risks through the implementation and use of automated analytics.  Provide assurance relative to system development projects.
 Identify and research significant auditing and internal control issues, provide clear documentation and analysis of conclusions reached and make recommendations for fixes and improvements  Evaluate complex business and technology risks, and related opportunities for improving automated controls.  Manage the IT SOX 404 efforts with external auditors to maximize audit efficiency and minimize regulatory compliance expenditure. 2004 – 2009 IT Audit Consultant:  CNA Insurance, Chicago IL  Lansing Board of Water and Light, Lansing, MI  SIRVA Inc. – Westmont, IL.  Sara Lee corp. – Chicago IL.  Ceridian Corp, - Atlanta GA  Diebold, Canton, Ohio  Memphis Light, Gas and Water, Memphis, TN  Worked with senior client management to determine the scope of engagements, develop audit programs, and execute audit.  Documentand review IT and business processes,thealigned application and infrastructure, to identify risks, controls and security in place, and identify gaps needing recommendations.  Review and evaluate infrastructure security compliance that safeguards organizational critical assets.  Perform testing of the infrastructure environment controls that assures safeguard of information processing, storage, and transmission.  Review IT security policies and standards that addresses system currency, servicedelivery, business continuity and system development.  Document, evaluate, and test business process controls that assures data integrity, business efficiency and safeguards against fraud.  Determine the risk profile and assess acceptable risk levels within the organizational objectives in scope.  Test application controls and security (SAP, Oracle, JD Edwards, PeopleSoft, CMS, etc) that addresses access security, programming, data transmission, input, output, and processing objectives.  Utilize best practices in frameworks such as COBIT, ITIL, CMM, and ISO to defined standards and requirements for the achievement of audit and key IT/business objectives.  Perform Walkthroughs of IT and business processes to evaluate process and controls design, gaps and risks that impacts financial reporting for SOX 404 compliance.  Performed testing that determine the effectiveness of access security,segregation of duties, configuration management, change management, disaster recovery, processing integrity, etc.  Performed SAS70 audit that achieves the security and controls requirements for a service organization.  As a key of system development project, evaluate adequacy of procedures, identify project risks, review project process compliance and project deliverables that ensures overall project success.  Liaise with IT and business management on issues remediation, process and control improvements  Develop a scorecard based continuous assessment program for IT processes controls and security that enables pro-active identification, tracking and evaluation of business related IT issues to identify areas of deficiencies.  Utilize Bizright and Compliance Calibrator to perform segregation of duties review in Sales, Purchasing, Inventory and Payroll processes to identify incompatible security permissions that permits the potential for fraud
 Using automated tools (Foundstone, Bindview, Qualysguard, etc.) identified infrastructure security vulnerabilities and followed up on corrective actions that mitigates the risks.  Worked with management and process owners to improve processes, procedures, controls and security.  Facilitated and led the implementation of the COBIT framework for the improvement of the IT processes and audit procedures.

Recommended

Resume-APOORVA KABRA
Resume-APOORVA KABRAResume-APOORVA KABRA
Resume-APOORVA KABRA
Apoorva Kabra
 
CISA Domain- 1 - InfosecTrain
CISA Domain- 1 - InfosecTrainCISA Domain- 1 - InfosecTrain
CISA Domain- 1 - InfosecTrain
InfosecTrain
 
CISA Training - Chapter 2 - 2016
CISA Training - Chapter 2 - 2016CISA Training - Chapter 2 - 2016
CISA Training - Chapter 2 - 2016
Hafiz Sheikh Adnan Ahmed
 
International Standard on Assurance Engagements ISAE 3000 Audits
International Standard on Assurance Engagements ISAE 3000 AuditsInternational Standard on Assurance Engagements ISAE 3000 Audits
International Standard on Assurance Engagements ISAE 3000 Audits
Hernan Huwyler, MBA CPA
 
Implementing, Documenting and Testing Compliance Controls Hernan Huwyler
Implementing, Documenting and Testing Compliance Controls Hernan HuwylerImplementing, Documenting and Testing Compliance Controls Hernan Huwyler
Implementing, Documenting and Testing Compliance Controls Hernan Huwyler
Hernan Huwyler, MBA CPA
 
Bankauditin it env
Bankauditin it envBankauditin it env
Bankauditin it env
Dr Vijay Pithadia Director
 
Linda Lopez Resume 20170130 IT Security
Linda Lopez Resume 20170130 IT SecurityLinda Lopez Resume 20170130 IT Security
Linda Lopez Resume 20170130 IT Security
Linda Lopez
 
CISA Domain 1 The Process On AUDITING INFORMATION SYSTEMS
CISA Domain 1 The Process On AUDITING INFORMATION SYSTEMSCISA Domain 1 The Process On AUDITING INFORMATION SYSTEMS
CISA Domain 1 The Process On AUDITING INFORMATION SYSTEMS
ShivamSharma909
 

Recommended

Resume-APOORVA KABRA
Resume-APOORVA KABRAResume-APOORVA KABRA
Resume-APOORVA KABRA
Apoorva Kabra
 
CISA Domain- 1 - InfosecTrain
CISA Domain- 1 - InfosecTrainCISA Domain- 1 - InfosecTrain
CISA Domain- 1 - InfosecTrain
InfosecTrain
 
CISA Training - Chapter 2 - 2016
CISA Training - Chapter 2 - 2016CISA Training - Chapter 2 - 2016
CISA Training - Chapter 2 - 2016
Hafiz Sheikh Adnan Ahmed
 
International Standard on Assurance Engagements ISAE 3000 Audits
International Standard on Assurance Engagements ISAE 3000 AuditsInternational Standard on Assurance Engagements ISAE 3000 Audits
International Standard on Assurance Engagements ISAE 3000 Audits
Hernan Huwyler, MBA CPA
 
Implementing, Documenting and Testing Compliance Controls Hernan Huwyler
Implementing, Documenting and Testing Compliance Controls Hernan HuwylerImplementing, Documenting and Testing Compliance Controls Hernan Huwyler
Implementing, Documenting and Testing Compliance Controls Hernan Huwyler
Hernan Huwyler, MBA CPA
 
Bankauditin it env
Bankauditin it envBankauditin it env
Bankauditin it env
Dr Vijay Pithadia Director
 
Linda Lopez Resume 20170130 IT Security
Linda Lopez Resume 20170130 IT SecurityLinda Lopez Resume 20170130 IT Security
Linda Lopez Resume 20170130 IT Security
Linda Lopez
 
CISA Domain 1 The Process On AUDITING INFORMATION SYSTEMS
CISA Domain 1 The Process On AUDITING INFORMATION SYSTEMSCISA Domain 1 The Process On AUDITING INFORMATION SYSTEMS
CISA Domain 1 The Process On AUDITING INFORMATION SYSTEMS
ShivamSharma909
 
ISO 27004- Information Security Metrics Implementation
ISO 27004- Information Security Metrics ImplementationISO 27004- Information Security Metrics Implementation
ISO 27004- Information Security Metrics Implementation
Network Intelligence India
 
CISA Domain 1 - IS Auditing (day 1)
CISA Domain 1 - IS Auditing (day 1)CISA Domain 1 - IS Auditing (day 1)
CISA Domain 1 - IS Auditing (day 1)
Cyril Soeri
 
CISA Domain 3 - Information Systems Acquisition, Development and Implementation
CISA Domain 3 - Information Systems Acquisition, Development and ImplementationCISA Domain 3 - Information Systems Acquisition, Development and Implementation
CISA Domain 3 - Information Systems Acquisition, Development and Implementation
InfosecTrain
 
Cisa domain 1
Cisa domain 1 Cisa domain 1
Cisa domain 1
Ismail aboulezz
 
ISA 315 (Revised) - Exposure Draft Webinar, October 3rd, 2018
ISA 315 (Revised) - Exposure Draft Webinar, October 3rd, 2018ISA 315 (Revised) - Exposure Draft Webinar, October 3rd, 2018
ISA 315 (Revised) - Exposure Draft Webinar, October 3rd, 2018
International Federation of Accountants
 
Prof- Hernan Huwyler, MBA CPA ISO 37002 Roadmap
Prof- Hernan Huwyler, MBA CPA ISO 37002 RoadmapProf- Hernan Huwyler, MBA CPA ISO 37002 Roadmap
Prof- Hernan Huwyler, MBA CPA ISO 37002 Roadmap
Hernan Huwyler, MBA CPA
 
ISA 315 (Revised) - Exposure Draft Webinar
ISA 315 (Revised) - Exposure Draft WebinarISA 315 (Revised) - Exposure Draft Webinar
ISA 315 (Revised) - Exposure Draft Webinar
International Federation of Accountants
 
Best Practices & Considerations in “IT Suppliers Audit”
Best Practices & Considerations in “IT Suppliers Audit”Best Practices & Considerations in “IT Suppliers Audit”
Best Practices & Considerations in “IT Suppliers Audit”
Shankar Subramaniyan
 
Hernan Huwyler - Boards in a Digitalized World
Hernan Huwyler - Boards in a Digitalized WorldHernan Huwyler - Boards in a Digitalized World
Hernan Huwyler - Boards in a Digitalized World
Hernan Huwyler, MBA CPA
 
The importance of value for money and perfomance based audits
The importance of value for money and perfomance based auditsThe importance of value for money and perfomance based audits
The importance of value for money and perfomance based audits
paul young cpa, cga
 
Iso 27001 metrics and implementation guide
Iso 27001 metrics and implementation guideIso 27001 metrics and implementation guide
Iso 27001 metrics and implementation guide
mfmurat
 
Ch2 2009 cisa
Ch2 2009 cisaCh2 2009 cisa
Ch2 2009 cisa
asrulsani09
 
Resume - Viola_Iskandar
Resume - Viola_IskandarResume - Viola_Iskandar
Resume - Viola_Iskandar
Viola Iskandar
 
Vendor Management - PCI DSS, ISO 27001, E13PA,HIPPA & FFIEC
Vendor Management - PCI DSS, ISO 27001, E13PA,HIPPA & FFIECVendor Management - PCI DSS, ISO 27001, E13PA,HIPPA & FFIEC
Vendor Management - PCI DSS, ISO 27001, E13PA,HIPPA & FFIEC
ControlCase
 
ISO 31022 Management of Legal Risks IE Law School Masterclass Hernan Huwyler
ISO 31022 Management of Legal Risks IE Law School Masterclass Hernan Huwyler ISO 31022 Management of Legal Risks IE Law School Masterclass Hernan Huwyler
ISO 31022 Management of Legal Risks IE Law School Masterclass Hernan Huwyler
Hernan Huwyler, MBA CPA
 
Ed Sattar at TSCE: Understanding Regulatory Change Management in Environmenta...
Ed Sattar at TSCE: Understanding Regulatory Change Management in Environmenta...Ed Sattar at TSCE: Understanding Regulatory Change Management in Environmenta...
Ed Sattar at TSCE: Understanding Regulatory Change Management in Environmenta...
Ed Sattar
 
ISO 27001:2013 IS audit plan - by software outsourcing company in india
ISO 27001:2013 IS audit plan - by software outsourcing company in india ISO 27001:2013 IS audit plan - by software outsourcing company in india
ISO 27001:2013 IS audit plan - by software outsourcing company in india
iFour Consultancy
 
Continuous Auditing
Continuous AuditingContinuous Auditing
Continuous Auditing
Tianli Xie
 
The best way to use ISO 27001
The best way to use ISO 27001The best way to use ISO 27001
The best way to use ISO 27001
powertech
 
Strategy Insights - How to Quantify IT Risks
Strategy Insights - How to Quantify IT Risks Strategy Insights - How to Quantify IT Risks
Strategy Insights - How to Quantify IT Risks
Hernan Huwyler, MBA CPA
 
Proyecto 1(tic alternativa del suelo, factor indispensable para la vida)
Proyecto 1(tic alternativa del suelo, factor indispensable para la vida)Proyecto 1(tic alternativa del suelo, factor indispensable para la vida)
Proyecto 1(tic alternativa del suelo, factor indispensable para la vida)
Efrén Ingledue
 
Slide share
Slide shareSlide share
Slide share
sulenny diaz uceta
 

More Related Content

What's hot

CISA Domain 1 - IS Auditing (day 1)
CISA Domain 1 - IS Auditing (day 1)CISA Domain 1 - IS Auditing (day 1)
CISA Domain 1 - IS Auditing (day 1)
Cyril Soeri
 
Prof- Hernan Huwyler, MBA CPA ISO 37002 Roadmap
Prof- Hernan Huwyler, MBA CPA ISO 37002 RoadmapProf- Hernan Huwyler, MBA CPA ISO 37002 Roadmap
Prof- Hernan Huwyler, MBA CPA ISO 37002 Roadmap
Hernan Huwyler, MBA CPA
 
Best Practices & Considerations in “IT Suppliers Audit”
Best Practices & Considerations in “IT Suppliers Audit”Best Practices & Considerations in “IT Suppliers Audit”
Best Practices & Considerations in “IT Suppliers Audit”
Shankar Subramaniyan
 
Iso 27001 metrics and implementation guide
Iso 27001 metrics and implementation guideIso 27001 metrics and implementation guide
Iso 27001 metrics and implementation guide
mfmurat
 
Resume - Viola_Iskandar
Resume - Viola_IskandarResume - Viola_Iskandar
Resume - Viola_Iskandar
Viola Iskandar
 
ISO 31022 Management of Legal Risks IE Law School Masterclass Hernan Huwyler
ISO 31022 Management of Legal Risks IE Law School Masterclass Hernan Huwyler ISO 31022 Management of Legal Risks IE Law School Masterclass Hernan Huwyler
ISO 31022 Management of Legal Risks IE Law School Masterclass Hernan Huwyler
Hernan Huwyler, MBA CPA
 
Ed Sattar at TSCE: Understanding Regulatory Change Management in Environmenta...
Ed Sattar at TSCE: Understanding Regulatory Change Management in Environmenta...Ed Sattar at TSCE: Understanding Regulatory Change Management in Environmenta...
Ed Sattar at TSCE: Understanding Regulatory Change Management in Environmenta...
Ed Sattar
 
Continuous Auditing
Continuous AuditingContinuous Auditing
Continuous Auditing
Tianli Xie
 

What's hot (20)

ISO 27004- Information Security Metrics Implementation
ISO 27004- Information Security Metrics ImplementationISO 27004- Information Security Metrics Implementation
ISO 27004- Information Security Metrics Implementation
 
CISA Domain 1 - IS Auditing (day 1)
CISA Domain 1 - IS Auditing (day 1)CISA Domain 1 - IS Auditing (day 1)
CISA Domain 1 - IS Auditing (day 1)
 
CISA Domain 3 - Information Systems Acquisition, Development and Implementation
CISA Domain 3 - Information Systems Acquisition, Development and ImplementationCISA Domain 3 - Information Systems Acquisition, Development and Implementation
CISA Domain 3 - Information Systems Acquisition, Development and Implementation
 
Cisa domain 1
Cisa domain 1 Cisa domain 1
Cisa domain 1
 
ISA 315 (Revised) - Exposure Draft Webinar, October 3rd, 2018
ISA 315 (Revised) - Exposure Draft Webinar, October 3rd, 2018ISA 315 (Revised) - Exposure Draft Webinar, October 3rd, 2018
ISA 315 (Revised) - Exposure Draft Webinar, October 3rd, 2018
 
Prof- Hernan Huwyler, MBA CPA ISO 37002 Roadmap
Prof- Hernan Huwyler, MBA CPA ISO 37002 RoadmapProf- Hernan Huwyler, MBA CPA ISO 37002 Roadmap
Prof- Hernan Huwyler, MBA CPA ISO 37002 Roadmap
 
ISA 315 (Revised) - Exposure Draft Webinar
ISA 315 (Revised) - Exposure Draft WebinarISA 315 (Revised) - Exposure Draft Webinar
ISA 315 (Revised) - Exposure Draft Webinar
 
Best Practices & Considerations in “IT Suppliers Audit”
Best Practices & Considerations in “IT Suppliers Audit”Best Practices & Considerations in “IT Suppliers Audit”
Best Practices & Considerations in “IT Suppliers Audit”
 
Hernan Huwyler - Boards in a Digitalized World
Hernan Huwyler - Boards in a Digitalized WorldHernan Huwyler - Boards in a Digitalized World
Hernan Huwyler - Boards in a Digitalized World
 
The importance of value for money and perfomance based audits
The importance of value for money and perfomance based auditsThe importance of value for money and perfomance based audits
The importance of value for money and perfomance based audits
 
Iso 27001 metrics and implementation guide
Iso 27001 metrics and implementation guideIso 27001 metrics and implementation guide
Iso 27001 metrics and implementation guide
 
Ch2 2009 cisa
Ch2 2009 cisaCh2 2009 cisa
Ch2 2009 cisa
 
Resume - Viola_Iskandar
Resume - Viola_IskandarResume - Viola_Iskandar
Resume - Viola_Iskandar
 
Vendor Management - PCI DSS, ISO 27001, E13PA,HIPPA & FFIEC
Vendor Management - PCI DSS, ISO 27001, E13PA,HIPPA & FFIECVendor Management - PCI DSS, ISO 27001, E13PA,HIPPA & FFIEC
Vendor Management - PCI DSS, ISO 27001, E13PA,HIPPA & FFIEC
 
ISO 31022 Management of Legal Risks IE Law School Masterclass Hernan Huwyler
ISO 31022 Management of Legal Risks IE Law School Masterclass Hernan Huwyler ISO 31022 Management of Legal Risks IE Law School Masterclass Hernan Huwyler
ISO 31022 Management of Legal Risks IE Law School Masterclass Hernan Huwyler
 
Ed Sattar at TSCE: Understanding Regulatory Change Management in Environmenta...
Ed Sattar at TSCE: Understanding Regulatory Change Management in Environmenta...Ed Sattar at TSCE: Understanding Regulatory Change Management in Environmenta...
Ed Sattar at TSCE: Understanding Regulatory Change Management in Environmenta...
 
ISO 27001:2013 IS audit plan - by software outsourcing company in india
ISO 27001:2013 IS audit plan - by software outsourcing company in india ISO 27001:2013 IS audit plan - by software outsourcing company in india
ISO 27001:2013 IS audit plan - by software outsourcing company in india
 
Continuous Auditing
Continuous AuditingContinuous Auditing
Continuous Auditing
 
The best way to use ISO 27001
The best way to use ISO 27001The best way to use ISO 27001
The best way to use ISO 27001
 
Strategy Insights - How to Quantify IT Risks
Strategy Insights - How to Quantify IT Risks Strategy Insights - How to Quantify IT Risks
Strategy Insights - How to Quantify IT Risks
 

Viewers also liked

Proyecto 1(tic alternativa del suelo, factor indispensable para la vida)
Proyecto 1(tic alternativa del suelo, factor indispensable para la vida)Proyecto 1(tic alternativa del suelo, factor indispensable para la vida)
Proyecto 1(tic alternativa del suelo, factor indispensable para la vida)
Efrén Ingledue
 
Formato presentacion proyectos_educa_regional milton
Formato presentacion proyectos_educa_regional miltonFormato presentacion proyectos_educa_regional milton
Formato presentacion proyectos_educa_regional milton
Efrén Ingledue
 
30198 formato proyectos de aula
30198 formato proyectos de aula30198 formato proyectos de aula
30198 formato proyectos de aula
Efrén Ingledue
 
Fareed Ebrahim CV Feb 2017
Fareed Ebrahim CV Feb 2017Fareed Ebrahim CV Feb 2017
Fareed Ebrahim CV Feb 2017
Fareed Ebrahim
 
El orgullo reutilizar es salvar el planeta con integracion de medios digitales
El orgullo reutilizar es salvar el planeta con integracion de medios digitalesEl orgullo reutilizar es salvar el planeta con integracion de medios digitales
El orgullo reutilizar es salvar el planeta con integracion de medios digitales
Efrén Ingledue
 
Proyecto de aula rosmygomez
Proyecto de aula rosmygomezProyecto de aula rosmygomez
Proyecto de aula rosmygomez
Efrén Ingledue
 
Proyecto de aula rosiris garcia
Proyecto de aula rosiris garciaProyecto de aula rosiris garcia
Proyecto de aula rosiris garcia
Efrén Ingledue
 
Tipos de funciones
Tipos de funcionesTipos de funciones
Tipos de funciones
Pauly778
 
Planta y modelo_de_vivienda
Planta y modelo_de_viviendaPlanta y modelo_de_vivienda
Planta y modelo_de_vivienda
priscila Sanchez
 

Viewers also liked (20)

Proyecto 1(tic alternativa del suelo, factor indispensable para la vida)
Proyecto 1(tic alternativa del suelo, factor indispensable para la vida)Proyecto 1(tic alternativa del suelo, factor indispensable para la vida)
Proyecto 1(tic alternativa del suelo, factor indispensable para la vida)
 
Slide share
Slide shareSlide share
Slide share
 
Tìm hiểu C# và Ứng dụng
Tìm hiểu C# và Ứng dụngTìm hiểu C# và Ứng dụng
Tìm hiểu C# và Ứng dụng
 
Formato presentacion proyectos_educa_regional milton
Formato presentacion proyectos_educa_regional miltonFormato presentacion proyectos_educa_regional milton
Formato presentacion proyectos_educa_regional milton
 
Infografia de manucfactura.
Infografia de manucfactura.Infografia de manucfactura.
Infografia de manucfactura.
 
30198 formato proyectos de aula
30198 formato proyectos de aula30198 formato proyectos de aula
30198 formato proyectos de aula
 
Fareed Ebrahim CV Feb 2017
Fareed Ebrahim CV Feb 2017Fareed Ebrahim CV Feb 2017
Fareed Ebrahim CV Feb 2017
 
Visual notation
Visual notationVisual notation
Visual notation
 
Start After School Program Business Infographic
Start After School Program Business InfographicStart After School Program Business Infographic
Start After School Program Business Infographic
 
31699 caño guamal
31699 caño guamal31699 caño guamal
31699 caño guamal
 
El orgullo reutilizar es salvar el planeta con integracion de medios digitales
El orgullo reutilizar es salvar el planeta con integracion de medios digitalesEl orgullo reutilizar es salvar el planeta con integracion de medios digitales
El orgullo reutilizar es salvar el planeta con integracion de medios digitales
 
Proyecto de aula rosmygomez
Proyecto de aula rosmygomezProyecto de aula rosmygomez
Proyecto de aula rosmygomez
 
Proyecto de aula rosiris garcia
Proyecto de aula rosiris garciaProyecto de aula rosiris garcia
Proyecto de aula rosiris garcia
 
Proyecto pedagogico
Proyecto pedagogicoProyecto pedagogico
Proyecto pedagogico
 
Proyecto hernan listo
Proyecto hernan listoProyecto hernan listo
Proyecto hernan listo
 
Caracterización de residuos
Caracterización de residuosCaracterización de residuos
Caracterización de residuos
 
47155
4715547155
47155
 
Tipos de funciones
Tipos de funcionesTipos de funciones
Tipos de funciones
 
31822
3182231822
31822
 
Planta y modelo_de_vivienda
Planta y modelo_de_viviendaPlanta y modelo_de_vivienda
Planta y modelo_de_vivienda
 

Similar to Bayo Omisore, IT Auditor-Compliance Analyst

Cyber Security_Consultant_Nial Lande.pptx
Cyber Security_Consultant_Nial Lande.pptxCyber Security_Consultant_Nial Lande.pptx
Cyber Security_Consultant_Nial Lande.pptx
koushikDutta62
 
Roger Sloan Resume
Roger Sloan ResumeRoger Sloan Resume
Roger Sloan Resume
Roger Sloan
 
CV of Mohan M
CV of Mohan MCV of Mohan M
CV of Mohan M
Mohan M
 
Jeff Chugg Professional Resume - 01-23-2017
Jeff Chugg Professional Resume - 01-23-2017Jeff Chugg Professional Resume - 01-23-2017
Jeff Chugg Professional Resume - 01-23-2017
Jeff Chugg
 
Tamer Yehai CV REV4
Tamer Yehai CV REV4Tamer Yehai CV REV4
Tamer Yehai CV REV4
Tamer Yahya
 
Nassers Pitchbook 03032010
Nassers Pitchbook 03032010Nassers Pitchbook 03032010
Nassers Pitchbook 03032010
Nasser J Khan
 
Nassers Pitchbook 03032010
Nassers Pitchbook 03032010Nassers Pitchbook 03032010
Nassers Pitchbook 03032010
Nasser J Khan
 

Similar to Bayo Omisore, IT Auditor-Compliance Analyst (20)

Cyber Security_Consultant_Nial Lande.pptx
Cyber Security_Consultant_Nial Lande.pptxCyber Security_Consultant_Nial Lande.pptx
Cyber Security_Consultant_Nial Lande.pptx
 
Dennis Batdorf resume
Dennis Batdorf resumeDennis Batdorf resume
Dennis Batdorf resume
 
Roger Sloan Resume
Roger Sloan ResumeRoger Sloan Resume
Roger Sloan Resume
 
CV of Mohan M
CV of Mohan MCV of Mohan M
CV of Mohan M
 
Jason Allred Resume
Jason Allred ResumeJason Allred Resume
Jason Allred Resume
 
S Rod Simpson Resume
S Rod Simpson ResumeS Rod Simpson Resume
S Rod Simpson Resume
 
Consulting_Audit_Security
Consulting_Audit_SecurityConsulting_Audit_Security
Consulting_Audit_Security
 
TyroneResume[1]
TyroneResume[1]TyroneResume[1]
TyroneResume[1]
 
Gourav ladha - Profile
Gourav ladha - ProfileGourav ladha - Profile
Gourav ladha - Profile
 
gray_audit_presentation.ppt
gray_audit_presentation.pptgray_audit_presentation.ppt
gray_audit_presentation.ppt
 
Jeff Chugg Professional Resume - 01-23-2017
Jeff Chugg Professional Resume - 01-23-2017Jeff Chugg Professional Resume - 01-23-2017
Jeff Chugg Professional Resume - 01-23-2017
 
Quality and Information Security Assurance
Quality and Information Security AssuranceQuality and Information Security Assurance
Quality and Information Security Assurance
 
CCISO_Certification_Training_Course-Outline.pdf
CCISO_Certification_Training_Course-Outline.pdfCCISO_Certification_Training_Course-Outline.pdf
CCISO_Certification_Training_Course-Outline.pdf
 
Task 2
Task 2Task 2
Task 2
 
IIA GAM CS 8-5: Audit and Control of Continuous Monitoring Programs and Artif...
IIA GAM CS 8-5: Audit and Control of Continuous Monitoring Programs and Artif...IIA GAM CS 8-5: Audit and Control of Continuous Monitoring Programs and Artif...
IIA GAM CS 8-5: Audit and Control of Continuous Monitoring Programs and Artif...
 
CS 8-5_Audit and Control of Continuous Monitoring Programs and Artificial Int...
CS 8-5_Audit and Control of Continuous Monitoring Programs and Artificial Int...CS 8-5_Audit and Control of Continuous Monitoring Programs and Artificial Int...
CS 8-5_Audit and Control of Continuous Monitoring Programs and Artificial Int...
 
Swetana A Purohit
Swetana A PurohitSwetana A Purohit
Swetana A Purohit
 
Tamer Yehai CV REV4
Tamer Yehai CV REV4Tamer Yehai CV REV4
Tamer Yehai CV REV4
 
Nassers Pitchbook 03032010
Nassers Pitchbook 03032010Nassers Pitchbook 03032010
Nassers Pitchbook 03032010
 
Nassers Pitchbook 03032010
Nassers Pitchbook 03032010Nassers Pitchbook 03032010
Nassers Pitchbook 03032010
 

Bayo Omisore, IT Auditor-Compliance Analyst

  • 1. Bayo Omisore CISA, CRISC. 773-310-2645 Bayo.omisore@gmail.com PROFILE: IT Auditor with over 13 years of technology audit, risk, security, assurance, compliance, governance and project execution that aligns IT with business objectives. Experience in business process documentation, risks and technology aligned reviews and assessment that provides efficiency and effectiveness. Project implementation experience including risk identification and pre/post implementation reviews. Several implementations and reviews of SOX 404. Industry experience includes Manufacturing, Insurance, Information Services, Moving and Relocation Services, Utility services, Consumer Goods, High Tech and Pharmaceutical industries. EDUCATION: NIGERIAN LAW SCHOOL, Lagos, Nigeria. Barrister and Solicitor of The Supreme Court of Nigeria, October 1995. OBAFEMI AWOLOWO UNIVERSITY, Ile-Ife, Nigeria. Bachelor at Law, April 1994. EXPERIENCE 2009-February 2017 - Methode Electronics Inc., Harwood Heights IL. (Sr. IT Auditor) Audit Lead responsible for managing the information system audit and advisory resource. Execution and supervision all technology audits (applications and infrastructure), and the related business processes. Identifying and evaluating risks within the risk management system covering all the organization’s global business units in Europe, Asia, and North America.  Continuously Identify and evaluate IT and business risks and make recommendations that support business objectives.  Plan and execute audit of operations and infrastructure  Plan and execute SOX 404 audits consistent with standards to achieve audit objectives  Perform control and security reviews on the applications (CMS, Sage 100, Abra, Cognos Shireburn) running business processes.  Review and test infrastructure controls and security on the AS400 and Windows platforms  Document IT and business processes, application and general computer controls and security.  Identify risks around access security, Change Management, and Business continuity operations for both compliance and business objectives.  Test process and control designs and operating effectiveness, document results and findings and monitor remediation of identified issues.  Conduct customer interviews; facilitate customer presentations and data gathering sessions.  Provide guidance and mentoring to the internal audit team members on IT related business issues.  Assess the organization’s adequacy of IT policies, strategies and controls  Promote innovative practices for conducting integrated audits and document IT risks through the implementation and use of automated analytics.  Provide assurance relative to system development projects.
  • 2.  Identify and research significant auditing and internal control issues, provide clear documentation and analysis of conclusions reached and make recommendations for fixes and improvements  Evaluate complex business and technology risks, and related opportunities for improving automated controls.  Manage the IT SOX 404 efforts with external auditors to maximize audit efficiency and minimize regulatory compliance expenditure. 2004 – 2009 IT Audit Consultant:  CNA Insurance, Chicago IL  Lansing Board of Water and Light, Lansing, MI  SIRVA Inc. – Westmont, IL.  Sara Lee corp. – Chicago IL.  Ceridian Corp, - Atlanta GA  Diebold, Canton, Ohio  Memphis Light, Gas and Water, Memphis, TN  Worked with senior client management to determine the scope of engagements, develop audit programs, and execute audit.  Documentand review IT and business processes,thealigned application and infrastructure, to identify risks, controls and security in place, and identify gaps needing recommendations.  Review and evaluate infrastructure security compliance that safeguards organizational critical assets.  Perform testing of the infrastructure environment controls that assures safeguard of information processing, storage, and transmission.  Review IT security policies and standards that addresses system currency, servicedelivery, business continuity and system development.  Document, evaluate, and test business process controls that assures data integrity, business efficiency and safeguards against fraud.  Determine the risk profile and assess acceptable risk levels within the organizational objectives in scope.  Test application controls and security (SAP, Oracle, JD Edwards, PeopleSoft, CMS, etc) that addresses access security, programming, data transmission, input, output, and processing objectives.  Utilize best practices in frameworks such as COBIT, ITIL, CMM, and ISO to defined standards and requirements for the achievement of audit and key IT/business objectives.  Perform Walkthroughs of IT and business processes to evaluate process and controls design, gaps and risks that impacts financial reporting for SOX 404 compliance.  Performed testing that determine the effectiveness of access security,segregation of duties, configuration management, change management, disaster recovery, processing integrity, etc.  Performed SAS70 audit that achieves the security and controls requirements for a service organization.  As a key of system development project, evaluate adequacy of procedures, identify project risks, review project process compliance and project deliverables that ensures overall project success.  Liaise with IT and business management on issues remediation, process and control improvements  Develop a scorecard based continuous assessment program for IT processes controls and security that enables pro-active identification, tracking and evaluation of business related IT issues to identify areas of deficiencies.  Utilize Bizright and Compliance Calibrator to perform segregation of duties review in Sales, Purchasing, Inventory and Payroll processes to identify incompatible security permissions that permits the potential for fraud
  • 3.  Using automated tools (Foundstone, Bindview, Qualysguard, etc.) identified infrastructure security vulnerabilities and followed up on corrective actions that mitigates the risks.  Worked with management and process owners to improve processes, procedures, controls and security.  Facilitated and led the implementation of the COBIT framework for the improvement of the IT processes and audit procedures.