I operate as an execution-ready GRC and IT audit professional with hands-on experience performing risk assessments, evaluating control design, executing TOD/TOE testing, validating technical evidence, and producing audit-ready documentation aligned to SOX and SOC 2 standards.

My strength lies in combining governance fluency with practical ITGC depth across access management, change management, backup and recovery, and logging controls—enabling accurate interpretation of system evidence and clear communication with technical stakeholders.

With structured workpapers, repeatable testing frameworks, and a disciplined audit mindset, I am positioned to integrate quickly into risk and compliance teams and contribute measurable value from day one.

IT Audit Execution

• Perform ITGC testing across Logical Access, Change Management & IT Operations domains

• Execute Tests of Design (TOD) & Tests of Effectiveness (TOE) using Risk-Based Audit Methodology

• Apply Defensible Sampling Techniques for Population Analysis & Exception Testing

• Identify Control Deficiencies, Assess Impact & Support Remediation Validation

• Produce Audit-Ready Workpapers, Narratives & Testing Documentation aligned to SOX & SSAE 18

Governance & Risk Execution

• Conduct Enterprise Risk Assessments & Control Evaluations aligned to GRC Frameworks

• Perform Third-Party/Vendor Risk Reviews, Security Questionnaire Analysis & Evidence Validation

• Support Issue Management, Remediation Tracking & Governance Reporting within GRC Platforms

• Map Risks & Controls to COSO, NIST CSF, ISO 27001, SOC 2 & PCI DSS

• Deliver Defensible Documentation & Walkthrough Support for Internal & External Audits

Reusable Frameworks, Toolkits & Templates

• Risk & Control Matrices (RCMs)

• TOD / TOE Testing Templates & Sampling Worksheets

• ITGC Testing Templates (Logical Access, Change Management, IT Operations)

• Third-Party Risk Assessment (TPRA) & Security Questionnaire Templates

• Issue Tracking Logs & Remediation Monitoring Tools

• Process Narratives & Visio Flow Diagrams

Cross-Functional Enablement

• Coordinate Audit Fieldwork, Evidence Gathering & Compliance Tracking

• Support Policy Governance & Control Documentation Initiatives

• Contribute To CSA/RCSA Activities & Process Mapping Exercises

• Assist In Configuration & Optimization Of GRC Tools