Ernst & Young
July 2010 — Present
Internal Audit – Led engagements in the manufacturing and telecommunication industries where financial and operational processes were reviewed. Performed risk assessment to scope the order to cash (OTC) and record to report (R2R) processes and identify key controls in each of the areas. Prepared narratives and flowcharts for the in-scope processes, and generated deliverables that were shared with the Audit Committee for the corresponding entities.
SSAE 16 Audits – Led the execution of SOC 1 (both Type 1 and Type 2) examinations in the healthcare insurance and telecommunications industries. Performed risk assessments to map out the risks per control objectives and the associated key controls. Managed engagement financials, performed overall engagement planning, execution, and delivery of the SOC 1 report.
Information Technology Audits – Led several engagements focused on the assistance of the Financial Statement audit by reviewing the current IT infrastructure for the related applications that support the financial statements in the telecommunication, healthcare insurance, property and casualty insurance, pharmaceutical, government, higher education, hospitality, and oil industries. Performed application control testing, as well as security reviews over the Operating System (Windows Server 2000/2003/2008, HPUX, AIX, RedHat Linux, Solaris) and Database (Oracle 9i/10g/11g, Informix, Sybase ASE) infrastructures, as well as specific ERPs (Oracle Financials, SAP ISU, and SAP R/3).
IT Risk and Transformation – Reviewed the client’s requirements and specifications for a new core application, and worked with the contracted software company to ensure that the specifications and requirements were met to the client’s satisfaction. Performed bug testing and health insurance policy configuration during the course of the engagement.