Moses Seweje, CISA

Experience

• 

  MultiDimension Technology

  Apr 2015 - Feb 2017

  Internal Auditor

  •Performed ITGC reviews and SOX compliance audit and participated in the planning and execution of audits.•Identified internal controls issues within clients' IT environment and developed gap analyses.•Executed testing of controls to assess operational effectiveness in managing risk.•Communicated information to management through presentation and audit report.•Managed remediation of audit findings and maintained understanding of applicable regulatory and compliance requirements.•Reviewed systems for adequate management controls, efficiency, and compliance with policies, regulations, and accounting principles.•Developed audit plans and programs to evaluate control areas on projects such as financial statement audit, SOX testing and SAS 70/SSAE 18. Show less

• 

  IBM

  Mar 2017 - May 2020

  Staff IT Auditor

  •Extensive experience in IT auditing with emphasis on commercial public companies and federal government departments using ITGC, Application Controls, PCI DSS, COBIT COSO, ISO 27001, NIST 800-53 frameworks.•Reviews enterprise security program, validates IT control implementations, performs risk-based audit. •Performed walkthrough on ITGC controls, reviews corrective action plan, validates remediation control.•Performed IS audit on routers, switches, firewalls and remote access. •Conducted root cause analysis of vulnerabilities and coordinates with appropriate stakeholders to remediate findings on IT audit engagements within schedule and budget constraints. •Led IT Implementation and testing of internal controls over financial reporting: Sarbanes Oxley Act (SOX), performs Walkthroughs of controls and evaluates operating effectiveness of controls. •Prepared audit scopes, reported findings and presented recommendations for improving data integrity and operations. Show less

• 

  Synergy Technologies

  Jun 2020 - now

  IT Auditor

  •Prepare IT audit program to include access control, change management controls and application controls; and identify deficiencies in the design and operating effectiveness of control and provide recommendation.•Develop understanding of core IT processes and looked for opportunities to help IT management in gaining process efficiencies and control optimization.•Apply current knowledge of IT trends, techniques, and risk to map out security and risk management improvement opportunities to enhance value to our clients.•Identify and communicate IT audit findings to senior management and client.•Perform all stages of audit planning, fieldwork, executive, reporting and follow up.•Supported the Technology Risk practice to achieve key goals and initiatives.•Acted as a consultant or as an advisor capability and recommend practical and effective remediation to identified issues.•Conduct testing of Sarbanes-Oxley (SOX), PCI DSS and Service Organization Control (SOC) SSAE 18 Review, using COBIT frameworks. Show less