Specializations:

Designing and Implementing IT General Controls to meet Regulatory Compliance Requirements.

Adopting an intelligent approach to IT general control development by:

• Using external/internal audit findings as the basis for control requirements.
• Determining and incorporating all applicable regulatory compliance standards.
• Focusing on core areas of expertise-- access control and remediation.
• Conducting workshops to ensure buy-in from stakeholders comprising executive management, business risk managers, business owners and legal to ensure a strong governance model.

Achieving Cost Containment with Control Rationalization.

Achieving cost containment by rationalizing controls across:

• Regulatory compliance requirements.
• Application platforms.
• Lines of business and geographies.

Achieving Cost Reduction using World-Class Offshore Delivery Capability.

Achieving cost reduction by:

• Delivering projects with a world-class offshore delivery capability.
• Maintaining optimum on-shore to offshore resource ratios to ensure program success.
• Apply specially designed implementation and delivery blueprints optimized for offshore delivery.

Developing Optimum Solution Architecture.

Designing optimum architectures by focusing on:

• Meeting business requirements by maintaining requirements traceability.
• Reconciling orthogonal agendas of risk mitigation measures and business agility.
• Transforming controls to business enablers.

Assuring Delivery with Leading Project Management Practices.

Assure project delivery by:

• Reducing the risk of implementation by providing special attention to the planning phase: project estimation, task and resource scheduling, and communications.
• Reducing the risk of implementation by adopting the agile implementation methodology
• Regularly providing project status updates to stakeholders, pro-actively escalating issues.
• Paying due consideration to user acceptance training and user training activities.

Extending Enterprise Risk Framework.

Develop IT Risk Framework by:

• Advising executive management, risk officers, controllers, and legal on benefits of control rationalization to meet multiple regulatory compliance standards.
• Aligning IT control development with the broader enterprise risk framework roadmap.
• Implementing comprehensive reporting modules to enable controllers, risk officers, line of business owners to instantly and continually gauge the level of risk in their current sphere of responsibilities and influence.
• Developing IT security policies related to deployed IT controls.