OLANREWAJU SALAMI

•Executed projects established in the annual audit plan, developed scope and objectives of IT audits whileensuring alignment with audit standards, guidelines, and best practices.

•Prepared concise summaries of audits and discussed their findings with senior management.

•Provided observations and conclusions, identified, and communicated any gaps, evaluated managementaction plans, and report accordingly.

•Responsible for identifying control design recommendations that not only provide assurance thatbusiness objectives can be met in line with acceptable risk levels but also the identification of processand efficiency improvements within the control structure.

•Executed day-to-day internal audit activities in the performance and management of IT engagements,Sarbanes-Oxley compliance ITGC testing activities, and special projects.

•Evaluated the design and effectiveness of IT controls to mitigate risks related to cybersecurity, dataprivacy, and operational integrity.

•Mentor and guide junior auditors, fostering their professional growth and development.

Regularly evaluated the IT risk landscape and identified potential areas of vulnerability, conducted risk assessments to determine the impact and likelihood of IT-related risks, and worked with management to implement strategies for mitigating identified risks.

•Assess the effectiveness of information security controls and practices.

•Reviewed and evaluated the organization's data protection measures.

•Ensured compliance with privacy regulations and policies.

•Evaluated the organization's IT governance structure and processes.

•Assessed the alignment of IT strategies with overall business objectives.

•Ensured that IT resources are used efficiently and effectively.

•Identifying, assessing, and managing risks related to technology within the organization by ensuring IT systems and processes are secure, compliant, and resilient to potential threats.

•Leading the development and implementation of the Governance, Risk, and Compliance (GRC) framework to manage IT-related risks, and ensure compliance with relevant regulations and standards.

•Responsible for ensuring that the organization's IT systems and practices comply with relevant privacy laws and regulations, such as GDPR, CCPA, etc.

•Conducting risk assessments and gap analyses to identify areas of non-compliance, and opportunities for improvement.

•Conducting testing, readiness assessment, and gap analysis on the PCI-DSS, GDPR, and SOC 2 annual recertification processes.

•Defining policies, procedures, and standards to govern IT governance, risk management, and compliance activities across the organization.

•Monitoring and reporting on key risk indicators (KRIs), and control performance metrics to senior management.

•Leading the identification and implementation of enhancements to the Third Party Risk Management Program, conducting security awareness training for new hires.

•Prioritizing and managing workload to deliver quality results, and meet timelines.

•Identifying potential risks and vulnerabilities in the organization's IT infrastructure, systems, and processes, I evaluated the potential impact of identified risks on business operations, data integrity, and confidentiality, and conducted a risk assessment to prioritize and quantify potential threats.

•Continuing to stay informed about emerging technologies, threats, and industry best practices to continuously improve the organization's security posture, I conducted regular reviews and assessments to identify areas for improvement in the IT risk management process.

•Tracking audit reviews completed, findings, and providing appropriate remediation steps to associates who violated regulatory standards, while ensuring accurate data, and information tracking.

•Proactively escalated any issues or violations found during audits to associates and managers, driving prompt, and efficient resolution.

•Conducting regular risk assessments of associate communications, identifying potential vulnerabilities, and recommending proactive control measures to mitigate regulatory risks.

•Collaborating with the team to develop and implement risk management strategies that enhance the overall compliance framework, and minimize potential compliance violations.

•Responsible for ensuring that the organization complies with relevant laws, regulations, and industry standards related to information security and data protection, monitored changes in compliance requirements, and updated policies and procedures accordingly.