2017 - 2022 IT Control and Risk Management GmbH | Zurich
2004 - 2008
Provided Risk Consulting Services to blue-chip clients such as DepuySynthes, Credit-Suisse, Winterthur Group, Axa Tech AG, ABN-Amro Bank, Altana Pharma to support business integration or internal control framework implementation. Duration of Projects was typically from 6 to 24 months.
Examples of project
Senior Consultant for Credit Suisse Financial Services | 18 months
Managed the local implementation of the SOX IT compliance program across CSFS's operations in Italy, Germany, Monaco, Luxembourg, Gibraltar and Brazil.
- Led project planning meetings, defining objectives and formulating implementation strategy relating to General Computer Controls for stand-alone applications and end-user computing systems
- Created standards and templates using COBIT and COSO Control Objectives
- Supervised General Computer Controls documentation processes, including design and test of operational effectiveness, exception reporting, mitigation planning and scope management
- Consulted with colleagues to develop operational processes and practices and encouraged all managerial and operational levels to take ownership of change and deliver quality solutions
- Identified risk, inefficient operational procedures, and recommended changes to eliminate loopholes
- Supervised multi-national project teams and personnel throughout program delivery
- Achieved all project deliverables in terms of quality, timescale and budget
- Performance resulted in becoming a key member of the SOX IT implementation team
- Restored project management confidence in critical Business units / environment
Senior Consultant for Winterthur Group | 10 months
Advised local management throughout the re-engineering project of the IT compliance framework in Belgium, Spain, UK, Germany, Hungary and US operation.
- Designed and implemented a standardized set of controls based on best practice and Group policies
- Identified inefficient or missing controls, and assisted Business Units eliminate loopholes
- Supported local management and supervised project teams during production of SOX deliverables
- Co-ordinated discussions between local IT and Business units, SOX project leader and auditors
- Oversaw quality assurance regarding production of process documentation, implementation of controls framework and execution of associate test plans to ensure effective controls framework
- Simplified General Computer Controls documentation, reducing remaining weaknesses
- Improved the quality of internal controls framework to the satisfaction of external auditors
SOX IT Manager for Cablecom AG, Subsidiary of Liberty Global Inc. | 6 months
Provided program delivery support to the Swiss entity during the implementation of the company-wide compliance program with a focus on the design and implementation of automated business controls for the critical business processes:
- Identified and adapted the automated SOX business controls based on the Corporate Risk Framework and best practices in the telecom industry
- Covered all critical business processes and product lines: Digital and Cable TV, Digital Phone and Professional Business Network Services - including production of documentation and the operational effectiveness test plans, and validation of the test procedure and baseline of SOX applications
- Created internal control framework for End User application including User Guideline and internal audit test plan; supervised implementations of the control framework and operational testing
- Liaised with external auditor and Corporate Compliance Management to resolve problems
- Implemented a full set of automated controls in a very short period and under management high pressure due to the high criticality of the automated controls for a telecom company
- Zero critical deficiency was reported by external/internal auditors in all domains
- Successfully supported the client to succeed the first year of SOX compliance certification
Senior Consultant for Altana Pharma AG | 5 months
Designed an Internal Control Framework implementation guide for a centralized IT environment
- Customized General Computer Controls to comply with SOX Act and Pharmaceutical regulations
- Designed processes to ensure continuous effectiveness of the General Computer Controls Framework, including the maintenance of documentation and testing of the controls effectiveness
- Standardised the End User Computing Controls to ensure compliant and homogenous controls
- Facilitated deployment of the Sarbanes Oxley Compliance program across all Departments
Senior Consultant for ABN-AMRO Private Banking | 3 months
Reviewed the General Computer Controls and Project Management phases for a key swiss banking application based on Oracle and Unix.
- Achieved recognition as a high calibrate resource for internal IT audit
Prokject Leader | 24 months
Led a private-owned project related to the implementation and usage of financial robo-advisors based on Artificial Intelligence (AI) using big data and machine learning.
The role included the full management lifecycle for the development, optimization and exploitation of the final product including the technical infrastructure, the management of the external resources, and the design and optimization of the different AI models.