SlideShare une entreprise Scribd logo

JohanCVJuly2015

Télécharger en tant que DOCX, PDF
J
Johan van Zyl
1  sur  9
Johan van Zyl 1 08/04/15 CURRICULUM VITAE: Johan van Zyl A. GENERAL INFORMATION Physical address 15 Lightning Shot, Mooikloof 0059 Postal address P.O. Box 92154, Mooikloof,0059 Work tel. no (012) 671 8914 Work fax no. (012) 671 8180 Home no. (012) 996 0128 Cell phone no. 083 326 7767 B. PERSONAL DETAIL Full name Johan Surname van Zyl Nationality South African Citizen Home language Afrikaans Other languages English C. ACADEMIC QUALIFICATIONS Pretoria Technicon 1987 – 1992 1987 – 1992: Nas. Dipl. Computer Data Processing Major subjects: Computer Business Programming, Information Systems D. OTHER QUALIFICATIONS Professional Qualifications 1996: ISACA 2004: ITIL Foundation 2005: ITIL Configuration, Release and Change Management 2005: Management Development Program GIBS 2009: Senior Leadership Development Program USB. Winner: Group project assignment Other Qualifications/Courses 1994 to 1996 Various IT Audit courses at CBS Training: Auditing Networks, Auditing MVS and Auditing AS400 1997 to 1998 Various IT courses at ABSA Training: Control Self Assessment, Auditing Y2K, 1998 to 2004 Auditing MVS; Introduction to MQ, Introduction to DB2 2006 ITIL: Service Deliver and Operations Manager course.
Johan van Zyl 2 08/04/15 E. PREVIOUS EXPERIENCE (most recent position first) MMI Group Physical address Momentum, 268 West Avenue, Centurion MMI: IT Audit Specialist – 01 March 2013 to present. Work force: 1 CAE, 1X Head of Audit: IT,1 X IT Audit Manager, 7 X IT Auditors. Support: 7 Heads of Audit and 5 audit managers and 3 audit specialists Customer base: Momentum Retail,Momentum Employer Benefits,MMI Balance SheetManagement, Group Support Services, Momentum Investments,MMSA Health,Metropolitan Retail,Metropolitan International and I&O (Information Technology and Operations). Duties Main duties 1. Identify high risk areas, plan and scope audits – continuously 2. Apply sound IT audit methodology – including integrated audit approach 3. Ensure compliance with MMI GIA methodology and working papers, including audit execution 4. Develop and provide input in respectof new procedures or system 5. Customer relationship with IT Heads and Business Executives (C-level) 6. Research new trends in IT and emerging risks 7. Feedback to CAE and Heads ofAudit on strategic initiatives within customer base Identify high risk areas, plan and scope audits  Once a year a high level overall planning for the next financial year audits are planned. Input provided for IT related audits to be executed.  The plan is continuouslymonitored for changes – risk and customer request. Updated quarterly.  Individual audits area assigned to the best potential resource available from team.  Confirm audit scope and timing with business management.  Manage deviations from the plan and scope of the audit. Apply sound IT audit methodology – including integrated audit approach  Requires understanding of business environment to determine best audit approach.  This may require that methodology/approach be adapted to the specific requirement of the business.  The usage of integrated audits for the specific environment is investigated and identified.  Indentify and use of acceptable audit frameworks that support the audit methodology.  Develop and maintain audit methodology in alignment with best practices. Ensure compliance with MMI GIA methodology and working papers, including audit execution  Ensure that MMI GIA methodologies are used.  Use Teammate as audit tool for the planning and execution of planned audits.  Ensure that audit working papers are used.  Ensure that auditwork is done according to MMI GIA standards and thatwork performed can be relied upon by external audit.  Perform audits at strategic level to ensure that overall functions can be relied on during the execution of detailed audits – used as guidance for other audits. Develop and provide input in respect of new procedures or system.  Provide Audit management team and auditors overview of the usage of different IT audit disciplines on audits.  Identify new development methodologies used in Momentum and develop audit programs accordingly.  Identify areas of improvement on audits and implement relevant improvement.  Provide support for integrated audits performed. Customer relationship  Manage relationship with the different IT managers within Customer base.
Johan van Zyl 3 08/04/15 with IT Heads and business executives  Manage and maintain relationship with ITRisk manager for MMI.  Obtain and review strategic and operational plans to identify relevant information required for the Audit universe used during the auditplanning process.  Attended the risk and auditforms to discuss ITrelated risks and/or concerns. Research new trends in IT  Perform research on new trends on IT and the impact on MMI I&O environment.  Provide support and training the technical audit teams for the identification of risk and audit programs.  Provide feedback at IT Steercoms regarding risks and related matters on the new trends.  Attended the risk and audit forms to discuss IT related risks and/or concerns , including emerging risks.  Assist the IT Risk Manager and IT Governance manager with risk identification and management, including the drafting of relevant policies.  Attend related IT forums,seminars and workshops to stayinformed on topics of interestin the current IT domain,including GRC. Feedback to CAE and Heads of Audit on strategic initiatives within customer base  Identify new strategy initiatives within the business units and provide feedback to CAE and Heads ofAudit.  Identify potential impacts on the audit plan and make recommendations on changes.  Assistwith the alignmentofAudit departmentto the new strategy.  Identify risk areas that may require focus form audit.  Feedback on the various IT forums,seminars and workshops attended for better understanding of the direction of the IT. FirstRand/MMI Group 01 September 2009 to 30 June 2013 (Momentum unbundled from FirstRand to form MMI Group with Metropolitan) Physical address Momentum, 268 West Avenue, Centurion Manager: IT Audit . Work force: 1 CAE, 2 X ACR Auditors, 1 X PM Auditors and 1 X CAATS auditors. Support: 3 X Audit managers and 10 X auditors (Business/Financial auditors) Customer base: Momentum Retail,Momentum Employer Benefits,MMI Balance SheetManagement, Group Support Services excluding HR, MMI IT North. Duties Main duties 8. Identify high risk areas, plan and scope audits – continuously 9. Apply sound IT audit methodology – including integrated audit approach 10. Ensure compliance with MMI GIA methodology and working papers 11. Develop and provide input in respectof new procedures or system 12. Customer relationship with IT managers 13. Research new trend in IT
Johan van Zyl 4 08/04/15 Identify high risk areas, plan and scope audits  Once a year a high level overall planning for the next financial year audits are planned. Input provided for IT related audits to be executed.  The plan is continuouslymonitored for changes – risk and customer request. Updated quarterly.  Individual audits area assigned to the best potential resource available from team.  Confirm audit scope and timing with business management.  Manage deviations from the plan and scope of the audit. Apply sound IT audit methodology – including integrated audit approach  Requires understanding of business environment to determine best audit approach.  This may require that methodology/approach be adapted to the specific requirement of the business.  The usage of integrated audits for the specific environment is investigated and identified.  Indentify and use of acceptable audit frameworks that support the audit methodology.  Develop and maintain audit methodology in alignment with best practices. Ensure compliance with FRGIA methodology and working papers  Ensure that MMI GIA methodologies are used.  Use Teammate as audit tool for the planning and execution of planned audits.  Ensure that audit working papers are used.  Ensure that auditwork is done according to MMI GIA standards and thatwork performed can be relied upon by external audit. Develop and provide input in respect of new procedures or system.  Provide Audit management team and auditors overview of the usage of different IT audit disciplines on audits.  Identify new development methodologies used in Momentum and develop audit programs accordingly.  Identify areas of improvement on audits and implement relevant improvement.  Provide support for integrated audits performed. Customer relationship with IT managers  Manage relationship with the different IT managers within Customer base.  Manage and maintain relationship with ITRisk manager for MMI.  Obtain and review strategic and operational plans to identify relevant information required for the Audit universe used during the auditplanning process.  Attended the risk and auditforms to discuss ITrelated risks and/or concerns. FirstRand Internal Audit: Momentum: ACR Auditor – 01 October 2007 to 31 August 2009 Work force: 1 Senior Manager, 1 Manager, 14 ACR Auditors (GIA audit team) Customer base: Momentum: Wealth, Sales, Retail, Group Benefits, Health, New Markets and Financial and Actuarial Services. Duties Main duties 1. Plan and scope audits 2. Identify risks, management‘s objectives and controls 3. Execute planned audits 4. Supportother ACR auditor’s with Momentum systems 5. Customer relationship with IT managers
Johan van Zyl 5 08/04/15 Plan and scope audits  Once a year the overall planning for the next financial year audits are planned.Inputprovided for IT related audits to be executed.  Plan and scope individual audits as per audit plan.  Confirm audit scope and timing with business management.  Manage deviations from the plan and scope of the audit. Identify risk, management’s objectives and controls  Risk based audit approached is used.  Management objectives are identified.  Risks are identified and rated.  Mitigating controls are identified. Execute planned audits.  Audit plans are created in accordance of the controls identified.  Audits are executed according to the agreed audit plans.  Write and complete audit reports. Support other ACR auditor’s with Momentum systems.  Assist with identifying risks and controls in applications.  Assist with the execution of the audit when required.  Perform peer reviews of audits performed on Teammate. Customer relationship with IT managers  Manage relationship with the different IT managers within Momentum – Each Business Unit have it’s own IT department with IT manager.  Manage relationship with IT Risk Manager  Provide the Audit universe used during the auditplanning process.  Attended the risk and auditforms to discuss ITrelated risks and/or concerns. Momentum: Position 4 Snr IT Auditor – January 2007 till 01 October 2007 Work force: 1 Senior Manager, 1 Manager, 6 Internal Auditors Customer base: Information Technology Support services (ITSS), Wealth, Sales, Retail, Health, New Markets and Financial and Actuarial Services. Duties Main duties 1. Plan and scope ACR audits 2. Identify risks, management‘s objectives and controls 3. Execute planned ACR audits 4. Supportbusiness auditors with Integrated audits (ACR’S) 5. Performed SDLC reviews 6. Performed GCR reviews 7. Performed and assisted with CAATS (IDEA) 8. General IT supportand training for team members 9. Customer relationship with IT managers
Johan van Zyl 6 08/04/15 Plan and scope ACR audits  Once a year the overall planning for the next financial year audits are planned. Input provided for IT related audits to be executed.  Plan and scope individual audits as per audit plan.  Confirm audit scope and timing with business management.  Manage deviations from the plan and scope of the audit. Identify risk, management’s objectives and controls  Risk based audit approached is used.  Management objectives are identified.  Risks are identified and rated.  Mitigating controls are identified. Execute planned ACR audits.  Audit plans are created in accordance of the controls identifies.  Audits are executed according to the agreed audit plans.  Write and complete audit reports. Support business auditors with Integrated audits  Assist with the up-skill of business auditors to perform ACR reviews.  Assist with identifying risks and controls in applications.  Assist with the execution of the audit were technical information is required.  Assist with the obtaining data for the execution of CAATS.  Assist with the execution of CAATS.  Performed integrated audits within the Health environment. Performed SLDC reviews  Reviewed high risk projects within the Wealth environment  Plan and scoped the review  Identified high risk areas for the projects  Management objectives are identified.  Created audit plans according to the risks identified.  Executed the audit plan  Write and complete audit report. Performed GCR reviews  Plan and scoped the reviews  Identified high risk areas for the projects  Management objectives are identified.  Created audit plans according to the risks identified.  Executed the audit plan  Write and complete audit report. Performed and assisted with CAATS  Performed CAATS as and when required on ACR audits.  Assist with the obtaining data for the execution of CAATS.  Assist with the execution of CAATS.  Provided the information to the relevant Business/Financial auditors for follow-up General IT support and training for team members.  Assist with the procurement of IT hardware for the department.  Assist with the evaluation and procurement of IT software for the department.  Assist with the training of staff members in IT skills and concepts. Customer relationship with IT managers  Manage relationship with the different IT managers within Momentum – Each Business Unithas an IT department with IT manager.  Manage and maintain relationship with ITRisk Manager.  Create and maintain the Audit universe - used during the audit planning process.  Attended the daily ITSS incident/managementfeedback session.  Attended the risk and auditforms to discuss ITrelated risks and/or concerns. Nedcor: Position 3 Manager: IT Change Management: Transaction Processing - January 2003 to December 2006 Work force: 4 Managers 2 Admin staff members
Johan van Zyl 7 08/04/15 Customer base: Various staff members requesting changes in Production Duties Main duties 1. Manage and approval of change requests. 2. Risk management of change request 3. Process management: Change and Risk process, general process consultation 4. Compliance representative (including FAIS & FICA) 5. Risk Management – Audits, Incident risks,legal incidents Manage and Approval of change requests Number of changes: 50 per week.  Verify completeness of change request with regards to implementation, back-out and post- implementation testing  Confirm change impact and risk to the organization.  Verify approvals and approve/decline request based on overview of request.  Communicate change status or requestadditional information/improvements to change request.  Attend meeting to discuss and provide input of major releases. Risk management of change request Number of changes: Average 120 per week.  Provide baseline criteria for the quantification of risk and impact of change request.  Risk and Impact matrix for production system.  Review and advise on over all risk status for deployment period  Support unit with risk management of change requests. Risk, Compliance and Audit management and administration  Ensure compliance to legislation and associated regulations for IT Change, Release and Configuration Management in conjunction with Group IT Compliance  Audit administration for IT Change, Release and Configuration Management  Ensure Risk management for IT Change, Release and Configuration Management Awards Internal Award for Dedication– 2004 Internal Award for Dedication – 2005 Reasons to end duties Contacted by Audit Manager from Momentum and offered a position to assist with IT audits and create an integrated audit approach between business/financial and IT audits. Contact person Line manager: Hayes Francis– 083 327 3244 – Senior Manager Nedcor: Position 2 Risk Manager: IT Change Management - April 2002 to December 2002 Duties Creation of Risk Model for It Change Management Create policies and procedures for IT Change Management: Due to impact as a resultof changes implemented,position was created for the management of risk within the IT Change Management unit. Responsible for the identification and management of High risk changes and ensure appropriate levels of risk during change periods. Create a classification system for changes. Categories: Critical, High, Medium and Low changes Reasons to end duties Restructuring of function into current portfolio with additional responsibilities and the need to broaden my exposure, scope of control and work experience. Contact person Line manager: Clive Blaiklock – Retired Nedcor: Position 1 IT Audit – February 1998 to March 2002
Johan van Zyl 8 08/04/15 General Controls  Review of General Controls in the IT environment for Nedcor, Nedcor Investment bank and Old Mutual Bank  Assist with Control Self Assessment process and workshops for IT  Implementation of Cobit Framework in Nedcor, Nedcor Investment Bank and Old Mutual Bank Project Audits  Project reviews against Funnel and Gates (SDLC) framework for Nedcor and Nedcor Investment Bank  Ensure adequate controls is systems during design and development phases  Monitor and verify implementation of solutions Awards Bronze, Silver and Gold awards in 2001 for excellent delivery on project objectives Bronze awards in 1999 and 2000 for excellent work delivery and acceptance of responsibility Contact person Line manager: Jacques Lourens – Senior Manager, IT Audit, Nedcor Bank Head: IT Audit: Deon Pienaar – Group Internal Audit, Nedcor Bank Reasons to change job The General Manager for IT Operations offered me the risk management position at IT Change Management. I accepted the position to further my career and broaden my scope. ABSA IT Audit – July 1996 to February 1998 Project Audits  Project reviews of Front-end solutions – client interface systems (Internet Banking, ATM’s, Banking Platforms)  Ensure adequate controls is systems during design and development phases  Monitor and verify implementation of solutions  Implementation of Control Self Assessment Reasons to change jobs I was offered a similar position at Nedcor Bank. Nedbank was then regarded as on of the most IT innovative banking environments in SA. Contact person Line manager: Karen – Retired. Office of the Auditor-General Manager: IT Audit – May 1995 – June 1996 Duties  General Control Audits  Training of IT Audit Staff  Financial Audit of State Computer Operations (SITA) Reasons to change job Offered a better position at ABSA that would broaden experience and scope of work. Contact person Line manager: Mr. Kallie Pienaar Office of the Auditor-General Financial Auditor – December 1984 – May 1995 Duties  General Financial Audits at Department of Public Works and Department of Correctional Services  General Systems Audits at Department of Public Works and Department of Correctional Services Reasons to change job Offered a promotion as manager in the IT Audit department.
Johan van Zyl 9 08/04/15 Contact person Line manager: Mr. Jaap Meyer

Recommandé

IFAC Guide to Compilation Engagements
IFAC Guide to Compilation EngagementsIFAC Guide to Compilation Engagements
IFAC Guide to Compilation EngagementsInternational Federation of Accountants
 
Cisa domain 1
Cisa domain 1 Cisa domain 1
Cisa domain 1 Ismail aboulezz
 
ISA 315 (Revised) - Exposure Draft Webinar
ISA 315 (Revised) - Exposure Draft WebinarISA 315 (Revised) - Exposure Draft Webinar
ISA 315 (Revised) - Exposure Draft WebinarInternational Federation of Accountants
 
IFAC Guide to Review Engagements
IFAC Guide to Review EngagementsIFAC Guide to Review Engagements
IFAC Guide to Review EngagementsInternational Federation of Accountants
 
Chap2 2007 Cisa Review Course
Chap2 2007 Cisa Review CourseChap2 2007 Cisa Review Course
Chap2 2007 Cisa Review CourseDesmond Devendran
 
Elevating IA
Elevating IAElevating IA
Elevating IAWayne Poggenpoel
 
Creative Performance Audit
Creative Performance AuditCreative Performance Audit
Creative Performance AuditHumanology
 
Compliance Basics Presentation
Compliance Basics PresentationCompliance Basics Presentation
Compliance Basics PresentationCompliagent
 

Recommandé

IFAC Guide to Compilation Engagements
IFAC Guide to Compilation EngagementsIFAC Guide to Compilation Engagements
IFAC Guide to Compilation EngagementsInternational Federation of Accountants
 
Cisa domain 1
Cisa domain 1 Cisa domain 1
Cisa domain 1 Ismail aboulezz
 
ISA 315 (Revised) - Exposure Draft Webinar
ISA 315 (Revised) - Exposure Draft WebinarISA 315 (Revised) - Exposure Draft Webinar
ISA 315 (Revised) - Exposure Draft WebinarInternational Federation of Accountants
 
IFAC Guide to Review Engagements
IFAC Guide to Review EngagementsIFAC Guide to Review Engagements
IFAC Guide to Review EngagementsInternational Federation of Accountants
 
Chap2 2007 Cisa Review Course
Chap2 2007 Cisa Review CourseChap2 2007 Cisa Review Course
Chap2 2007 Cisa Review CourseDesmond Devendran
 
Elevating IA
Elevating IAElevating IA
Elevating IAWayne Poggenpoel
 
Creative Performance Audit
Creative Performance AuditCreative Performance Audit
Creative Performance AuditHumanology
 
Compliance Basics Presentation
Compliance Basics PresentationCompliance Basics Presentation
Compliance Basics PresentationCompliagent
 
How to Create an Effective Business Continuity Program
How to Create an Effective Business Continuity ProgramHow to Create an Effective Business Continuity Program
How to Create an Effective Business Continuity ProgramAl Abbas, PMP, CISSP, MBA, MSc
 
Limited Assurance Engagements for Practitioners
Limited Assurance Engagements for PractitionersLimited Assurance Engagements for Practitioners
Limited Assurance Engagements for PractitionersInternational Federation of Accountants
 
CISA Training - Chapter 1 - 2016
CISA Training - Chapter 1 - 2016CISA Training - Chapter 1 - 2016
CISA Training - Chapter 1 - 2016Hafiz Sheikh Adnan Ahmed
 
P_Schaney_06_2015
P_Schaney_06_2015P_Schaney_06_2015
P_Schaney_06_2015Paul Schaney
 
Standards of Internal Audit
Standards of Internal AuditStandards of Internal Audit
Standards of Internal AuditKaran Puri
 
Key considerations for your internal audit plan
Key considerations for your internal audit planKey considerations for your internal audit plan
Key considerations for your internal audit planessbaih
 
The role of Operational and Performance-based Auditing on Government and the ...
The role of Operational and Performance-based Auditing on Government and the ...The role of Operational and Performance-based Auditing on Government and the ...
The role of Operational and Performance-based Auditing on Government and the ...paul young cpa, cga
 
Internal audit strategy for non-profits
Internal audit strategy for non-profitsInternal audit strategy for non-profits
Internal audit strategy for non-profitsDebashis Gupta
 
Examining Audit Quality, Common Engagement Deficiencies and the Importance of...
Examining Audit Quality, Common Engagement Deficiencies and the Importance of...Examining Audit Quality, Common Engagement Deficiencies and the Importance of...
Examining Audit Quality, Common Engagement Deficiencies and the Importance of...International Federation of Accountants
 
Project Management Fundamentals Course
Project Management Fundamentals CourseProject Management Fundamentals Course
Project Management Fundamentals CourseGobi Durairaj PMP, PMI-ACP, SAFe SA
 
Performing Audits Efficiently and Expanding Service Offerings: Global and Loc...
Performing Audits Efficiently and Expanding Service Offerings: Global and Loc...Performing Audits Efficiently and Expanding Service Offerings: Global and Loc...
Performing Audits Efficiently and Expanding Service Offerings: Global and Loc...International Federation of Accountants
 
Hanrick Curran Audit Training - Internal Controls - March 2013
Hanrick Curran Audit Training - Internal Controls - March 2013Hanrick Curran Audit Training - Internal Controls - March 2013
Hanrick Curran Audit Training - Internal Controls - March 2013Matthew Green
 
Internal Audit Best Practices for Safety, Environment, and Quality Audits
Internal Audit Best Practices for Safety, Environment, and Quality AuditsInternal Audit Best Practices for Safety, Environment, and Quality Audits
Internal Audit Best Practices for Safety, Environment, and Quality AuditsNimonik
 
Internal audit procedure
Internal audit procedureInternal audit procedure
Internal audit procedurebhavikjariwala
 
Risk Assessment For Internal Auditors
Risk Assessment For Internal AuditorsRisk Assessment For Internal Auditors
Risk Assessment For Internal Auditorsminkhollow
 
BDO Tax Due Diligence
BDO Tax Due DiligenceBDO Tax Due Diligence
BDO Tax Due DiligenceBDO Indonesia
 
Audit of Risk Management Final Report
Audit of Risk Management Final ReportAudit of Risk Management Final Report
Audit of Risk Management Final Reportessbaih
 
Audit Process: How to Successfully Plan Audit
Audit Process: How to Successfully Plan Audit Audit Process: How to Successfully Plan Audit
Audit Process: How to Successfully Plan Audit complianceonline123
 
ISRS 4410 (Revised) Compilation Engagements, A Standard for Today's Financial...
ISRS 4410 (Revised) Compilation Engagements, A Standard for Today's Financial...ISRS 4410 (Revised) Compilation Engagements, A Standard for Today's Financial...
ISRS 4410 (Revised) Compilation Engagements, A Standard for Today's Financial...International Federation of Accountants
 
Nathanielshannon_streetdicks_zine
Nathanielshannon_streetdicks_zineNathanielshannon_streetdicks_zine
Nathanielshannon_streetdicks_zineNathaniel C. Shannon
 
Nathanielshannon_studio
Nathanielshannon_studioNathanielshannon_studio
Nathanielshannon_studioNathaniel C. Shannon
 
Mpp komatsu会社紹介
Mpp komatsu会社紹介Mpp komatsu会社紹介
Mpp komatsu会社紹介yasuharukomatsu
 

Contenu connexe

Tendances

How to Create an Effective Business Continuity Program
How to Create an Effective Business Continuity ProgramHow to Create an Effective Business Continuity Program
How to Create an Effective Business Continuity ProgramAl Abbas, PMP, CISSP, MBA, MSc
 
Standards of Internal Audit
Standards of Internal AuditStandards of Internal Audit
Standards of Internal AuditKaran Puri
 
Key considerations for your internal audit plan
Key considerations for your internal audit planKey considerations for your internal audit plan
Key considerations for your internal audit planessbaih
 
The role of Operational and Performance-based Auditing on Government and the ...
The role of Operational and Performance-based Auditing on Government and the ...The role of Operational and Performance-based Auditing on Government and the ...
The role of Operational and Performance-based Auditing on Government and the ...paul young cpa, cga
 
Internal audit strategy for non-profits
Internal audit strategy for non-profitsInternal audit strategy for non-profits
Internal audit strategy for non-profitsDebashis Gupta
 
Examining Audit Quality, Common Engagement Deficiencies and the Importance of...
Examining Audit Quality, Common Engagement Deficiencies and the Importance of...Examining Audit Quality, Common Engagement Deficiencies and the Importance of...
Examining Audit Quality, Common Engagement Deficiencies and the Importance of...International Federation of Accountants
 
Performing Audits Efficiently and Expanding Service Offerings: Global and Loc...
Performing Audits Efficiently and Expanding Service Offerings: Global and Loc...Performing Audits Efficiently and Expanding Service Offerings: Global and Loc...
Performing Audits Efficiently and Expanding Service Offerings: Global and Loc...International Federation of Accountants
 
Hanrick Curran Audit Training - Internal Controls - March 2013
Hanrick Curran Audit Training - Internal Controls - March 2013Hanrick Curran Audit Training - Internal Controls - March 2013
Hanrick Curran Audit Training - Internal Controls - March 2013Matthew Green
 
Internal Audit Best Practices for Safety, Environment, and Quality Audits
Internal Audit Best Practices for Safety, Environment, and Quality AuditsInternal Audit Best Practices for Safety, Environment, and Quality Audits
Internal Audit Best Practices for Safety, Environment, and Quality AuditsNimonik
 
Internal audit procedure
Internal audit procedureInternal audit procedure
Internal audit procedurebhavikjariwala
 
Risk Assessment For Internal Auditors
Risk Assessment For Internal AuditorsRisk Assessment For Internal Auditors
Risk Assessment For Internal Auditorsminkhollow
 
BDO Tax Due Diligence
BDO Tax Due DiligenceBDO Tax Due Diligence
BDO Tax Due DiligenceBDO Indonesia
 
Audit of Risk Management Final Report
Audit of Risk Management Final ReportAudit of Risk Management Final Report
Audit of Risk Management Final Reportessbaih
 
Audit Process: How to Successfully Plan Audit
Audit Process: How to Successfully Plan Audit Audit Process: How to Successfully Plan Audit
Audit Process: How to Successfully Plan Audit complianceonline123
 
ISRS 4410 (Revised) Compilation Engagements, A Standard for Today's Financial...
ISRS 4410 (Revised) Compilation Engagements, A Standard for Today's Financial...ISRS 4410 (Revised) Compilation Engagements, A Standard for Today's Financial...
ISRS 4410 (Revised) Compilation Engagements, A Standard for Today's Financial...International Federation of Accountants
 

Tendances (19)

How to Create an Effective Business Continuity Program
How to Create an Effective Business Continuity ProgramHow to Create an Effective Business Continuity Program
How to Create an Effective Business Continuity Program
 
Limited Assurance Engagements for Practitioners
Limited Assurance Engagements for PractitionersLimited Assurance Engagements for Practitioners
Limited Assurance Engagements for Practitioners
 
CISA Training - Chapter 1 - 2016
CISA Training - Chapter 1 - 2016CISA Training - Chapter 1 - 2016
CISA Training - Chapter 1 - 2016
 
P_Schaney_06_2015
P_Schaney_06_2015P_Schaney_06_2015
P_Schaney_06_2015
 
Standards of Internal Audit
Standards of Internal AuditStandards of Internal Audit
Standards of Internal Audit
 
Key considerations for your internal audit plan
Key considerations for your internal audit planKey considerations for your internal audit plan
Key considerations for your internal audit plan
 
The role of Operational and Performance-based Auditing on Government and the ...
The role of Operational and Performance-based Auditing on Government and the ...The role of Operational and Performance-based Auditing on Government and the ...
The role of Operational and Performance-based Auditing on Government and the ...
 
Internal audit strategy for non-profits
Internal audit strategy for non-profitsInternal audit strategy for non-profits
Internal audit strategy for non-profits
 
Examining Audit Quality, Common Engagement Deficiencies and the Importance of...
Examining Audit Quality, Common Engagement Deficiencies and the Importance of...Examining Audit Quality, Common Engagement Deficiencies and the Importance of...
Examining Audit Quality, Common Engagement Deficiencies and the Importance of...
 
Project Management Fundamentals Course
Project Management Fundamentals CourseProject Management Fundamentals Course
Project Management Fundamentals Course
 
Performing Audits Efficiently and Expanding Service Offerings: Global and Loc...
Performing Audits Efficiently and Expanding Service Offerings: Global and Loc...Performing Audits Efficiently and Expanding Service Offerings: Global and Loc...
Performing Audits Efficiently and Expanding Service Offerings: Global and Loc...
 
Hanrick Curran Audit Training - Internal Controls - March 2013
Hanrick Curran Audit Training - Internal Controls - March 2013Hanrick Curran Audit Training - Internal Controls - March 2013
Hanrick Curran Audit Training - Internal Controls - March 2013
 
Internal Audit Best Practices for Safety, Environment, and Quality Audits
Internal Audit Best Practices for Safety, Environment, and Quality AuditsInternal Audit Best Practices for Safety, Environment, and Quality Audits
Internal Audit Best Practices for Safety, Environment, and Quality Audits
 
Internal audit procedure
Internal audit procedureInternal audit procedure
Internal audit procedure
 
Risk Assessment For Internal Auditors
Risk Assessment For Internal AuditorsRisk Assessment For Internal Auditors
Risk Assessment For Internal Auditors
 
BDO Tax Due Diligence
BDO Tax Due DiligenceBDO Tax Due Diligence
BDO Tax Due Diligence
 
Audit of Risk Management Final Report
Audit of Risk Management Final ReportAudit of Risk Management Final Report
Audit of Risk Management Final Report
 
Audit Process: How to Successfully Plan Audit
Audit Process: How to Successfully Plan Audit Audit Process: How to Successfully Plan Audit
Audit Process: How to Successfully Plan Audit
 
ISRS 4410 (Revised) Compilation Engagements, A Standard for Today's Financial...
ISRS 4410 (Revised) Compilation Engagements, A Standard for Today's Financial...ISRS 4410 (Revised) Compilation Engagements, A Standard for Today's Financial...
ISRS 4410 (Revised) Compilation Engagements, A Standard for Today's Financial...
 

En vedette

Anshuman Lohani _Operations
Anshuman Lohani _OperationsAnshuman Lohani _Operations
Anshuman Lohani _OperationsAnshuman Lohani
 
mukavait_paikky_esittely_30_lyhyt
mukavait_paikky_esittely_30_lyhytmukavait_paikky_esittely_30_lyhyt
mukavait_paikky_esittely_30_lyhytPetri Väyrynen
 
Mpp komatsu会社紹介①
Mpp komatsu会社紹介①Mpp komatsu会社紹介①
Mpp komatsu会社紹介①yasuharukomatsu
 
Digital Transformation - Cultuur Connect
Digital Transformation - Cultuur ConnectDigital Transformation - Cultuur Connect
Digital Transformation - Cultuur ConnectJo De Ridder
 

En vedette (12)

Nathanielshannon_streetdicks_zine
Nathanielshannon_streetdicks_zineNathanielshannon_streetdicks_zine
Nathanielshannon_streetdicks_zine
 
Nathanielshannon_studio
Nathanielshannon_studioNathanielshannon_studio
Nathanielshannon_studio
 
Mpp komatsu会社紹介
Mpp komatsu会社紹介Mpp komatsu会社紹介
Mpp komatsu会社紹介
 
Portafolio de Ingles
Portafolio de InglesPortafolio de Ingles
Portafolio de Ingles
 
Anshuman Lohani _Operations
Anshuman Lohani _OperationsAnshuman Lohani _Operations
Anshuman Lohani _Operations
 
Nathanielshannon_lifestyle
Nathanielshannon_lifestyleNathanielshannon_lifestyle
Nathanielshannon_lifestyle
 
WILFRED SARONE- CV
WILFRED SARONE- CVWILFRED SARONE- CV
WILFRED SARONE- CV
 
mukavait_paikky_esittely_30_lyhyt
mukavait_paikky_esittely_30_lyhytmukavait_paikky_esittely_30_lyhyt
mukavait_paikky_esittely_30_lyhyt
 
El sobrepeso
El sobrepesoEl sobrepeso
El sobrepeso
 
Ember - introduction
Ember - introductionEmber - introduction
Ember - introduction
 
Mpp komatsu会社紹介①
Mpp komatsu会社紹介①Mpp komatsu会社紹介①
Mpp komatsu会社紹介①
 
Digital Transformation - Cultuur Connect
Digital Transformation - Cultuur ConnectDigital Transformation - Cultuur Connect
Digital Transformation - Cultuur Connect
 

Similaire à JohanCVJuly2015

Ea As A Strategy M Veeraragaloo Approach
Ea As A Strategy M Veeraragaloo ApproachEa As A Strategy M Veeraragaloo Approach
Ea As A Strategy M Veeraragaloo ApproachMaganathin Veeraragaloo
 
Gail Gillis Resume vMarch 2015
Gail Gillis Resume vMarch 2015Gail Gillis Resume vMarch 2015
Gail Gillis Resume vMarch 2015Gail Gillis
 
WLS Services Brochure March 2013
WLS Services Brochure March 2013WLS Services Brochure March 2013
WLS Services Brochure March 2013Mike Wright
 
CobiT, Val IT & Balanced Scorecards
CobiT, Val IT & Balanced ScorecardsCobiT, Val IT & Balanced Scorecards
CobiT, Val IT & Balanced ScorecardsMichael Sim
 
Resume -pd 241020106 (2)
Resume -pd 241020106 (2)Resume -pd 241020106 (2)
Resume -pd 241020106 (2)Pankaj Dass
 
Lynes Diagrams
Lynes DiagramsLynes Diagrams
Lynes Diagramsrlynes
 
6 Steps to Transition Govt ICT effectiveness
6 Steps to Transition Govt ICT effectiveness6 Steps to Transition Govt ICT effectiveness
6 Steps to Transition Govt ICT effectivenessRavi Tirumalai
 
Information resources, mis, csvtu
Information resources, mis, csvtuInformation resources, mis, csvtu
Information resources, mis, csvtuNarender Chintada
 
Asma resume strategy business solutions final
Asma resume strategy business solutions finalAsma resume strategy business solutions final
Asma resume strategy business solutions finalasmajaleel
 
New hospital it strategy 2
New hospital it strategy 2New hospital it strategy 2
New hospital it strategy 2Pankaj Gupta
 
Info-Tech Research Group & Boardroom Events Value Prop Presentation
Info-Tech Research Group & Boardroom Events Value Prop PresentationInfo-Tech Research Group & Boardroom Events Value Prop Presentation
Info-Tech Research Group & Boardroom Events Value Prop PresentationHilary Carney Badoian
 
Give Your Company the Competitive Edge by Means of an IT Audit
Give Your Company the Competitive Edge by Means of an IT AuditGive Your Company the Competitive Edge by Means of an IT Audit
Give Your Company the Competitive Edge by Means of an IT AuditEES Africa (Pty) Ltd
 
Approach for transformation kickoff
Approach for transformation kickoffApproach for transformation kickoff
Approach for transformation kickoffBrian Maguire
 
MV Consulting_CPM Practise Presentation
MV Consulting_CPM Practise PresentationMV Consulting_CPM Practise Presentation
MV Consulting_CPM Practise PresentationLino Acito
 
International Target Operating Model Design
International Target Operating Model DesignInternational Target Operating Model Design
International Target Operating Model DesignChris Oddy
 
Continuous improvement for small businesses - software-as-a-service
Continuous improvement for small businesses - software-as-a-serviceContinuous improvement for small businesses - software-as-a-service
Continuous improvement for small businesses - software-as-a-serviceTOPP Tactical Intelligence Ltd
 

Similaire à JohanCVJuly2015 (20)

Ea As A Strategy M Veeraragaloo Approach
Ea As A Strategy M Veeraragaloo ApproachEa As A Strategy M Veeraragaloo Approach
Ea As A Strategy M Veeraragaloo Approach
 
Gail Gillis Resume vMarch 2015
Gail Gillis Resume vMarch 2015Gail Gillis Resume vMarch 2015
Gail Gillis Resume vMarch 2015
 
WLS Services Brochure March 2013
WLS Services Brochure March 2013WLS Services Brochure March 2013
WLS Services Brochure March 2013
 
Resume karim mohamed 20
Resume karim mohamed 20 Resume karim mohamed 20
Resume karim mohamed 20
 
CobiT, Val IT & Balanced Scorecards
CobiT, Val IT & Balanced ScorecardsCobiT, Val IT & Balanced Scorecards
CobiT, Val IT & Balanced Scorecards
 
Resume -pd 241020106 (2)
Resume -pd 241020106 (2)Resume -pd 241020106 (2)
Resume -pd 241020106 (2)
 
Lynes Diagrams
Lynes DiagramsLynes Diagrams
Lynes Diagrams
 
6 Steps to Transition Govt ICT effectiveness
6 Steps to Transition Govt ICT effectiveness6 Steps to Transition Govt ICT effectiveness
6 Steps to Transition Govt ICT effectiveness
 
Information resources, mis, csvtu
Information resources, mis, csvtuInformation resources, mis, csvtu
Information resources, mis, csvtu
 
Practical experiences of portfolio management
Practical experiences of portfolio managementPractical experiences of portfolio management
Practical experiences of portfolio management
 
Asma resume strategy business solutions final
Asma resume strategy business solutions finalAsma resume strategy business solutions final
Asma resume strategy business solutions final
 
New hospital it strategy 2
New hospital it strategy 2New hospital it strategy 2
New hospital it strategy 2
 
Info-Tech Research Group & Boardroom Events Value Prop Presentation
Info-Tech Research Group & Boardroom Events Value Prop PresentationInfo-Tech Research Group & Boardroom Events Value Prop Presentation
Info-Tech Research Group & Boardroom Events Value Prop Presentation
 
Give Your Company the Competitive Edge by Means of an IT Audit
Give Your Company the Competitive Edge by Means of an IT AuditGive Your Company the Competitive Edge by Means of an IT Audit
Give Your Company the Competitive Edge by Means of an IT Audit
 
Approach for transformation kickoff
Approach for transformation kickoffApproach for transformation kickoff
Approach for transformation kickoff
 
Cobit 41 framework
Cobit 41 frameworkCobit 41 framework
Cobit 41 framework
 
Process
ProcessProcess
Process
 
MV Consulting_CPM Practise Presentation
MV Consulting_CPM Practise PresentationMV Consulting_CPM Practise Presentation
MV Consulting_CPM Practise Presentation
 
International Target Operating Model Design
International Target Operating Model DesignInternational Target Operating Model Design
International Target Operating Model Design
 
Continuous improvement for small businesses - software-as-a-service
Continuous improvement for small businesses - software-as-a-serviceContinuous improvement for small businesses - software-as-a-service
Continuous improvement for small businesses - software-as-a-service
 

JohanCVJuly2015

  • 1. Johan van Zyl 1 08/04/15 CURRICULUM VITAE: Johan van Zyl A. GENERAL INFORMATION Physical address 15 Lightning Shot, Mooikloof 0059 Postal address P.O. Box 92154, Mooikloof,0059 Work tel. no (012) 671 8914 Work fax no. (012) 671 8180 Home no. (012) 996 0128 Cell phone no. 083 326 7767 B. PERSONAL DETAIL Full name Johan Surname van Zyl Nationality South African Citizen Home language Afrikaans Other languages English C. ACADEMIC QUALIFICATIONS Pretoria Technicon 1987 – 1992 1987 – 1992: Nas. Dipl. Computer Data Processing Major subjects: Computer Business Programming, Information Systems D. OTHER QUALIFICATIONS Professional Qualifications 1996: ISACA 2004: ITIL Foundation 2005: ITIL Configuration, Release and Change Management 2005: Management Development Program GIBS 2009: Senior Leadership Development Program USB. Winner: Group project assignment Other Qualifications/Courses 1994 to 1996 Various IT Audit courses at CBS Training: Auditing Networks, Auditing MVS and Auditing AS400 1997 to 1998 Various IT courses at ABSA Training: Control Self Assessment, Auditing Y2K, 1998 to 2004 Auditing MVS; Introduction to MQ, Introduction to DB2 2006 ITIL: Service Deliver and Operations Manager course.
  • 2. Johan van Zyl 2 08/04/15 E. PREVIOUS EXPERIENCE (most recent position first) MMI Group Physical address Momentum, 268 West Avenue, Centurion MMI: IT Audit Specialist – 01 March 2013 to present. Work force: 1 CAE, 1X Head of Audit: IT,1 X IT Audit Manager, 7 X IT Auditors. Support: 7 Heads of Audit and 5 audit managers and 3 audit specialists Customer base: Momentum Retail,Momentum Employer Benefits,MMI Balance SheetManagement, Group Support Services, Momentum Investments,MMSA Health,Metropolitan Retail,Metropolitan International and I&O (Information Technology and Operations). Duties Main duties 1. Identify high risk areas, plan and scope audits – continuously 2. Apply sound IT audit methodology – including integrated audit approach 3. Ensure compliance with MMI GIA methodology and working papers, including audit execution 4. Develop and provide input in respectof new procedures or system 5. Customer relationship with IT Heads and Business Executives (C-level) 6. Research new trends in IT and emerging risks 7. Feedback to CAE and Heads ofAudit on strategic initiatives within customer base Identify high risk areas, plan and scope audits  Once a year a high level overall planning for the next financial year audits are planned. Input provided for IT related audits to be executed.  The plan is continuouslymonitored for changes – risk and customer request. Updated quarterly.  Individual audits area assigned to the best potential resource available from team.  Confirm audit scope and timing with business management.  Manage deviations from the plan and scope of the audit. Apply sound IT audit methodology – including integrated audit approach  Requires understanding of business environment to determine best audit approach.  This may require that methodology/approach be adapted to the specific requirement of the business.  The usage of integrated audits for the specific environment is investigated and identified.  Indentify and use of acceptable audit frameworks that support the audit methodology.  Develop and maintain audit methodology in alignment with best practices. Ensure compliance with MMI GIA methodology and working papers, including audit execution  Ensure that MMI GIA methodologies are used.  Use Teammate as audit tool for the planning and execution of planned audits.  Ensure that audit working papers are used.  Ensure that auditwork is done according to MMI GIA standards and thatwork performed can be relied upon by external audit.  Perform audits at strategic level to ensure that overall functions can be relied on during the execution of detailed audits – used as guidance for other audits. Develop and provide input in respect of new procedures or system.  Provide Audit management team and auditors overview of the usage of different IT audit disciplines on audits.  Identify new development methodologies used in Momentum and develop audit programs accordingly.  Identify areas of improvement on audits and implement relevant improvement.  Provide support for integrated audits performed. Customer relationship  Manage relationship with the different IT managers within Customer base.
  • 3. Johan van Zyl 3 08/04/15 with IT Heads and business executives  Manage and maintain relationship with ITRisk manager for MMI.  Obtain and review strategic and operational plans to identify relevant information required for the Audit universe used during the auditplanning process.  Attended the risk and auditforms to discuss ITrelated risks and/or concerns. Research new trends in IT  Perform research on new trends on IT and the impact on MMI I&O environment.  Provide support and training the technical audit teams for the identification of risk and audit programs.  Provide feedback at IT Steercoms regarding risks and related matters on the new trends.  Attended the risk and audit forms to discuss IT related risks and/or concerns , including emerging risks.  Assist the IT Risk Manager and IT Governance manager with risk identification and management, including the drafting of relevant policies.  Attend related IT forums,seminars and workshops to stayinformed on topics of interestin the current IT domain,including GRC. Feedback to CAE and Heads of Audit on strategic initiatives within customer base  Identify new strategy initiatives within the business units and provide feedback to CAE and Heads ofAudit.  Identify potential impacts on the audit plan and make recommendations on changes.  Assistwith the alignmentofAudit departmentto the new strategy.  Identify risk areas that may require focus form audit.  Feedback on the various IT forums,seminars and workshops attended for better understanding of the direction of the IT. FirstRand/MMI Group 01 September 2009 to 30 June 2013 (Momentum unbundled from FirstRand to form MMI Group with Metropolitan) Physical address Momentum, 268 West Avenue, Centurion Manager: IT Audit . Work force: 1 CAE, 2 X ACR Auditors, 1 X PM Auditors and 1 X CAATS auditors. Support: 3 X Audit managers and 10 X auditors (Business/Financial auditors) Customer base: Momentum Retail,Momentum Employer Benefits,MMI Balance SheetManagement, Group Support Services excluding HR, MMI IT North. Duties Main duties 8. Identify high risk areas, plan and scope audits – continuously 9. Apply sound IT audit methodology – including integrated audit approach 10. Ensure compliance with MMI GIA methodology and working papers 11. Develop and provide input in respectof new procedures or system 12. Customer relationship with IT managers 13. Research new trend in IT
  • 4. Johan van Zyl 4 08/04/15 Identify high risk areas, plan and scope audits  Once a year a high level overall planning for the next financial year audits are planned. Input provided for IT related audits to be executed.  The plan is continuouslymonitored for changes – risk and customer request. Updated quarterly.  Individual audits area assigned to the best potential resource available from team.  Confirm audit scope and timing with business management.  Manage deviations from the plan and scope of the audit. Apply sound IT audit methodology – including integrated audit approach  Requires understanding of business environment to determine best audit approach.  This may require that methodology/approach be adapted to the specific requirement of the business.  The usage of integrated audits for the specific environment is investigated and identified.  Indentify and use of acceptable audit frameworks that support the audit methodology.  Develop and maintain audit methodology in alignment with best practices. Ensure compliance with FRGIA methodology and working papers  Ensure that MMI GIA methodologies are used.  Use Teammate as audit tool for the planning and execution of planned audits.  Ensure that audit working papers are used.  Ensure that auditwork is done according to MMI GIA standards and thatwork performed can be relied upon by external audit. Develop and provide input in respect of new procedures or system.  Provide Audit management team and auditors overview of the usage of different IT audit disciplines on audits.  Identify new development methodologies used in Momentum and develop audit programs accordingly.  Identify areas of improvement on audits and implement relevant improvement.  Provide support for integrated audits performed. Customer relationship with IT managers  Manage relationship with the different IT managers within Customer base.  Manage and maintain relationship with ITRisk manager for MMI.  Obtain and review strategic and operational plans to identify relevant information required for the Audit universe used during the auditplanning process.  Attended the risk and auditforms to discuss ITrelated risks and/or concerns. FirstRand Internal Audit: Momentum: ACR Auditor – 01 October 2007 to 31 August 2009 Work force: 1 Senior Manager, 1 Manager, 14 ACR Auditors (GIA audit team) Customer base: Momentum: Wealth, Sales, Retail, Group Benefits, Health, New Markets and Financial and Actuarial Services. Duties Main duties 1. Plan and scope audits 2. Identify risks, management‘s objectives and controls 3. Execute planned audits 4. Supportother ACR auditor’s with Momentum systems 5. Customer relationship with IT managers
  • 5. Johan van Zyl 5 08/04/15 Plan and scope audits  Once a year the overall planning for the next financial year audits are planned.Inputprovided for IT related audits to be executed.  Plan and scope individual audits as per audit plan.  Confirm audit scope and timing with business management.  Manage deviations from the plan and scope of the audit. Identify risk, management’s objectives and controls  Risk based audit approached is used.  Management objectives are identified.  Risks are identified and rated.  Mitigating controls are identified. Execute planned audits.  Audit plans are created in accordance of the controls identified.  Audits are executed according to the agreed audit plans.  Write and complete audit reports. Support other ACR auditor’s with Momentum systems.  Assist with identifying risks and controls in applications.  Assist with the execution of the audit when required.  Perform peer reviews of audits performed on Teammate. Customer relationship with IT managers  Manage relationship with the different IT managers within Momentum – Each Business Unit have it’s own IT department with IT manager.  Manage relationship with IT Risk Manager  Provide the Audit universe used during the auditplanning process.  Attended the risk and auditforms to discuss ITrelated risks and/or concerns. Momentum: Position 4 Snr IT Auditor – January 2007 till 01 October 2007 Work force: 1 Senior Manager, 1 Manager, 6 Internal Auditors Customer base: Information Technology Support services (ITSS), Wealth, Sales, Retail, Health, New Markets and Financial and Actuarial Services. Duties Main duties 1. Plan and scope ACR audits 2. Identify risks, management‘s objectives and controls 3. Execute planned ACR audits 4. Supportbusiness auditors with Integrated audits (ACR’S) 5. Performed SDLC reviews 6. Performed GCR reviews 7. Performed and assisted with CAATS (IDEA) 8. General IT supportand training for team members 9. Customer relationship with IT managers
  • 6. Johan van Zyl 6 08/04/15 Plan and scope ACR audits  Once a year the overall planning for the next financial year audits are planned. Input provided for IT related audits to be executed.  Plan and scope individual audits as per audit plan.  Confirm audit scope and timing with business management.  Manage deviations from the plan and scope of the audit. Identify risk, management’s objectives and controls  Risk based audit approached is used.  Management objectives are identified.  Risks are identified and rated.  Mitigating controls are identified. Execute planned ACR audits.  Audit plans are created in accordance of the controls identifies.  Audits are executed according to the agreed audit plans.  Write and complete audit reports. Support business auditors with Integrated audits  Assist with the up-skill of business auditors to perform ACR reviews.  Assist with identifying risks and controls in applications.  Assist with the execution of the audit were technical information is required.  Assist with the obtaining data for the execution of CAATS.  Assist with the execution of CAATS.  Performed integrated audits within the Health environment. Performed SLDC reviews  Reviewed high risk projects within the Wealth environment  Plan and scoped the review  Identified high risk areas for the projects  Management objectives are identified.  Created audit plans according to the risks identified.  Executed the audit plan  Write and complete audit report. Performed GCR reviews  Plan and scoped the reviews  Identified high risk areas for the projects  Management objectives are identified.  Created audit plans according to the risks identified.  Executed the audit plan  Write and complete audit report. Performed and assisted with CAATS  Performed CAATS as and when required on ACR audits.  Assist with the obtaining data for the execution of CAATS.  Assist with the execution of CAATS.  Provided the information to the relevant Business/Financial auditors for follow-up General IT support and training for team members.  Assist with the procurement of IT hardware for the department.  Assist with the evaluation and procurement of IT software for the department.  Assist with the training of staff members in IT skills and concepts. Customer relationship with IT managers  Manage relationship with the different IT managers within Momentum – Each Business Unithas an IT department with IT manager.  Manage and maintain relationship with ITRisk Manager.  Create and maintain the Audit universe - used during the audit planning process.  Attended the daily ITSS incident/managementfeedback session.  Attended the risk and auditforms to discuss ITrelated risks and/or concerns. Nedcor: Position 3 Manager: IT Change Management: Transaction Processing - January 2003 to December 2006 Work force: 4 Managers 2 Admin staff members
  • 7. Johan van Zyl 7 08/04/15 Customer base: Various staff members requesting changes in Production Duties Main duties 1. Manage and approval of change requests. 2. Risk management of change request 3. Process management: Change and Risk process, general process consultation 4. Compliance representative (including FAIS & FICA) 5. Risk Management – Audits, Incident risks,legal incidents Manage and Approval of change requests Number of changes: 50 per week.  Verify completeness of change request with regards to implementation, back-out and post- implementation testing  Confirm change impact and risk to the organization.  Verify approvals and approve/decline request based on overview of request.  Communicate change status or requestadditional information/improvements to change request.  Attend meeting to discuss and provide input of major releases. Risk management of change request Number of changes: Average 120 per week.  Provide baseline criteria for the quantification of risk and impact of change request.  Risk and Impact matrix for production system.  Review and advise on over all risk status for deployment period  Support unit with risk management of change requests. Risk, Compliance and Audit management and administration  Ensure compliance to legislation and associated regulations for IT Change, Release and Configuration Management in conjunction with Group IT Compliance  Audit administration for IT Change, Release and Configuration Management  Ensure Risk management for IT Change, Release and Configuration Management Awards Internal Award for Dedication– 2004 Internal Award for Dedication – 2005 Reasons to end duties Contacted by Audit Manager from Momentum and offered a position to assist with IT audits and create an integrated audit approach between business/financial and IT audits. Contact person Line manager: Hayes Francis– 083 327 3244 – Senior Manager Nedcor: Position 2 Risk Manager: IT Change Management - April 2002 to December 2002 Duties Creation of Risk Model for It Change Management Create policies and procedures for IT Change Management: Due to impact as a resultof changes implemented,position was created for the management of risk within the IT Change Management unit. Responsible for the identification and management of High risk changes and ensure appropriate levels of risk during change periods. Create a classification system for changes. Categories: Critical, High, Medium and Low changes Reasons to end duties Restructuring of function into current portfolio with additional responsibilities and the need to broaden my exposure, scope of control and work experience. Contact person Line manager: Clive Blaiklock – Retired Nedcor: Position 1 IT Audit – February 1998 to March 2002
  • 8. Johan van Zyl 8 08/04/15 General Controls  Review of General Controls in the IT environment for Nedcor, Nedcor Investment bank and Old Mutual Bank  Assist with Control Self Assessment process and workshops for IT  Implementation of Cobit Framework in Nedcor, Nedcor Investment Bank and Old Mutual Bank Project Audits  Project reviews against Funnel and Gates (SDLC) framework for Nedcor and Nedcor Investment Bank  Ensure adequate controls is systems during design and development phases  Monitor and verify implementation of solutions Awards Bronze, Silver and Gold awards in 2001 for excellent delivery on project objectives Bronze awards in 1999 and 2000 for excellent work delivery and acceptance of responsibility Contact person Line manager: Jacques Lourens – Senior Manager, IT Audit, Nedcor Bank Head: IT Audit: Deon Pienaar – Group Internal Audit, Nedcor Bank Reasons to change job The General Manager for IT Operations offered me the risk management position at IT Change Management. I accepted the position to further my career and broaden my scope. ABSA IT Audit – July 1996 to February 1998 Project Audits  Project reviews of Front-end solutions – client interface systems (Internet Banking, ATM’s, Banking Platforms)  Ensure adequate controls is systems during design and development phases  Monitor and verify implementation of solutions  Implementation of Control Self Assessment Reasons to change jobs I was offered a similar position at Nedcor Bank. Nedbank was then regarded as on of the most IT innovative banking environments in SA. Contact person Line manager: Karen – Retired. Office of the Auditor-General Manager: IT Audit – May 1995 – June 1996 Duties  General Control Audits  Training of IT Audit Staff  Financial Audit of State Computer Operations (SITA) Reasons to change job Offered a better position at ABSA that would broaden experience and scope of work. Contact person Line manager: Mr. Kallie Pienaar Office of the Auditor-General Financial Auditor – December 1984 – May 1995 Duties  General Financial Audits at Department of Public Works and Department of Correctional Services  General Systems Audits at Department of Public Works and Department of Correctional Services Reasons to change job Offered a promotion as manager in the IT Audit department.
  • 9. Johan van Zyl 9 08/04/15 Contact person Line manager: Mr. Jaap Meyer