David Nganga

DAVID NGANGA MWANGI Cell: -, - Email:- Professional Summary David is a young professional ready to work in established organization and contribute to its overall success by utilizing my skills in risk management, Fraud assessment, information system auditing and security. I am selfmotivated, organized and capable of working under pressure. I have a clear, logical mind with a practical approach to problem solving and a drive to see things through to completion. In short, I am reliable, trustworthy, hardworking and eager to learn at every opportunity. Competencies • • • • • • Knowledge of IT Governance, IT audit standard, COBIT, ITIL Sound critical thinking skills Exceptional analytical mind Proficient using CAATs – IDEA, TEAMMATE Hands-on experience in managing business risks Familiarity with risk governance processes Academic qualifications Period : September 2006- April 2010 Institution: Maseno University, Kisumu Kenya Award : BSC Computer Science & Technology 2nd class upper division Period : 2001 – 2004 Institution: Kiaguthu Boy’s High School Award Kenya Certificate of Secondary Education (Mean Grade A-) Professional Qualifications Period : June 2018 to-Date Institution : IIA – Institute of Internal Auditors Award : To be awarded – Certified Internal Auditor Period : Jan 2013 to Jun 2013 Institution: ISACA Award : CISA Certification No- Period : Sept 2007 to 2010 Institution: CCNA Maseno University Cisco Networking Academy Award : CCNA1, CCNA2, CCNA3, CCNA4. Period : January 2006-Dec 2008 Institution: Kenya College of Accountancy in conjunction with K.A.S.N.E.B Award : Certified Public Accounts Part II section IV. Professional Experience The Judiciary – Kenya, Internal Audit and Risk Management Department April 2017 - to Date: Senior Internal Auditor Duties; • • • • • • • • • • • • Carrying out risk-based Audit Planning and execution Developing audit programs and auditing of the information systems Analyzing and reviewing extracted data Reviewing IT governance Reviewing business continuity and disaster recovery procedures Documenting and reporting on audit findings and recommendations Carrying out continuous auditing and monitoring of systems. Reviewing pre and post implementation of IT projects Doing follow up on the progress of implementation of recommendations Classifying, evaluating, and monitoring the corporation’s risk. Performing risk identification, reporting and monitoring operations. Developing and updating fraud prevention and risk management guides Postal Corporation of Kenya, Internal Audit and Risk Management Department Jan 2015 – March 2017: Assistant Manager Information System Audit & Risk Management Duties; • • • • • • • • • • • • • • • Carrying out risk-based Audit Planning and execution Developing audit programs and auditing of the corporation information systems Reviewing business continuity and disaster recovery procedures Documenting and reporting on audit findings and recommendations Carrying out continuous auditing and monitoring of systems. Reviewing pre and post implementation of IT projects Analyzing and reviewing extracted data Doing follow up on the progress of implementation of recommendations Classifying, evaluating, and monitoring the corporation’s risk. Performing risk identification, reporting and monitoring operations. Preparing, presenting and analyzing fraud prevention reports, statistics and trends Conducting risk identification and assessment workshops when needed. Leading project risk management Working with management to develop risk mitigation strategies. Developing and updating fraud prevention and risk management guides Postal Corporation of Kenya, Internal Audit Department Jan 2012 - to Dec 2014: Information System Auditor My Duties and Responsibilities under this role include; • • • • • • • • • • Carrying out risk-based Audit Planning and execution Performing IT general controls reviews, application controls testing, and segregation of duties analysis. Developing audit programs and auditing of the corporation information systems Reviewing business continuity and disaster recovery procedures Documenting and reporting on audit findings and recommendations Carrying out continuous auditing and monitoring of systems. Reviewing pre and post implementation of IT projects Support financial audits by assessing information systems controls Assessing IT risks and evaluated the effectiveness of control levels. Doing follow up on the progress of implementation of recommendations Infiniti Africa - Contract Jun 2010- Dec 2011: Software Development and IT security • • • • • Software development(In house) and Design End User support and training Software support Information security consultancy. Firewall maintenance Memberships • • • Member of ISACA Member of IIA Student member IICFIP Research Interests • IT security and forensics • Trends in Information security technologies • Information Technology Governance Referees 1. Mr. Peter Mwai, Principal Internal Auditor, Internal Audit & Risk Management, The Judiciary, P. O Box 30041 – 00100, Nairobi. Email:-Cell:- 2. Mr. Muhktar Abdullahi, Assistant General Manager, Postal Corporation of Kenya P. O Box 34567 – 00100, Nairobi.-Cell:- 3. Mr. Timothy Gathere, Systems Developer, Oserian Farms, Naivasha P.O Box 2010 – 20117 Naivasha. Cell:-.-