Tintswalo Mercy

 Tintswalo Mercy NTIMBANE Senior IT Auditor Profile I possess the necessary skills to deliver solutions in business, information and communications technology, and IT audit controls. I firmly believe that I can leverage information technology to create value for business processes. Becoming an integral team player will increase the productivity and efficiency of the organization. Contact PHONE:- WEBSITE: www.linkedin.com/in/tintswalo-mercy-a EMAIL:-Hobbies Reading Web development Video Gaming References Name: Admire Njowa Role: Manager of Technology Consulting at EY Contact:- Name: Beauty Bunu Role: IT Audit Manager at Mazars Contact:- Name: Hlumela Mbedu Role: IT Audit Manager at Deloitte Netherlands Contact: - EDUCATION I.E.E ROSEBANK COLLEGE 2019 - 2019 BA in Business Information Technology University of South Africa 2020 - Present BA in Forensic Science WORK EXPERIENCE MAZARS IT Audit Trainee 06/2019–09/2020 I worked as an IT Audit Trainee for two years and my job responsibilities included: Program Change Management Program change policy and procedures Authorization of program changes Segregation of duties for implementation User Account Management User account management policy and procedures, authorized creation of users, approved the termination of users. Use of tools such as ACL to extract and tailor data received from clients during an audit Hold interviews with clients for Understanding of the IT Environment. MAZARS IT Auditor 10/2020–09/2021 I worked as an IT Auditor and my job responsibilities included: drafting reports; follow-up audits Reviewing the ITGCs areas namely 1. User access management: User management policy and procedures Authorized creation of users Controlled amendment of user access rights Timely termination of users Password Management Monitoring of administrators responsible for user creation, amendments, termination, and password resetting Monitoring of users’ access rights 2. IT Service continuity IT Disaster recovery plan. Backup policy and procedures. Performance of backups. Offsite Storage and Testing of backups. 3. Program change management Program change policy and procedures. Authorization of program changes. Testing of program changes and Segregation of duties for the implementation of program changes. 4. Facilities and Environmental Control Physical access controls and Environmental controls in the server room 5. Incident and Reporting Management • Standard Incident and problem-handling procedures, and Developing the IT security policies. Back up policies and procedures, Project Management Framework. Terms of reference and the Disaster Recovery Plan. Reviewing IT policies, identifying gaps in them then updating those policies accordingly. 6. Network security review audit and looked at the following areas: Firewall Management Routers Wireless network Password settings Intrusion detection Audit trails Hardened systems Remote Access VPNs Remote access—Dial-up MAZARS Senior IT Auditor 10/2021–10/2022 I was appointed as a Senior ICTA Auditor and one of my key responsibilities was to plan and execute the General Control Reviews (GCR), Systems pre- and post-implementation reviews, SOX Audits, and Auditor General (AG) MFMA and PFMA engagements which formed a subset of the Mazars ICTA business unit portfolios. I am based in the Gauteng office. The following key activities fell under the ambit of my portfolio: Ensuring that the planning documents are completed and ready for the ICTA Manager to review. Conducting all operational activities of an IT audit from planning and execution to reporting Leading assigned Audit engagements Reviewing junior auditors' working papers and providing guidance and support to the auditors Attending audit close-out meetings Ensuring that the audit files are prepared and in line with the exceptions raised on reports Africa Talent by Deloitte 01/11/2022 – 10/06/2024 I was appointed as a Senior Consultant my key responsibilities were to plan and execute the General Control Reviews (GCR), Systems pre- and post-implementation reviews, Application control reviews, and Network Segmentation engagements which formed a subset of the Africa Talent by Deloitte – Risk and Advisory business unit portfolios. I am based in the Waterfall City – Johannesburg office. The following key activities fall under the ambit of my portfolio: For IT Audit and Third-Party Assurance (e.g. ISAE, SOC) projects, testing design, implementation, and operating effectiveness for relevant controls in the system. Leading assigned Audit engagements Reviewing junior auditors' working papers and providing guidance and support to the auditors Completion of documentation for DGS audits for banks. Automated controls related to insurance claims, loan payouts, and claims. MFT Executive Advisory Services (outsourced to BDO South Africa) 01/07/2024 – Present I was recruited by MFT as an IT Audit Supervisor and worked as a contractor for BDO South Africa. One of my primary roles is to plan and execute the General Control Reviews (GCR), ISAE 3402 reviews, and which form a subset of the BDO business unit portfolios. I am located at the Gauteng office. The following key activities fell under the ambit of my portfolio: Ensuring that the ICTA Manager can evaluate the completed and prepared planning materials. Documenting audit engagements; reviewing junior auditors' working papers and offering advice and support to the auditors. Conducting all operational activities of an IT audit, from planning to execution to reporting; attending audit close-out meetings; and making sure the audit files are prepared and by the exceptions raised on reports. Technical Skills Microsoft Office Suite (Word, Excel, PowerPoint, Outlook) Cloud Platforms (OneDrive, SharePoint) Basic Troubleshooting Microsoft Teams MFT Executive Advisory Services (Outsourced to SNG Grant Thornton) IT Audit Senior Contractor 01/11/2024 – Present Key Responsibilities: Conducting SOX compliance audits to assess IT general controls. Leading meetings with key stakeholders to gain an understanding of in-house processes. Drafting process narratives for controls in scope. Planning and executing General Control Reviews (GCR) and ISAE 3402 reviews. Ensuring audit documentation is complete and aligns with raised exceptions. Reviewing junior auditors' work and providing guidance. Participating in audit close-out meetings and reporting key findings. Skills Gained: Conducting stakeholder meetings to gather process insights. Drafting detailed process narratives for compliance documentation. Strengthening SOX compliance expertise. Skills Substantial experience in managing and performing audits on large banking data Immense knowledge of various internal audit processes Excellent knowledge of project management processes and system architecture Ability to evaluate all application controls and perform tests on them Ability to perform reviews on all audit functions and analyze complex data Solid understanding of IT applications related to audit