Oluwatoyosi Adeoye

Direct the comprehensive IT General Controls (ITGC) program, executing walkthroughs, testing controls, documenting observations, and validating remediation to ensure robust compliance.

Align IT controls with SOX, COBIT, COSO, and ISO 27001 frameworks, directly supporting Internal Controls over Financial Reporting (ICFR) and enhancing financial integrity.

Execute thorough IT risk assessments, identifying critical control gaps and developing clear remediation plans to mitigate risks and enhance security posture.

Develop and maintain comprehensive IT governance documentation, including policies, standards, process maps, and control matrices, establishing a clear framework for compliance.

Coordinate internal and external audits, preparing meticulous evidence packages to ensure audit-ready compliance across diverse enterprise systems.

Evaluate ERP and application security roles, configuration decisions, and change management evidence, ensuring strict compliance with ICFR expectations and maintaining system integrity.

Generate ITGC and cybersecurity Key Performance Indicators (KPIs) and Key Risk Indicators (KRIs) for executive reporting, enabling data-driven control effectiveness monitoring.

Collaborate strategically with Finance, Internal Audit, and IT departments to align governance programs and maintain enterprise-wide compliance, fostering cross-functional synergy.

Designed and implemented robust IT and OT controls, aligning with COBIT, NIST 800-82, IEC 62443, and ISO 27001 to enhance governance maturity across global operations.

Conducted comprehensive control testing, configuration reviews, access reviews, and change management validation for critical systems, ensuring operational integrity and compliance.

Led the documentation of processes, security roles, and configuration baselines, streamlining audit preparation and ensuring readiness for internal and external assessments.

Performed detailed risk assessments, identifying critical control deficiencies and managing remediation efforts to successful closure, significantly reducing organizational risk.

Oversaw Identity and Access Management (IAM) and Privileged Access Management (PAM) governance, including RBAC design and AD/Azure AD access lifecycle controls, enhancing security posture.

Developed and deployed interactive dashboards using Power BI and Excel to monitor remediation progress, audit readiness, and control effectiveness, improving visibility and decision-making.

Delivered targeted governance training to engineering, operations, and compliance teams, fostering a culture of security awareness and compliance.

Executed comprehensive ITGC and IT audit testing, adhering to NIST, ISO 27001, SOX, and internal governance frameworks to maintain regulatory compliance.

Conducted detailed walkthroughs, documented processes, tested controls, and validated remediation efforts for IT and business systems, ensuring effective risk mitigation.

Supported Internal Controls over Financial Reporting (ICFR) documentation, including developing process narratives, control matrices, and collecting audit-ready evidence.

Evaluated critical security controls including identity and access management, change management, backup processes, and configuration baselines to identify and address vulnerabilities.

Coordinated effectively with internal and external auditors, providing comprehensive, audit-ready documentation that facilitated seamless audit processes.

Developed dashboards to track audit readiness, monitor control performance, and visualize remediation progress, improving reporting efficiency and transparency.

Delivered impactful governance and security awareness training to diverse technical and non-technical teams, enhancing organizational security posture.

Supported IT General Controls (ITGC) and vendor risk assessments, ensuring alignment with ISO 27001 and NIST CSF to enhance security frameworks.

Assisted in implementing Role-Based Access Control (RBAC), Multi-Factor Authentication (MFA), and access hygiene improvements across IT/OT systems, strengthening access security.

Delivered compliance and security awareness training programs, significantly strengthening the organization's governance posture and reducing human error.