Paris2008 - maintenantConduct risk assessments for all risk relevant activities with
focus on the Line of Business Sales and Consulting, as well as
country risk assessments for SAP France, incl. legal, tax, general
and operational risks.
Prepare GRC related reports, follow-up pro-actively on
uncertainties / open issues and develop comments, alternatives
and facilitate solutions.
Coordinate Business Continuity and Crisis Management process implementation.
PROTIVITI
- SENIOR MANAGER
Paris2003 - 2008In charge of the service line Application Control Effectiveness at the Protiviti Paris office, I was responsible to develop the offer related to ERPs – mainly SAP – and more specifically: security reviews, functional process automated controls review, access rights reengineering, segregation of duties analyse – including implementation of monitoring processes relying on market tools such as CSI Authorization Auditor or SAP GRC Access Control.
Other main engagements included:
- Application security reviews (mainly on SAP R/3),
- IT general controls assessments,
- Internal control (Sarbanes Oxley, Internal audit co/outsourcing, risk mapping).
Ernst & Young
- Auditor - Financial & Information Technology
Courbevoie1999 - 2003Work on both financial and IT audit engagements including application security reviews, training (SAP security and internal audit and IT security), IT internal control reviews, IT general controls reviews, application reviews, Security tool development (SAP, banking back office access rights).
