Louis Tinto

Security and Audit professional with extensive industry expertise and technology domain experience in Governance, Emerging Technologies, CAATs, Information Security, BCPDR, as well as Financial, Operational, Information Security and Compliance Auditing. This includes identification of governance issues, development of Risk Based Audit Plans; management of audit projects; analysis of contracts to identify variances as well as conformance with corporate guidelines, identification of key processes, controls and related risks. Management of External Penetration Testing; Vulnerability Analysis & resolution of identified risks, Audit plan development to cover high risk areas and effectively utilize audit resources. Creation of audit programs to evaluate key controls identified. Managed and developed Internal Audit teams in a variety of industries, while developing strong working relationships with Internal Clients, External Auditors and Regulators. Analyzed code to identify security weaknesses. Expertise includes IT General Controls, OWASP, GAAP, Data extraction / analysis, Governance, Internal Controls, Policy and Procedure development, Financial/Operational Audits, NIST Framework, ISO27000; PCI/DSS; BCP/DR IT Infrastructure & Application Audits, FFIEC Guidelines, SOX, SAS70 Type II, SSAE16, Info-Sec, Security Awareness Training, System Implementation projects, and IIA Standards.