Ben is a Manager in Protiviti’s Cleveland office focusing on IT Internal Audit. Ben has performed a variety of IT audit projects, including IT general control assessments, IT security assessments, IT compliance support, robotic process automation, data analytics, Sarbanes-Oxley (SOX) IT testing, IT governance reviews, and system development lifecycle audits. Prior to joining Protiviti in 2012, Ben worked for the Summit County Internal Audit Department for four years where he was responsible for leading and executing operational and IT audits.
- Performed an assessment of the maturity of a wholesale / distribution company’s cybersecurity program. The assessment included benchmarking organizational processes against the NIST Cybersecurity framework.
- Led and executed a project to analyze Accounts Payable data to identify and inventory IT vendors based on spend for a global hospitality company.
- Conducted SOX IT testing of user access, change management, and operational controls for a large automotive company. Testing included the evaluation of application, infrastructure, database, and network controls in place at third-party service providers.
- Assisted with performing text analysis to identify key words in a customer management system for a global hospitality company.
- Led and executed testing of SOX IT general controls over change management , user access and IT operations for large distribution company. The scope of testing included controls related to the company’s SAP environment and the supporting network and infrastructure.
- Lead a review of cybersecurity practices of an asset management company. The review included information security governance, threat detection and response, asset management, privileged access management, and configuration management.
- Helped to document and test IT general controls for a technology services company’s year one SOX efforts. Specific activities included developing process flows, identifying and testing key IT controls, and working with management to recommend activities to remediate identified gaps.
- Performed a post-implementation review of a newly implemented insurance application. The review consisted of an assessment of SDLC compliance, change management controls, security, documentation, and user training.
- Performed an IT security assessment to evaluate selected critical assets as they relate to the security of Protected Health Information (PHI) and overall confidentiality of activities at a non-profit health care organization.
- Conducted SOX testing of IT general controls related to a large distributor’s Oracle environment and supporting infrastructure. Testing included the evaluation of the processes to ensure the completeness and accuracy of data migrated from a legacy system during the organization’s Oracle implementation.
- Helped to develop and perform procurement card expense testing using ACL at a local government entity.
Areas of Expertise
- IT Audit
- Internal Audit
- Data Analytics
- IT Sarbanes-Oxley Compliance
- Robotic Process Automation
- Industrial Products
- University of Akron, B.S Corporate Finance
- Certified Internal Auditor (CIA)
- Certified Information Systems Auditor (CISA)
- Certified Management Accountant (CMA)
- Member of the Institute of Internal Auditors (IIA)
- Member of the Information Systems Audit and Control Association (ISACA)
- Member of the Institute of Management Accountants (IMA)