Phillip Westry

Results-oriented professional with over 15 years experience, including financial audit, IT audit, IT risk management and process improvement

Sr Information Technology Auditor at AAA Auto Club Group (2022-11 – Present)

• Develops, plans, and conducts internal audits of ACG systems, application, and processes to determine the adequacy of design and operating effectiveness of internal controls, including IT General Controls.
• Performs root cause analyses to identify underlying issues contributing to control deficiencies, enabling more targeted recommendations for corrective actions.
• Recommends relevant and actionable improvements to existing systems and processes
• Supported management in making informed decisions related to technology investments by providing thorough risk assessments and cost-benefit analyses.
• Leads audit team activities under the supervision of the Audit Manager
• Participates in and executes consultative engagements and executive management requests.

IT Auditor at Secure Banking Solutions (SBS) CyberSecurity (2020-09 – 2022-10)

• Performed Information Technology audits on community banks, covering governance, network cybersecurity, risk management, virtualization, ATM operations, identity theft/red flags, asset management, emergency preparedness, vendor management, electronic banking, and wireless networks
• Identified areas of greatest IT risk exposure to the institution in order to focus resources
• Determined the effectiveness of management's planning and oversight of IT activities
• Evaluates the adequacy of operating processes and internal controls
• Determined the adequacy of enterprise-wide compliance efforts related to IT policies and internal control procedures

Senior IT Audit Consultant (Contract) at Beech Valley Solutions (2019-11 – 2020-09)

• Remote project with top tier firm to perform SOC 2 testing for a midsize software development client
• Worked closely with client's internal IT Audit team in order to meet close deadlines during personnel shortages, including weekends/holidays

Senior IT Consultant at Hart, Brown, & Associates (2017-01 – 2019-11)

• Managed infrastructure upgrades, analysis and resolution of end user hardware and software issues
• Evaluated business and technical requirements documents against SDLC management standards for security risks
• Conducted Post-implementation Review of data center migration housing mission-critical assets and applications and oversaw the development of the disaster recovery plan
• Performed SOX testing of of IT controls, including tests of design and operating effectiveness
• Performed detailed assessments of risks to determine constraints and develop mitigation strategies
• Performed vendor life-cycle duties including but not limited to: data gathering to establish a centralized Vendor Inventory enterprise-wide, determining and categorizing types, conducting vendor service risk profile for risk rating, assessing vendor's control environment for compliance with privacy and security requirements, reporting assessment results and ensuring risk remediation/acceptance, and on-going monitoring of vendors providing high-risk services to manage potential exposure of data and security breaches

Revenue Auditor III at Alabama Department of Revenue Sales & Use Tax Division (2004-06 – 2016-10)

• Planned, coordinated and conducted field audits of Alabama businesses to ensure compliance with state sales tax laws
• Communicated audit results to upper management through written reports and oral presentations
• Supervised and coordinated special projects
• Managed & mentored new hires to assist in career development and increase chances for advancement

Bachelor of Science in Commerce and Business Administration - Major: Accounting – The University of Alabama (2004-05)