Victoria leads the IT Risk Assurance and Advisory team within the Business Risk Services team and has ten years’ experience in areas including IT Risk and Controls, Sarbanes Oxley SOx IT Controls testing, System Organisation Controls Reporting (SOC) and IT Risk Advisory/Consulting services. Her experience spans across the financial services industry having supported national and international organisations within the Banking, Insurance, Asset Management, Payments and Aviation sectors.
Victoria has experience in managing all aspects of an engagement lifecycle, including stakeholder management and has been experience and knowledge in the following:
- External Audits – Victoria has lead and managed a number of local and global external audit teams in supporting IT General Control testing (ITGCs) as well as transformation activities such as cloud migrations and implementation of new systems and infrastructure.
- Internal Audits – Victoria has worked on a number of internal audit engagements focusing on areas such as Information Security, Regulatory reviews (EBA ICT Guidelines), Data Management, User Access Management, Outsourcing and Third Party Assessments.
- SOC Attestation Reporting – Victoria has lead a number of SOC1 and SOC2 engagements leveraging both the International (ISAE) and US (AICPA) standard within the Asset Management, Payment Processing and Payroll Processing sectors
- SOx IT Control Testing – Victoria has been involved in both the design and operating effectiveness testing, remediation testing and programme management for a large global insurer.
- IT Risk Management – Victoria has reviewed, documented and developed policies, procedures and IT control frameworks over areas such as IT Security, Outsourcing, Third Party Risk Management and Operational Resilience.
- Regulatory Compliance – Victoria has lead and supported regulatory reviews and projects (GDPR, PSD II, GL11) within the banking sector including reviewing and updating key policies and procedures to align to regulatory requirements, reviewed regulatory inventories, obligation drafting and control mapping.
- member of ISACA Ireland and is CISA (Certified Information Systems Auditor)
- CRISC (Certified in Risk and Information System Control) certified
- Holds a MSc. in E-Commerce
- B.A. in Business Studies both from Dublin City University (DCU).