External IT audit In the context of the issuance of financial statements, I managed several external IT audit engagements for a portfolio composed of an average of 25 clients per year, being mainly part of the banking and industry sectors. This topic allowed me to develop strong project management, IT risks evaluation, IT general controls assessment skills.
Data analytics Performed several journal entry testing engagements aiming at identifying potential fraud sources within the general ledger of his clients. He has also worked on the recalculation of taxes for a part of Swiss residents. Finally he worked on a revenue insurance project for one of the biggest credit card transaction issuer and acquirer around the world in order to detect potential issues within the data processing flow. In the context of a first year audit of a high potential startup (300% revenue increase per year), he worked together with financial auditors to create a specific strategy to provide a reasonable assurance that revenues are legitimate. This went through identifying the critical data flows, assessing the Internal Control System in place around every identified system and by performing a complete revenue insurance : understanding how revenues are generated and performing the calculation over the concerned fiscal year.
SOC Reporting I assessed the internal control system as per the ISAE 3402 standards for the Luxembourgish entities of one of the biggest Swiss Bank around the world. I have been in charge of the review and issuance of the SOC 1 (Type II) report for one of the biggest IT services company in Switzerland. This allowed me to become proficient with the ISAE3402 standards.
FINMA Circular 08/21 Appendix 3 : lead the assessement of the compliance of both small and large banks against the 9 principles of the appendix 3 of FINMA circular 08/21. Circular 08/7 “Outsourcing for Banks” : lead the compliance review of applicable principles for Application Service Provisioning Services provided by an IT Services provider to its clients. In this context, I reported on IT and Regulatory risks identified to members of the Board by emphasizing their impact on my clients' business and wrote relevant recommendations aiming at mitigating those risks.
IT Security As a member of the EMEIA IT Risk and Assurance team, Alexandre has been involved in the creation of the FSO IT Security team in Luxembourg. He has successfully prepared proposals to reply to client's requests and performed several attack and penetration testing projects :
First, he has been involved in order to assess the infrastructure and the web application weaknesses.
Then, he presented the findings and their impact on the client’s business, to the members of the board.
Company Description
Ersnt & Young (EY) is one of the largest professional service firms in the world and one of the Big Four accounting firms, along with Deloitte, KPMG and PricewaterhouseCoopers (PwC). EY is a global organization of member firms with 167,000 employees in more than 140 countries, headquartered in London, England. It was ranked by Forbes magazine as the eighth-largest private company in the United States in 2011.