Cindy Pennington, CPA, CISA
Details
Mr. Cooper
AVP Information Security
With strong client relations and collaboration skills, I lead 5-7 audit engagements per year. I enjoy supervising 2-4 associates and senior associates and have an excellent rapport with my team. An open door policy is a primary strategy in my leadership style, which has resulted in a highly efficient team who are willing to go above and beyond to get the job done.
I encourage my team to be attentive to building strong relationships with excellent communication to help bridge the gap between the needs of the audit and the understanding of the IT departments. Due to my dedication and diligence, I have earned many compliments and positive feedback for my ability to thoroughly explain the audit process and expose risks in my audit findings.
Highlights :
• Participated in Scopeathon pro-bono, multi-day event pairing professionals with local non-profit organizations to aid participants in identifying root cause of challenges and implement applicable solutions.
• Served on PwC's Green Team which publishes quarterly newsletters and implements pro-bono workshops for Texas based environmental non-profit organization.
2019 : 2021
PwC
Risk Assurance Manager
With expertise in US GAAP, Sarbanes-Oxley (SOX) Audit Requirements, COSO Integrated ERM Framework, and ISACA COBIT Framework, I perform both internal and external integrated audit engagements for IT and business process controls and complete advisory and SOX readiness engagements.
I handled the full scope of each engagement project which included strategic planning, budgeting, communications, and dissemination of information between internal and external stakeholders, and facilitated status meetings in addition to executing each audit.
Highlights :
• Won system implementation project by demonstrating exceptional client relations strategies.
• Managed 80% of assigned engagements with strong leadership and technical skills driving firm's profitability.
2013 : 2019
PwC
FTN Risk Assurance Senior Associate
As the second ever IT Auditor in the Internal Audit department, I was hired for my Big 4 audit expertise, which I utilized in building and advancing the IT department, During my tenure, I was the sole IT auditor for the company employing over 5000 employees. I conducted audits over general IT controls, IT processes, and corporate policy reviews including evaluation of the organization’s preparedness for coming governmental audits.
Highlights :
• Engineered first backup and restoration audit identifying key risks and failures and implemented process improvement strategies to remediate challenges and improve company's quality control.
• Identified areas with insufficient IT control coverage and communicated with management to develop appropriate controls to mitigate risk.
• Discovered important deficiencies in policy adherence for timely removal of system access for external vendors by performing company's first risk assessment for vendor management process resulting in enhanced security or key systems.
2011 : 2013
Cook Children's Health Care System
Information Systems Auditor
Acting as the client contact, I led approximately 5 engagements yearly in internal and external SOX audits, SAS 70 Type II Attestations, and consulted on other IT assignments in compliance to best practice standards and specifications. I supervised one-three associates and trained/coached staff on audit engagement skills and techniques. As a qualified trainer, I assessed staff and completed their yearly performance reviews.
Priding myself on service to environmental issues, I was involved in organizing the first Green Team initiative in the KPMG Dallas office. The Green Team implemented strategies to cut down on resource waste which ultimately saved money while benefiting the environment.
HIghlights :
• Tracked, monitored, and mentored associate auditors in reviewing and completing workpaper documentation.
• Tested general IT controls and application controls across various industries and systems.
2007 : 2011
KPMG US
Sr. Associate, IT Advisory
About
Cindy is an experienced leader with expertise delivering significant value to the business by assessing IT risks and controls and partnering with senior executives to implement strategic improvements as well as planning, executing, and evaluating IT operational audits, SOC audits, and complex advisory projects. Cindy is recognized as a leader in the field with her dedication to evaluating technical aspects of systems, processes, and controls, mitigating IT control gaps, and supporting long-term business success.
Cindy has been commended for her ability to thoroughly explain the audit process, importance of audit procedures, and the risks and exposures related to audit findings repeatedly. Team-oriented, available/approachable, conscientious, strong ethics, and thoughtful are other characteristics that others have used to describe her work performance.
Cindy is widely recognized by her employers as an expert in IT Operational Auditing, SOX implementation, Risk Management, and financial processes/systems. In addition, she is experienced in organizational leadership and strives to drive positive change across every project, process, and organization.
Areas of Expertise:
IT Auditing | Risk Management | Strategic Planning | Budgeting | Audit Reporting | Quality Assurance | Change Management | Staff Coaching | Security Measures | Control Assessments | Process Improvements | Cyber Security | Security Compliance | Stakeholder Management | Regulatory Compliance | Incident Responses
Profile Photo
