Robin Herrmann

Supporting clients in strengthening their IT security and data protection capabilities

- Organization, planning and execution of financial statement and regulatory statement audits to ensure compliance with Swiss laws and implementation of best practices (CoBIT and ITIL) - Projects included regulatory audits, client certifications following ISAE3402 and ISAE3000 (Cyber Security and Client Data Confidentiality) as well as project assurance on major IT transformations - Preparation and presentation of regulatory reports for the Board of Directors and FINMA

- Planning and execution of risk-based internal IT audits in alignment with business auditors in the Private & Business Clients area - Projects included project assurance on the implementation of the global SAP Governance implementation (finding mitigation, patch management, system configuration, monitoring and escalation procedures) as well as the testing of access management, change management & computer operations controls

- Annual IT-compliance audits (Access Mgt, Change Mgt, Computer Operations) in alignment with business auditors for SMEs up to DAX30 companies - IT Outsourcing consulting and auditing, which included certifications of service providers following ISAE3402 or ISAE3000 standards, consideration of retained organization controls, SLAs, vendor on-site audits, etc. - Planning, execution and presentation of results for smaller projects and operational lead for bigger engagements

- Master Research Project "Auditing of IT Risk Management Policies" - Business Administration

- Praktische Bachelorarbeit in Zusammenarbeit mit der Viadee Unternehmensberatung GmbH - Marketing - Operations Management