Summary
Overview
Work History
Education
Skills
Links
Detailed Work Experience
Certification
Timeline
Generic

Bongiwe Wendy Nyathi

Johannesburg

Summary

Self-motivated IT Audit professional with experience in SOX audits, IT general controls and IT Application Controls, coupled with strong leadership and collaboration skills. Successfully enhanced audit documentation processes, ensuring compliance and operational efficiency. Committed to continuous improvement and delivering high-quality results in technology risk.

Overview

8
8
years of professional experience
3
3
years of post-secondary education
1
1
Certification

Work History

Financial Controls Assurance Analyst - IT Audit

Aspen Insurance Holdings Ltd
09.2024 - Current
  • Performing SOX controls testing on identified key controls in the IT Operations and Human Resources(HR) work streams
  • Testing key controls to assess their design and operating effectiveness
  • Performing IT general control and IT Application Controls assessments
  • Liaising with key control owners and performers, providing status updates on the progress of the audits and any potential issues
  • Preparing audit workpapers, documents and other evidence to support the findings of an audit
  • Enhancing working papers, documentation and test procedures for SOX audit
  • Serving as liaison between key process owners and both the internal and external auditors
  • Utilizing technological tools such as Workiva AI to enhance quality of documentation

Sabbatical

Sabbatical
06.2023 - 08.2024
  • Enrolled in Google courses to enhance my skills
  • Travelled both locally and internationally
  • Searching for new career opportunities
  • Maintained updated knowledge through continuing education

Assistant Manager: Technology Risk Consulting

Ernst & Young (EY)
Johannesburg
09.2022 - 05.2023
  • Liaising with key client personnel, providing status updates on the progress of the audits and any potential complications experienced
  • Preparation of management reports and the presentation of these to the client along with recommendations for any findings noted
  • Help colleagues understand and use the correct methodologies, tools, technology, and knowledge sources in their work
  • Maintain independence and objectivity
  • Reviewing the work prepared by Associates, providing feedback and guidance on quality
  • Planning resources for engagements, keeping track of the budget and planning the audit

Senior Associate: Technology Risk Consulting

Ernst & Young (EY)
Johannesburg
10.2021 - 08.2022
  • Produce work of high quality (accurate, complete, clear)
  • Encourage others to ask critical questions and share their ideas and concerns openly
  • Help colleagues understand and use the correct methodologies, tools, technology, and knowledge sources in their work
  • Assist colleagues in understanding our clients' business agenda and expectations
  • Maintain independence and objectivity, and complies with all applicable professional standards
  • Reviewing the work prepared by junior Associates, providing feedback and guidance on quality

Associate 3: Technology Risk Consulting

Ernst & Young (EY)
Johannesburg
10.2020 - 09.2021
  • Produce work of high quality (accurate, complete, clear)
  • Create consistency and technical excellence through knowledge sharing
  • Encourage others to ask critical questions and share their ideas and concerns openly
  • Help colleagues understand and use the correct methodologies, tools, technology, and knowledge sources in their work
  • Assist colleagues in understanding our clients' business agenda and expectations
  • Maintain independence and objectivity, and complies with all applicable professional standards
  • Reviewing the work prepared by more junior professionals, providing feedback and guidance on quality

Associate 2: Technology Risk Consulting

Ernst & Young (EY)
Johannesburg
07.2019 - 09.2020
  • Produce work of high quality (accurate, complete, clear)
  • Create consistency and technical excellence through knowledge sharing
  • Testing the adequacy and effectiveness of the controls within the client's IT environment
  • Discussing findings with client personnel during the audit to ensure the accuracy of the findings

Information Technology Auditor

Auditor General of South Africa (AGSA)
Pretoria
05.2017 - 06.2019
  • Plan the implementation of specific audits
  • Conduct the audit as per the audit program
  • Identifying key IT risks and formulating audit procedures that will assist in testing the identified risks
  • Testing the adequacy and effectiveness of the controls within the client's IT environment
  • Discussing findings with client personnel during the audit to ensure the accuracy of the findings
  • Drafting audit reports with recommendations discussed and agreed with management
  • Conduct audit follow-ups to determine that the findings have been resolved by the client

Education

Management Advancement Programme - FASSET MAP Cohort 8

Wits Business School
02.2025 - 09.2025

Bachelor of Information Science -

University of Pretoria
01.2014 - 12.2016

Skills

  • IT General Controls Reviews (ITGCs)
  • Application Controls Reviews (ITACS)
  • Risk assessment and mitigation
  • Project Management
  • Microsoft Office
  • Audit Softwares: Teammate, Canvas, WDesk (Workiva)
  • Problem Solving and attention to detail
  • Collaboration and communication

Links

https://www.linkedin.com/in/bongiwe-n-33465983?

Detailed Work Experience

Aspen Insurance Holdings Ltd

  • IT General Controls Review (Change Management, User Access Management, IT Operations) for in-scope SOX applications
  • Audited business controls in Human Resources (Payroll)
  • IPE testing
  • Attended walkthrough meetings with external auditors and control owners, Utilized Citrix Workspace to access virtual desktop due to role being remote

Ernst and Young (EY)

  • IT General Controls Review (Change Management, User Access Management, IT Operations)
  • Application controls reviews on SAP
  • Audited clients in the following sectors: Telecommunications, Financial Services, Insurance and Education
  • Performed external in the private sector, Audited a SOX PCAOB client in the telecommunications industry, SOX audit comprised of IT General Controls and IT Applications Controls review
  • Experienced working with the client's internal audit team as an external auditor and building effective and efficient working relationships
  • Performed a JDE Basis audit

Auditor General of South Africa (AGSA)

  • IT General Controls Review (Change Management, User Access Management, Service Continuity, IT Governance reviews, Physical & environmental controls)
  • Business application controls reviews on SAP (Supply Chain Management, Payroll etc.)
  • Utilizing ACL to analyze data as part of testing to detect duplicate users on various systems and to determine segregation of duties on users' roles
  • Audited clients in the following sectors: Finance, Transportation and Tourism industries in the public sector

Certification

  • Certified Information Systems Auditor (CISA) - In progress (Currently studying)
  • ISO 22301:2012 Lead Auditor Training Business Continuity Management - Completed in 2018

Timeline

Management Advancement Programme - FASSET MAP Cohort 8

Wits Business School
02.2025 - 09.2025

Financial Controls Assurance Analyst - IT Audit

Aspen Insurance Holdings Ltd
09.2024 - Current

Sabbatical

Sabbatical
06.2023 - 08.2024

Assistant Manager: Technology Risk Consulting

Ernst & Young (EY)
09.2022 - 05.2023

Senior Associate: Technology Risk Consulting

Ernst & Young (EY)
10.2021 - 08.2022

Associate 3: Technology Risk Consulting

Ernst & Young (EY)
10.2020 - 09.2021

Associate 2: Technology Risk Consulting

Ernst & Young (EY)
07.2019 - 09.2020

Information Technology Auditor

Auditor General of South Africa (AGSA)
05.2017 - 06.2019

Bachelor of Information Science -

University of Pretoria
01.2014 - 12.2016
Bongiwe Wendy Nyathi