SOHAYB DARHOUANE

Project Management:

• Led planning, scoping, and managing execution of IT integrated audits (ICFR, SOX) tasks.
• Led the execution of ITGC, ITACs and SAP security assessment for SOX clients in the manufacturing and TMT (Technology, Media, and Telecommunications) industries.
• Maintained regular communication with high-level executives, ensuring they were informed about engagement progress.
• Managed IT SOX projects related to automation, cloud developments, IT application controls, and data feeds.
• Led project management for engagement projects, overseeing budgets, resourcing, and status metrics.

As a CRISC Specialist:

• Identified and assessed risks within the organization's IT landscape, evaluating their likelihood and impact on business processes.
• Aligned risk management strategies with corporate governance.
• Monitored evolving legislation to ensure compliance.
• Monitored and continuously improved IT risk management controls, and established tests to detect changes in the IT environment that could affect business risks and objectives.

IT Controls:

• Assessed security and control effectiveness of IT and business processes for CSAE 3416 / SOC 1, SOX, ICFR, FAIT, and non-SOX audits.
• Analyzed analytics to detect risks and gaps in an IT asset management process.
• Directed and executed pre- and post-system implementation assessments for IT control adequacy and data migration reviews.
• Collaborated with client's internal audit team to review infrastructure environment in line with industry standards and business needs.
• Led vendor risk assessments for a SOX client regarding logical access, change management, operational oversight, and IT processes compliance.

• Conducted numerous SAP Security audits as a Subject Matter Expert, ensuring compliance with security policies and best practices.
• Ensured compliance with IT SOX process requirements, working closely with the appropriate IT departments.
• Led the improvement and gap analysis of IT General Controls (ITGCs) and IT applications, including SAP, Oracle E-Business Suite, JD Edwards.
• Led remediation efforts to address identified gaps, ensuring robust ITGCs and IT Application Controls (ITACs).
• Designed new or modified ITGCs and IT application controls to align with industry best practices and regulatory requirements.
• Performed thorough ITGC and ITAC evaluations, presenting in-depth risk assessment reports to key parties.
• Evaluated IT security management processes for access management and SOD metrics in SAP.
• Evaluated data workflows and setup controls for SAP module integration.
• Assessed the effectiveness of automated controls in SAP, modifying control settings to minimize risk exposure.
• Worked with cross-functional teams to create risk mitigation strategies.
• Conducted data migration audits in alignment with COBIT frameworks.
• Performed audits on IT projects and services following ITIL V3 standards, enhancing compliance with best practices.
• Established internal control reference systems within Information Systems (ERP, etc.).
• Evaluated the maturity of processes and IT controls, providing actionable insights for improvement.
• Managed IT risk through comprehensive risk management strategies.
• Secured SOC 1 and ISAE 3402 Type 1 & 2 Third-Party Assurance certificates.
• Conducted SAP data migration audits and risk assessments to ensure data integrity and compliance.
• Developed IT Master Plans to guide strategic IT initiatives and ensure alignment with organizational goals.
• Reviewed and evaluated internal controls related to information technology and security areas based on ISO 27001/27002 standards.
• Suggested enhancements to fortify controls and boost security measures.

• Managing and coordinating the seamless flow of SAP operations between different departments.
• Controlled job advice activities including purchase orders, schedule agreements SA, and material requirement planning.
• Managed annual and quarterly physical inventories, ensuring accurate SAP processing.
• Managed various SAP modules MM, PP, SD, FI, and controlling.
• Supervised SAP MM inventory management including stock, consumable items, and material documents.
• Oversaw ERP access control for end users.
• Connected real-world processes with SAP business scenarios and controlled logistics parameters.
• Managed SAP parameters including Incoterms, transfer processes, and unloading configurations.
• Facilitated seamless EDI integration between DELPHI, its suppliers, and customers.
• Involved in an entire SAP implementation life cycle project.
• Administered SAP access and roles while overseeing SOD metrics.
• Controlled order types, delivery types, and item categories in SAP.
• Perform bill of material verification, run costs, and manage monthly logistics and finance closures.
• Spearheaded project teams efficiently.
• Incorporate approved procedural changes.
• Enabled successful launch of SAP systems for new DELPHI Morocco locations (Interplant).
• Coordinate and support the project managers for the startup of the Morocco 4 site in the infrastructure network, and training documentation for all applications used in other Morocco sites.

• Managed entire delivery process within ERP system.
• Resolving incidents related to all the ERP end users.
• Managing KPIs and dashboards related to the inbound deliveries. Ensure training for end-users (new starters, …)
• Maintain the functionality of all applications used at the McDonald's location.
• Responsible for hardware and software installation, maintenance, and repair.
• Resolved ERP issues at third and second levels.

• Working on the improvement of the ERP implementation, Oracle SOLARIS.
• Ensure the well-running workflow of the database.
• Handling an internal database architecture.
• Gathering data from the databases (SQL requests).

• Working on the improvement of database architecture, GLPI.
• Managing the internal IT park and OCS inventory.