Summary
Overview
Work History
Education
Skills
Timeline
Generic

Michelle Zhou

Sydney,NSW

Summary

Experienced risk professional with strong technical skills and knowledge in Operational Risk and Compliance. Strengths in building and maintaining relationships with diverse range of stakeholders to deliver the most balanced risk outcome.

Overview

6
6
years of professional experience

Work History

Manager, Chief Controls Office

Commonwealth Bank Of Australia, CBA
05.2021 - Current
  • Provide Line 1 assurance over complex application and IT dependent manual controls supporting CBAs' critical processes including payments, financial crime, technology, retail and market operations. Contributed significantly to outcome of regulatory and compliance audits (i.e. CFTC and AUSTRAC MII), where no material findings were raised.
  • Provide advice to Line 1 Risk colleagues and BU on control environment uplift in line with ORMF. Assisted with re-write of controls, education on thematic concerns raised following Line 2 and Group Audits.
  • Performed quality review over controls testing performed by offshore teams. Acting as final point of approval prior to playback of outcomes to CCO and BU stakeholders.
  • Contributed to Group Policy Uplift. Selected to participate in working group to ultimately uplift and refine the CAP Standard and incorporate further guidance principles on ITDMs. This involved attending workshops and working closely with CCOs across others BUs and Line 2 to provide challenge and champion best practice principles to be included in Group Policy.
  • Contributed significantly to CCO strategic deliverables. Successfully identified controls to be scoped into our Automation initiative. On multiple occasions, defined the Automation workflow to achieve the desired outcome. This results in cost and time savings year on year. Following this, was granted an individual license to our Automation tool to further support this initiative.

Technology Risk Consultant

EY, Ernst & Young
09.2019 - 05.2021
  • Led the delivery of an external audit for a Top 400 French Recycling and Water Solutions company. Worked with various stakeholders to assess the design and operating effectiveness of key controls supporting the IT environment. As part of the engagement, identified gaps and improvement opportunities of the current state business processes.
  • Delivered SOX Audits for the Australian subsidiaries of US listed businesses. This involved performing a review and testing of IT general controls (covering logical access and security, change management and IT operations), identifying controls gaps and proposing remediation activities and reporting directly to the US Primary Team.
  • As part of the external audit for an American multinational beverage corporation performed benchmarking procedures around key revenue reports addressing integrity, accuracy and completeness. Further, reviewed the extent to which the client made changes to the configurations and source code that drove the creation of the reports.
  • Conducted an Identity Access Management review over an ASX listed property investment and funds management group. Identified deficiencies around governance policies; third party management; privileged access management and co-developed recommendations for improvement.
  • Delivered a program assurance review of a system implementation for a public sector client. As part of the review, conducted an assessment over the data migration and conversion strategy, defect management process, access and segregation of duties requirements, and third party governance framework
  • Performed a post implementation review for a professional services client that underwent a global data migration alliance project. As part of the review, conducted testing around the operation of governance controls, completeness of data, data security, defects and resolution management and processes in place around HyperCare.

Project Coordinator/ Consultant

KPMG
03.2018 - 09.2019
  • Tax Risk Governance: Delivered Tax Governance Risk Management workshops as a consultant. As part of the workshop, performed walkthroughs procedures to identify key business processes in addressing regulatory and compliance requirements.
  • Global PMO: As the Australian contact, coordinated and managed the transition of global tax compliance projects that ran in parallel with delivery requirements. Managed up to 40 live global engagements.
  • Internal Compliance: Directed pre-delivery risk assessments and delegated work up stream to ensure efficient transition of projects into delivery teams.
  • Financial Management: Successfully managed debtor account for prominent multinational company, minimized debtor provision and recovered $250,000 in unpaid fees over a 2-month period.
  • Mentoring: Selected to be a member of KPMG's Customer Relationship Management (CRM) Network. As a skilled user of the CRM platform, acted as a trusted resource for the tax division leveraging the tool's full functionality.

Education

Bachelor of Economics - Economics And Accounting

University of New South Wales
Kensington
2018

Skills

  • Audit and Assurance
  • Business Process
  • Code Reviews
  • Coaching and Mentoring
  • Data Risk Management
  • Operational Risk
  • Risk and Control Assessment
  • Risk Management

Timeline

Manager, Chief Controls Office

Commonwealth Bank Of Australia, CBA
05.2021 - Current

Technology Risk Consultant

EY, Ernst & Young
09.2019 - 05.2021

Project Coordinator/ Consultant

KPMG
03.2018 - 09.2019

Bachelor of Economics - Economics And Accounting

University of New South Wales

Similar Profiles

CREATE PROFILE
Michelle Zhou