Jan K

Internal Audit | Financial Services

May 2016 - Dec 2024 • 8 yrs 7 mos

Deutsche Bank Period: 2016 – 2024 Employment Type: Project engagement on behalf of ChallengeIT GmbH 2024: Technology roadmap audit and IT transformation audit; assessment of legacy systems and Microsoft platforms; regulatory validations for HKMA and FED 2023: Cloud platform and enterprise architecture audits 2022: International audits covering IT infrastructure and ITIL processes; cloud audits (Windows, O365, Google Cloud); vendor strategy; regulatory requirements (HKMA) 2021: International audits focusing on IT infrastructure and ITIL processes (Asset & Configuration Management, Middleware) 2020: International audits in Italy and Poland, including local regulatory requirements 2018–2017: Data center and physical security audits Software development procedure audits (SDLC, open source, source code reviews) Audits of ultra-low-latency environments 2016: Application and infrastructure audits (regulators: ECB, FED, MAS), review of program governance frameworks and access management Focus: IT Audit, ISO 27001, ITIL Processes, Cloud & Infrastructure, Regulatory Audits Deutsche Börse Period: 2021 Employment Type: Project engagement on behalf of ChallengeIT GmbH Compliance audit of the “B7 Buy-in Agent Platform” prior to go-live Compliance audit and risk assessment (LeSS framework for software development) IT Operations audit Finanz Informatik Plus Period: 2024 Employment Type: Project engagement on behalf of ChallengeIT GmbH IT audits focusing on user access management Audits of order and billing processes Planning, execution, and documentation of audits using standardized operational templates Toyota Kreditbank Period: 2024 Employment Type: Project engagement on behalf of ChallengeIT GmbH Annual Sarbanes-Oxley (SOX) IT audit Scope: SAP, non-SAP systems, IT operations Creation of an audit matrix for documentation and stakeholder alignment

Consulting and Auditing | Chemical Industries, Pharma & Lifecycle, Manufacturing Industries, Semiconductor Industries, Energy & Critical Infrastructure

Jun 2014 - Dec 2024 • 10 yrs 6 mos

Lanxess AG Period: 2018 – 2020 Setup of a GxP-compliant platform (GAMP 5, ISO 27001/20000) in an IT outsourcing environment GxP stream lead: audit planning, moderation, and assurance of data ownership Cloud security concepts for Azure (SAP operations), zero-trust security policy, SOC/SIEM vendor selection. Sanofi AG Period: 2014 – 2020 SOX audit preparation and review of operational structures Quality assurance of audit control points (SOX controls) Post-implementation reviews with audit character (Boston, Paris) Design and optimization of Incident, Problem, and Release Management processes Migration from Remedy to ServiceNow including reporting (QlikView) Development of an IT project handbook (phases, roles, templates) Ardagh Group Period: 2020 Project support for data migration and integration (SuccessFactors) Renesas Industries Period: 2018 – 2020 Analysis of tools and requirements (automation, workflows) Introduction of ServiceNow (Incident, Problem, Change, CMDB, Knowledge) Preparation of decision papers for international parent companies Workshop moderation and stakeholder communication up to executive level Stadtwerke Stuttgart Period: 2024 Requirements management and process analysis Implementation of Change and Release Management in ServiceNow (SAP and non-SAP) Agile project management (Scrum) and quality management Stadtwerke Düsseldorf Period: 2022 Design of an IT-wide KPI and performance measurement system Reporting and analysis processes for SAP, non-SAP, and infrastructure services Rheinmetall (Defense Sector) Period: 2022 – 2023 Responsibility for ServiceNow portal and service catalog governance Transition of multiple subsidiaries to a centralized ServiceNow platform

Consulting | Automotive

Mar 2009 - Dec 2024 • 15 yrs 9 mos

Daimler Truck AG Period: 2024 – 2025 Employment Type: Project engagement on behalf of ChallengeIT GmbH Design of an ISO 27001 assessment questionnaire (Power App) for all European applications Execution of ISO 27001 assessments Introduction of a centralized SharePoint for application owners NIS2 requirements and process recommendations Development of Power BI dashboards Mercedes Benz Cars & Daimler Van Period: 2009 – 2019 Employment Type: Project engagement on behalf of ChallengeIT GmbH Design and operation of ITIL processes (Incident, Problem, Change, Release, Request, Demand) Setup of service management organizations Reporting, ticket automation, demand and budget analysis ISO 20000 assessments and expert reports Outsourcing support and provider management