About Souleymane NDOYE, D.Sc.
My name is Souleymane Ndoye, and I am a Lead Auditor on ISO/IEC 27001 with 25 years of experience in IT Consulting services.
I hold a doctorate in Physics, a master’s degree in Electronics, and another in Governance, Audit, and IT Security at the University of Sherbrook in Canada.
I founded Audisec Inc., a Canadian company in IS Audit and Cybersecurity. I also work as an independent senior advisor in Information Security, Audit, Compliance, and Risk Governance.
I managed many internal and external audits for organizations in the public and private sectors (Software development, Insurance, Banking, Health, Transport, etc.) and have relevant experience in assessing information technology or business process risks. I have a strong understanding and experience with IT General Controls and security controls audits or assessments (e.g., SOC 1/2, ISO/IEC 27001, PCI DSS, NIST), designing and testing controls in different IT environments, and with platforms and technologies.
I occupied many management positions with the supervision of resources (senior advisors and analysts) in the planning, execution, and drafting of conclusions for audit mandates.
I hold many IS certifications, including Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), MSECB Certified Management Systems Auditor (CMSA), ISO/IEC 27001 Lead Auditor, ISO/IEC 27001 Lead Implementer, and ITIL v3.
About the experience in auditing
I am deeply passionate about the auditing profession. Every new audit mandate presents a unique adventure (discovery) for me. I always want to be courteous and professional with the auditee and come to the audit well-prepared because each new auditee is a new story.
As soon as I start an audit, I tell the auditee: “The goal of the audit is not to identify nonconformities but to find sufficient evidence of conformance with the management system and that the management system addresses all clauses of the standard. Please help the auditor find the evidence that is needed”.
It is essential to create a relationship of trust between me, as an auditor, and the auditee. The first contact meeting with the auditee is significant for me since it allows me to know the auditee as a human and not as a client.
How we interact during the first contact determines the outcome of the audit. Additionally, as the audit progresses, I keep the auditee informed of the observations, which allows them to accept the findings at the end of the audit.
When I conduct audits, I often observe that auditees have difficulty understanding the meaning of control the auditor wants to test. Therefore, the auditee needs to clearly understand the control we want to assess so that they can answer the auditor’s questions effectively.
The part of the audit I like the most is the human contact with the auditee because it increases my knowledge of human relations. My goal with MSECB is to travel worldwide doing certification audits and discovering other cultures.
Souleymane's experience with MSECB
I appreciate the quality level of audit reports that we produce at MSECB. Each audit report is reviewed and commented on professionally.
MSECB is distinguished by the support they give to their auditors.
Performing audits for MSECB was a turning point in my career because it allowed me to collaborate with competent professionals, conduct audits worldwide, improve my audit expertise, and gain valuable experience.
I am delighted to be part of MSECB and recommend MSECB Auditors Network membership to any professional auditors.
MSECB Auditor Profile
Souleymane Ndoye has been a part of MSECB since 2021 and has been conducting audits for ISO/IEC 27001:2013.
His passion for excellence, meticulous preparation, effective communication, and commitment to building positive relationships with the auditee make him a standout professional in the auditing field.
We are honored to have him as part of our MS Auditors Network!
Become an Auditor
Build endless connections and professional networks by joining our team of over 500 MSECB Auditors.
We welcome you on board!