During the 9 week internship, I was involved in various projects that involve auditing J.P Morgan’s technology platforms. I learned a lot about different security measures businesses take to ensure the risk of information exposure is mitigated. We were also part of a case study team that was responsible for analyzing the firm\’s previous investing app. We formulate what risks the investing app could face, route causes, how to use data analytics in control execution, and potential impacts of the risk. One of the main projects we worked on was writing control design overviews for each control we were testing. The controls included security configuration baseline, security state monitoring, and security event logging. In the design overview, we have to articulate what the control is and how the control is design to mitigate risk. It was a good experience where I got to learn lots of new information and meet great people.