Abena Pokuaa Wealthy

• Facilitates vendor onboarding process by performing third-party party risk assessment of vendors.
• Conducts vendor classification according to Data handling and Relationship as well as company policies and procedures.
• Collaborate with business owners to document vendor relationships, collect supporting risk assessment documentation, confirm alignment with risk assessment, and monitor vendors' performance and adherence to contractual requirements, including service level agreements.
• Develop Vendor Risk Assessment Report and escalate issues when necessary
• Compile Risk Assessment Reports (RAR) and consult with vendor's primary contact about assessment findings.
• Review completed Standardize Information Gathering (SIG) questionnaire and supporting documentation to validate vendor appropriate Implementation of security controls.
• Analyze vendor's processes to determine deficiencies within their controls that could violate applicable law, regulation, framework, or internal policies and procedures.
• Implement risk management and incident reporting strategies and data to create educational programs.
• Manage and execute risk management projects to determine deficiencies and appropriate corrective actions.
• Conducts information security documentation and workflows to assist with incident response. Audits, and vendor requirements.
• Work with internal auditing team to conduct quarterly pre-audit reviews or preparation.
• Collaborate with vendors to discuss appropriate remediation actions and deadlines for all identified gaps.
• Assist in development, review, implement guideline maintenance of policies, procedures, standards, and guidelines in accordance with applicable regulations including ISO 27001, NIT 800-53 Framework Controls, HIPAA, and PCI DSS.
• Documents and reports control failures and gaps to stakeholders.
• Provides remediation guidance and prepares management reports to track remediation activities.
• Collaborate with security, engineering, IT, and partner risk functions to design, implement, and perform periodic testing of controls.
• Conduct daily activities and functions such as assessing vendors for security risk and provisioning application access.
• Complete risk rating of vendors within GRC system based upon vendor due diligence documentation and independent research.
• Conduct self-control assessment to determine adequacy of management, operational, privacy, and technical security controls implemented.
• Experience working with Agile methodology and GRC tools (MetricStream, keylight, ServiceNow,Archer, etc.).
• Assist in SOC 2, ISO 27000 Audits by gathering evidence and answering security questions.
• Provide support for Enterprise Risk Assessment (ERM) process by collecting and reviewing risk assessment data and reports.

• Conduct audits on (IT) operating system(OS) platforms and operating procedures in accordance with established standards for efficiency, accuracy, security, and risk mitigation.
• Conducts kick-off meetings in order to categorize systems according to NIST requirements of Low, Moderate, or High Risk.
• Evaluate IT infrastructure in terms of risks to all departments and establish controls to mitigate loss. Determine and recommend improvements to enterprise risk management controls.
• Performed in-depth security assessment of SAP and other connected systems used for processing critical financial reporting.
• Projects include code reviews and underlining assessments of platforms and databases used for SAP.
• Designed and performed information technology internal Controls test work for banking /Public Sector clients.
• Operated under Agile and Scrum frameworks to complete releases and well-organized sprints.
• Identify and Report threats /Vulnerabilities applicable to Systems

• Prepared Security Assessment and Authorization (SA&A) packages
• Performed Security Assessment and Authorization in accordance with Federal Guideline (NIST SP 800-53 rev 4 standards)
• Performed comprehensive security control assessment (SCA) and prepared reports on management, operational and technical security controls
• Developed Security Assessment Reports (SAR) and Plan of Action and Milestone reports (POA&M)
• Supervised multiple projects from project start through delivery by prioritizing needs and delegating assignments.
• Supervised multiple projects from project start through delivery by prioritizing needs and delegating assignments.
• Wrote technical narratives to document processes and design changes.
• Prepared meeting agendas and minutes for distribution and record keeping.

• Performed monthly/quarterly/annual review of portfolio that has facilities with zenith bank
• Analyzed financial statements and reconciled audited statements
• Oversaw collateral audit process; addressed audit irregularities; provided feedback to Risk department .
• Solved over 1000 collection problems for collection representatives and customer service representatives.
• Assessed credit risk and analyzed financial statements.
• Conducted presentations to upper management and executive teams for loan recommendations.
• Assessed credit risk and analyzed financial statements
• Conducted financial review of customer lines of credit by assessing company financials and initiating credit application reviews

IT Career Lab, National Able Network Power BI/Data Analytics