Emmanuel Abaka
Atlanta,GA
Summary
Accomplished professional with expertise in risk management, stakeholder engagement, and driving operational excellence. Skilled in identifying root causes, developing strategic solutions, and delivering measurable improvements to complex projects. Known for fostering collaboration, streamlining processes, and aligning team efforts with organizational objectives to achieve impactful results.”
Overview
7
7
years of professional experience
1
1
Certification
Work History
Risk Officer
Morgan Stanley
Atlanta , GA
05.2023 - Current
- Manage the end-to-end issue resolution process, including identification, documentation, analysis, and resolution of issues affecting project and operational outcomes.
- Escalate and report breach limits to bank committees to enhance risk management and mitigation efforts.
- Conduct annual assessments to identify adequacy gaps and eliminate redundant metrics, ensuring efficient risk monitoring.
- Identify key risk areas lacking adequate metrics, report gaps to management, and drive corrective actions.
- Ensure metrics are delivered accurately and within established timelines, enabling effective decision-making.
- Monitor issue management metrics to track performance and identify trends for improvement.
- Conduct thorough risk reviews to uncover control gaps and implement remediation strategies.
- Collaborate with developers to design and implement metrics for critical and high-risk issues.
- Ensure timely completion of governance deliverables with high quality, providing adequate lead time for management review.
- Develop and maintain comprehensive issue management frameworks, guidelines, and best practices to strengthen organizational response capabilities.
- Analyze and document issues in project and operational environments, providing actionable recommendations for improvement.
- Coordinate with cross-functional teams to support timely resolution of issues and track progress effectively.
- Execute thorough QA testing to ensure seamless implementation of solutions in the production environment.
- Prepare detailed reports on issue trends, root causes, and resolution effectiveness to refine issue management strategies.
- Design and implement risk management strategies and policies to minimize financial, operational, and compliance risks.
- Perform regular risk assessments and audits to identify vulnerabilities and recommend improvements.
- Analyze risk trends and prepare detailed reports for senior management, highlighting key areas and actionable plans.
- Collaborate with internal audit teams to address breached metrics and implement necessary controls.
- Leverage data-driven metrics to proactively manage and mitigate risks.
Third Party Risk Consultant
Rovust
Dallas, Tx
04.2021 - 04.2023
- Analyzed risk management of client portfolios to evaluate vendor security controls.
- Evaluated governance controls, SOC reports, and policies.
- Drafted reports with recommended mitigating controls for stakeholders.
- Facilitated the remediation process with business process owners and supplier contacts, tracking progress to completion.
- Worked with control owners and product owners gathering required documents for testing tasks.
- Validated remediation action plans by reviewing closure evidence provided by vendor contacts.
- Conducted reviews of key information technology controls, including backups, data integrity testing, audit logs, remote access control, application-level security, and environmental controls.
- Assessed security assurance reports (SOC 1 & 2) from third-party vendors to validate control effectiveness.
- Communicated and presented validated audit findings, contributing to the development of the annual audit plan by performing risk assessments and identifying high-risk areas.
- Extensive experience in risk management, including RCSA implementation and execution.
- In-depth knowledge of industry regulations and best practices related to risk management.
- Regularly collaborated with legal, compliance, and supplier management teams during the vendor assessment process.
- Analyzed business processes and workflows to identify inefficiencies and recommend solutions.
- Partnered with IT and developers to verify that requirements were correctly interpreted and applied.
- Assisted in the development of project plans, timelines, and resource allocations.
- Project Management and Documentation:
- Conducted risk assessments and developed mitigation strategies, reducing project delays by 25%.
- Prepared and presented detailed business cases and feasibility studies to stakeholders.
- Supported senior analysts in the collection and analysis of business data.
- Created and maintained documentation, including process maps and requirement specifications.
- Coordinate with cross-functional teams to develop and implement effective solutions, ensuring timely and efficient resolution.
- Conducted issue resolution assemblies, collaborating with stakeholders to resolve concerns.
- Identified and analyzed issues within project and operational environments.
- Prepared detailed reports on issue trends, root causes, and resolution effectiveness, contributing to improved issue management strategies.
- Prepared detailed reports on issue trends, root causes, and resolution effectiveness, contributing to improved issue management strategies.
- Develop and implement risk management strategies and policies to minimize financial, operational, and compliance risks.
- Conduct regular risk assessments and audits to identify vulnerabilities, and recommend improvements.
- Collaborate with departments to design and execute risk mitigation plans, and ensure adherence to regulatory requirements.
- Analyze risk trends and prepare detailed reports for senior management, highlighting key risk areas, and action plans.
- Utilize metrics to manage and reduce risk.
Vendor Risk Management
EndGold Consulting(CVS Pharmacy)
Dallas, Tx
01.2018 - 05.2021
- Delivered information security risk expertise, identifying cyber risks across the enterprise.
- Conducted due diligence based on risk domains relevant to the scope of services to be delivered.
- Authored assessment summary reports detailing identified gaps, potential impacts, and recommendations for risk mitigation.
- Demonstrated strong customer service skills to ensure a smooth evidence collection experience for vendors.
- Documented risk information, including regular reports for leadership and management teams.
- Executed information security risk and control identification, evaluation, documentation, analysis, and reporting using analytical tools.
- Reviewed existing and new third-party services and data within the scope of assessment, analyzing engagement risk ratings.
- Reviewed organizational policies, standards, and procedures, providing professional advice and recommendations on adequacy, accuracy, and regulatory compliance.
- Designed and drafted reports, assessments, and other documents to support decision-making on information security risks and controls for executives, system owners, and management.
- Collaborated with Third Party Risk Management (TPRM) and other risk partners, including privacy, compliance, disaster recovery, country-specific risks, fraud, physical/environmental risks, and HR/personnel.
- Tracked open issues and managed related remediation execution using a GRC tool as the central repository for risk and control information.
- Assisted in developing and implementing risk management and control frameworks for vendor/supplier (third-party) external risk assessments.
- Participated in client engagement reviews of disaster recovery and business continuity planning for Sarbanes-Oxley (SOX) testing.
- Translated Excel workbooks and Google Sheets into functional dashboards.
- Utilized a GRC tool as the central repository for risk and control information.
Education
Bachelor of Science - Business Administration
Dallas Christian College
Skills
- Issue Tracking and Management
- Root Cause Analysis
- Risk Management
- Project Management Software (eg, JIRA, Agile)
- Stakeholder Communication
- IBM(Open pages)
- Metrics
- Process Improvement
- Data Analysis and Reporting
- Team Leadership and Collaboration
- Control Testing and Validation
- Vendor/Supplier Risk Assessment
- Audit and Compliance
- Documentation and Reporting
- Information Security Controls
- Regulatory and Industry Standards Knowledge (NIST, COBIT, ISO, PCI-DSS)
- Third Party Risk Management (TPRM)
- Remediation Process Handling
Certification
Certified in Risk & Information Systems Controls (CRISC)
Certified in Cloud Audit Knowledge (CCAK)
Security +
Certified Information Systems Auditor(CISA)
Timeline
Risk Officer
Morgan Stanley
05.2023 - Current
Third Party Risk Consultant
Rovust
04.2021 - 04.2023
Vendor Risk Management
EndGold Consulting(CVS Pharmacy)
01.2018 - 05.2021
Bachelor of Science - Business Administration
Dallas Christian College