Samuel Attuquayefio

Proactive and detail-oriented IT audit professional with over four years of progressive experience in delivering IT audit and risk consulting services across multiple sectors. Proven track record in managing full audit cycles, communicating with stakeholders, and assessing IT control frameworks in compliance with global standards. Skilled in applying COBIT, ISO:27001, and NIST frameworks to assess, improve, and report on IT risks and controls. Excellent communicator, collaborative team player, and committed to continuous improvement.

• Certified AWS Cloud Practitioner
• Certified Cloud Security Professional
• Certified ISO 27001 Implementer
• Certified Information System Auditor (CISA)
• Certified in Risk and Information Systems Control (CRISC)
• Certified Network Security Professional ( CNSP)

• Led a technology risk assessment for a multinational financial institution, identifying key security gaps and recommending strategic improvements that reduced risk exposure by 30%.
• Led the IT audit portion of a $100M transformation program with zero critical audit findings.
• Reduced IT audit remediation timelines by 30% through collaborative issue resolution processes.
• Initiated a cloud governance audit framework now adopted as best practice across the organization.
• Recognized for developing a training module that upskilled 10+ team members in cloud risk management.
• Implemented Agile audit techniques to align with iterative delivery methods.
• Coached and developed 4 junior auditors, 2 of whom have progressed to manager roles within the function.
• Received internal recognition for “Excellence in Stakeholder Engagement” in FY2023
• Developed a control testing automation framework that reduced manual testing time by 40% and increased issue detection accuracy.
• Recognized for cross-functional leadership in delivering a major audit of cloud migration controls under tight deadlines
• Streamlined SOX compliance testing for a client, reducing audit timelines by 15% through improved audit methodologies and efficient team collaboration
• Championed a peer learning initiative that improved audit team knowledge sharing and accelerated onboarding by 50%
• Played a key role in enhancing the cybersecurity posture of a major client, helping them pass a critical ISO 27001 audit with no nonconformities
• Supported the execution of a large-scale IT audit project that met all timelines and client expectations, garnering praise from senior leadership for thoroughness and professionalism.
• Assisted in the discovery of a significant cybersecurity vulnerability in a client’s infrastructure, leading to swift corrective action and risk mitigation.
• Contributed to a team effort that successfully completed an audit engagement ahead of schedule, delivering high-quality results and enhancing client satisfaction.
• Designed and delivered IT risk training sessions for clients, improving awareness and implementation of best practices across organizations
• Delivered 35+ successful SOC/ISAE reports for UK-based financial services clients in the past 3 years.
• Zero significant post-review findings on 90% of reports submitted in 2023.
• Co-authored white paper on evolving regulatory expectations in third-party reporting (2024).
• Spearheaded adoption of digital audit tools, increasing audit efficiency by 22%.
• Developed data privacy health checks for GDPR readiness, deployed in 30+ organisations.
• Mentored 6 junior auditors, two of whom are now fully qualified and leading engagements.

• ISACA (Information Systems Audit and Control Association)
• (ISC)² – International Information Systems Security Certification Consortium

• Banking & Financial Services – Audited core banking systems, cloud risk management, and IT governance frameworks.
• Insurance – Evaluated IT risk controls, cybersecurity resilience, and regulatory compliance.
• Third-Party Service Providers (TPAs, Data Centres, Cloud Vendors)
• FinTech and Wealth Management Platforms
• Retail & Commercial – Conducted IT asset audits, business continuity assessments, and ERP system reviews.
• Public Sector – Assessed IT security strategies, risk frameworks, and digital transformation initiatives.
• Pension Schemes – Reviewed IT infrastructure and security controls to ensure data integrity and compliance.

• Strong communication and stakeholder management skills, with experience in delivering reports to senior executives.
• Empathetic team player who models Group values in daily interactions.
• Adept at mentoring junior team members and leading audit engagements.
• Committed to continuous learning and creating an inclusive, growth-oriented team culture.
• Passionate about digital risk, innovation, and driving strategic technology improvement

• IT Frameworks: COBIT, COSO, NIST, ISO 27001
• Audit Tools: TeamMate, ACL, IDEA, MS Excel (Advanced)
• Platforms: Windows Server, Linux, SAP, Oracle
• Reporting: PowerPoint, Word, Excel Dashboards

• Exceptional communication and report-writing skills
• Strategic thinker with operational execution capability
• Strong interpersonal skills and team leadership
• High level of initiative, independence, and accountability, adept at thriving in high-pressure and fast-moving environments
• Adept at thriving in high-pressure and fast-moving environments