Samuel Attuquayefio
London
Summary
Strategic Technology Risk Leader with 8 years of experience in cybersecurity, data governance, and AI risk management within highly regulated industries, including financial services and professional services. Proven expertise in developing and embedding enterprise-wide risk frameworks, ensuring compliance with ISO27001, Cyber Essentials, GDPR, and FCA/PRA guidelines. Skilled at leading technology change and AI oversight, providing executive-level insights, and influencing strategic decisions through robust risk reporting and governance. Recognized for excellence in stakeholder engagement, team leadership, and regulatory alignment, with a reputation for driving a strong risk culture and delivering measurable business impact.
Overview
7
7
years of professional experience
1
1
Certification
Work History
Senior Control Assurance Manager
KPMG UK
Canary Wharf
04.2023 - Current
- ed oversight and independent challenge of cybersecurity and technology risk management activities, aligning practices with ISO27001, Cyber Essentials, and firmwide policies.
- Developed and refined risk measurement methodologies, enhancing technology and cyber risk profiles across multiple business units.
- Provided risk advisory and oversight of AI transformation projects, addressing bias, ethical implications, and regulatory compliance.
- Delivered executive reports to senior stakeholders and board members, highlighting critical risks, remediation strategies, and key risk trends.
- Strengthened data governance framework, ensuring compliance with data protection regulations and embedding robust data quality controls.
- Directed a team of 20 risk professionals, fostering a collaborative culture and enhancing team capabilities in line with enterprise risk management objectives.
Technology Risk Manager
KPMG
Accra
06.2022 - 04.2023
- Conducted comprehensive technology change and risk assessments, identifying vulnerabilities in cloud migrations, AI adoption, and data initiatives.
- Partnered with internal audit, compliance, and IT to provide independent challenge to control design and effectiveness.
- Enhanced the firm’s risk reporting framework, ensuring accurate and timely communication of KRIs and emerging threats to senior leadership.
- Supported regulatory submissions and responses to external audits, demonstrating adherence to FCA/PRA cybersecurity guidelines.
Internal Assistant IT Audit Manager
Bank of Africa
Ghana
10.2021 - 06.2022
- Executed IT audits focusing on infrastructure, applications, and cybersecurity risks.
- Assessed internal controls, ITGC, and compliance measures, ensuring adherence to regulatory requirements.
- Assisted in the development and enhancement of IT risk management strategies.
- Provided expert recommendations to mitigate IT risks, improve system security, and optimize operational performance.
- Engaged cross-functional teams to address audit findings and drive implementation of corrective actions
Information Security Specialist
Unigold Homes Ltd
Accra
06.2018 - 10.2021
- Evaluated technology controls for compliance with ISO27001, GDPR, and internal risk frameworks.
- Designed and delivered training programmes on cybersecurity awareness and ethical use of AI and data analytics.
- Provided hands-on support during incident response and risk mitigation efforts.
Education
Bachelor of Science - Information Technology
MUCG
Accra, Ghana10-2020
Skills
- Cybersecurity Risk & Control Assurance (ISO27001, Cyber Essentials)
- AI Governance & Ethical Risk Management (Bias, Fairness, Transparency)
- Data Governance, GDPR & Regulatory Compliance (FCA, PRA, DORA)
- Risk Modelling, Measurement & Key Risk Indicators (KRIs)
- Enterprise Risk Management (ERM) & Framework Development
- Technology Change Risk Oversight (Cloud, AI, Digital Transformation)
- Stakeholder & Executive Engagement (Board-Level Reporting)
- Leadership, Mentoring & People Development
Certification
- Certified AWS Cloud Practitioner
- Certified Cloud Security Professional
- Certified ISO 27001 Implementer
- Certified Information System Auditor (CISA)
- Certified in Risk and Information Systems Control (CRISC)
- Certified Network Security Professional ( CNSP)
Accomplishments
- Led a technology risk assessment for a multinational financial institution, identifying key security gaps and recommending strategic improvements that reduced risk exposure by 30%.
- Developed a control testing automation framework that reduced manual testing time by 40% and increased issue detection accuracy.
- Recognized for cross-functional leadership in delivering a major audit of cloud migration controls under tight deadlines
- Streamlined SOX compliance testing for a client, reducing audit timelines by 15% through improved audit methodologies and efficient team collaboration
- Championed a peer learning initiative that improved audit team knowledge sharing and accelerated onboarding by 50%
- Played a key role in enhancing the cybersecurity posture of a major client, helping them pass a critical ISO 27001 audit with no nonconformities
- Supported the execution of a large-scale IT audit project that met all timelines and client expectations, garnering praise from senior leadership for thoroughness and professionalism.
- Assisted in the discovery of a significant cybersecurity vulnerability in a client’s infrastructure, leading to swift corrective action and risk mitigation.
- Contributed to a team effort that successfully completed an audit engagement ahead of schedule, delivering high-quality results and enhancing client satisfaction.
- Designed and delivered IT risk training sessions for clients, improving awareness and implementation of best practices across organizations
- Reduced technology control weaknesses by 35% year-on-year through enhanced oversight and targeted remediation.
- Successfully oversaw a firmwide AI adoption programme, ensuring ethical AI usage and regulatory compliance.
- Introduced a KRIs-based prioritisation model, improving board visibility of emerging risks.
- Spearheaded adoption of a data governance framework across operations, reducing data quality errors by 28%.
- Strengthened regulatory compliance posture, enabling successful audits with no major findings
- Developed and delivered AI risk training to over 200 staff, improving awareness of ethical and operational considerations
- Improved incident reporting and response protocols, reducing critical incident handling time by 40%.
- Contributed to successful attainment of ISO27001 certification across business units.
Professional Memberships
- ISACA (Information Systems Audit and Control Association)
- (ISC)² – International Information Systems Security Certification Consortium
Technical Skills
- Platforms: Windows, UNIX/Linux, Mainframe
- Tools: ACL, IDEA, Tableau, Power BI, Jira, ServiceNow
- Languages: Python (audit automation, data analysis), SQL
- Cloud: AWS, Azure, GCP (audit and governance)
- Frameworks: NIST, ISO, COBIT, ITIL
References
References available upon request.
Industries Served
- Banking & Financial Services – Audited core banking systems, cloud risk management, and IT governance frameworks.
- Insurance – Evaluated IT risk controls, cybersecurity resilience, and regulatory compliance.
- Retail & Commercial – Conducted IT asset audits, business continuity assessments, and ERP system reviews.
- Public Sector – Assessed IT security strategies, risk frameworks, and digital transformation initiatives.
- Pension Schemes – Reviewed IT infrastructure and security controls to ensure data integrity and compliance.
Additional Information
- Strong communication and stakeholder management skills, with experience in delivering reports to senior executives.
- Empathetic team player who models Group values in daily interactions.
- Adept at mentoring junior team members and leading audit engagements.
- Committed to continuous learning and creating an inclusive, growth-oriented team culture.
- Passionate about digital risk, innovation, and driving strategic technology improvement
Timeline
Senior Control Assurance Manager
KPMG UK
04.2023 - Current
Technology Risk Manager
KPMG
06.2022 - 04.2023
Internal Assistant IT Audit Manager
Bank of Africa
10.2021 - 06.2022
Information Security Specialist
Unigold Homes Ltd
06.2018 - 10.2021
Bachelor of Science - Information Technology
MUCG
Similar Profiles
Sagar SharmaSagar Sharma
Senior Quality Assurance Engineer at KPMG UKSenior Quality Assurance Engineer at KPMG UK
Emmanuel NwakubaEmmanuel Nwakuba
Introduction to Technology Job Simulation on Forage at KPMG UKIntroduction to Technology Job Simulation on Forage at KPMG UK
Charlotte CookCharlotte Cook
Assistant Manager at KPMG UKAssistant Manager at KPMG UK
RAJAT SHARMARAJAT SHARMA
Deputy Manager – Private Equity Audit & Valuations at KPMG UKDeputy Manager – Private Equity Audit & Valuations at KPMG UK
Selin YozkanSelin Yozkan
Store Colleague at Holland & BarrettStore Colleague at Holland & Barrett