homeShow Me Quality Consultingcontact us

Kevin Osuhor

Lead Supply Chain Analyst

Seasoned Risk Management Professional with demonstrated expertise in developing and implementing risk management programs, conducting vendor due diligence, and managing third-party relationships. Proficient in industry frameworks, regulatory requirements, and standards, including NIST CSF, ISO, COBIT, FFIEC, PCI DSS and SOC 2.

Education:

UNIVERSITY OF MARYLAND

Master of Science in Information Technology (In Progress)

UNIVERSITY OF HOUSTON, HOUSTON, TEXAS

Juris Doctorate

UNIVERSITY OF IBADAN, OYO, NIGERIA

Bachelor of Laws

Career Details:

2024-PRESENT

LEAD SUPPLY CHAIN ANALYST, SHOW ME QUALITY CONSULTING, LLC

2021 - 2024

SENIOR THIRD-PARTY RISK ANALYST, ALLSTATE

  • Proactively managed supplier and fourth-party sub-servicer portfolio of over 60 vendors, mitigating inherent and residual risks through periodic assessments and risk profile updates.
  • Streamlined the third-party risk assessment process using ServiceNow, resulting in a 20% reduction in assessment time and a 10% increase in assessment accuracy
  • Continuously identified, monitored, and reported on third-party risk landscapes, including key and emerging risks with actual and/or potential impacts on vendor portfolio
  • Performed Vendor Risk Assessments (VRA), evaluating key risk factors including financial stability, security protocols, and regulatory compliance to fortify the vendor selection process
  • Structured contractual safeguards by integrating clauses into vendor contracts, mandating adherence to our security benchmarks, and immediately reporting security incidents
  • Safeguarded sensitive data from unauthorized third-party access by evaluating and mitigating information security and privacy risks such as cyberattacks and data breaches
  • Assessed the Incident Response, Business Continuity and Change management protocols of third-party vendors, identified gaps, and formulated corrective action plans to mitigate risks
  • Communicated vendor risk assessment and due diligence findings, as well as Remediation requirements, to senior management, business owners, and vendors
  • Utilized COBIT principles to investigate third-party risk incidents, preventing potential losses and protecting the organizations reputation
  • Crafted and executed key risk reporting, Key Risk Indicators (KRIs), and metrics such as security incidents to provide valuable insights into third-party risk exposure
  • IT General Controls testing and documentation (e.g., Access Control, Data Backup, and Segregation of duties) for 20+ SaaS vendors leading to improved risk mitigation.
  • Achievement: Collaborated on assessing post-COVID-19 risks (e.g., supply chain disruptions, remote work resilience and cyber threats) with a cross-functional team. Introduced a real-time data-driven continuous monitoring model, considering vendor financial stability and cybersecurity posture, resulting in a 15% reduction in third-party risk exposure
2019-2021

THIRD-PARTY RISK ANALYST, BNP PARIBAS BANK

  • Implemented a multi-factor authentication (MFA) system for third-party vendors, reducing the risk of unauthorized access by 15%
  • Conducted rigorous vendor risk assessments for cloud-based vendors (e.g. AWS) using CAIQ, ensuring compliance with regulatory norms and industry best practices
  • Collaborated with cross-functional stakeholders to articulate risk appetite, laying the foundation for refined risk mitigation strategies and vendor relationship choices
  • Provided third-party risk data and responses to regulatory and internal audit requests and exams, ensuring timeliness and accuracy
  • Utilized BitSight for maintaining vendor profiles, conducting risk assessments, managing contracts, monitoring performance, and ensuring compliance with policies and procedures
  • Performed vendor onboarding by customizing due diligence and evaluation criteria questionnaire utilizing Standardized Information Gathering (SIG) control domains
  • Implemented Third-Party Management requirements to comply with regulatory standards and industry best practices such as PCI DSS, FFIEC and NIST CSF
  • Achievement: Increased vendor onboarding efficiency by 20% by recommending an expedient online onboarding process (self-registration, document submission, Vendor Risk Assessment, and approval) during the COVID-19 pandemic, resulting in reduced costs and improved vendor satisfaction
2014 - 2019

IT AUDITOR & CONTROL ASSESSOR, HERITAGE BANK

  • Managed and coordinated IT audit projects, from planning and execution to reporting
  • Audited backup and recovery procedures to ensure data restoration in the event of a disaster
  • Executed auditing processes to evaluate controls effectiveness, and compliance with GLBA, PCI DSS and ISO 270001; identified vulnerabilities, and provided recommendations
  • Reviewed the change management process to ensure adequate control of IT system changes
  • Tested access controls to ensure only authorized users can access sensitive data
  • Evaluated the segregation of duties to ensure that no individual can abuse a process
2010-2013

PRIVACY COMPLIANCE SPECIALIST, LIAMSLAWS LLP

  • Conducted Privacy Impact Assessments (PIA) and Audits for clients reducing potential data breaches through vulnerability identification and rectification
  • Developed compliance training program for clients, boosting awareness and adherence
  • Advised clients on the latest privacy laws and regulations, and compliance strategies

Certifications:

  • Certified in Risk and Information Systems Control (CRISC)
  • Certified Information System Auditor (CISA)

Awards & Recognitions:

  • Excellence in Third-Party Risk Management Award (Allstate - 2023): Recognized for excelling in vendor risk assessments, compliance tracking, and collaborative partnerships.
  • Compliance Champion Award (BNP Paribas - 2020): Awarded for championing compliance with regulatory standards and industry best practices, aligned with FFIEC and NIST CSF.

Professional Affiliations:

  • Third Party Risk Association (TPRA)
  • ISACA – Convention Coordinator, Boston 2023
Privacy Policy
Show Me Quality Consulting © 2024.  All Rights Reserved.