Open to opportunities

Jennifer Asiedu

@jenniferasiedu

I’m an IT compliance and risk professional, delivering IT audits, ITGC testing, and remediation to keep technology controls secure.

Ghana

Message

What I'm looking for

I’m looking for an IT Audit, Risk, and Compliance role where I can run end-to-end audits and ITGC testing, strengthen GRC processes in ServiceNow/RSA Archer, and partner cross-functionally to manage risk, remediation, and audit-ready compliance outcomes.

I’m a detail-oriented IT Audit, Risk, and Compliance professional who evaluates technology controls, identifies risks, and helps ensure compliance with regulatory frameworks. I perform end-to-end IT audits and IT General Controls (ITGCs), translating audit outcomes into clear, actionable next steps.

In my current role, I help monitor adherence to SOX, ISO 27001, NIST 800-53, PCI-DSS, and HIPAA by supporting policy, procedure, and control documentation. I conduct risk assessments, test controls, and build audit evidence packages while using GRC tools such as ServiceNow and RSA Archer to track risk and remediation activities.

I’m experienced in strengthening access governance by managing user access reviews and coordinating with IT teams on identity and access management compliance. I also support vendor risk assessments by reviewing SOC reports, compliance questionnaires, and documentation to support internal and external audit readiness.

Previously, I worked as a Third-Party Risk and Compliance Analyst, where I led comprehensive vendor risk assessments (including SOC 1 & SOC 2 reviews), maintained third-party risk registers, and followed remediation of control gaps and expired documentation. I bring precise documentation, strong analytical thinking, and discretion to every engagement, with a clear focus on reducing organizational risk through well-managed compliance and security practices.

Experience

Work history, roles, and key accomplishments

Current

IT Compliance & Admin Analyst

Current

Intergritek

Jun 2022 - Present (3 years 11 months)

Monitored adherence to IT compliance frameworks including SOX, ISO 27001, NIST 800-53, PCI-DSS, and HIPAA by supporting IT policy design, control standards documentation, and periodic risk assessments. Produced compliance reports and audit evidence, managed user access reviews, and tracked risk and remediation in GRC tools such as ServiceNow and RSA Archer.

IT Audit ISO 27001 NIST 800 53 PCI DSS HIPAA Risk Assessment

Third-Party Risk Analyst

Trango Tech

Nov 2020 - Feb 2022 (1 year 3 months)

Conducted third-party/vendor risk assessments by reviewing SOC 1 & SOC 2 reports, security questionnaires, and vendor control environments to support ongoing compliance. Managed the third-party risk register, remediation tracking, and vendor onboarding/due diligence workflows using tools such as RSA Archer and ServiceNow, and supported internal and external audit evidence preparation.

Third Party Risk Management Due Diligence Risk Register ISO 27001 NIST 800 53 GDPR Compliance

Public Relations Assistant

Cocoa Research Institute of Ghana

Oct 2018 - Aug 2020 (1 year 10 months)

Managed 50+ customer inquiries daily and achieved a 95% customer satisfaction rate while handling confidential records to maintain data privacy compliance with 0% privacy violations. Streamlined HR-related administration by managing payroll and benefits inquiries and improving response times by 30%.

inquiry handling Data Privacy Compliance Confidential Record Handling HR & Administration