Boluwatife Olu-Ashake V.

GRC Analyst

United Kingdom

I'm a GRC Analyst with a legal foundation, passionate about bridging the gap between compliance requirements and practical execution. I help organizations stay audit-ready and aligned with frameworks like SOC 2 and ISO 27001 — without getting buried in complexity. Whether it’s drafting clear policies, mapping controls, or assessing vendor risks, I translate technical and regulatory demands into structured, actionable documentation that teams can actually use.

Portfolio
Linkedin
Following the NIST CSF mapping I did for Duke University's IT security environment, I conducted a...

Following the NIST CSF mapping I did for Duke University's IT security environment, I conducted a targeted gap analysis and risk assessment to better understand how maturity gaps translate into operational risk. The assessment analyzed each observed security gap in terms of likelihood (how probable an incident could result) and impact (what the consequences would be on operations, compliance, or reputation).

Linkedin
I recently completed a mapping of the full National Institute of Standards and Technology (NIST)...

I recently completed a mapping of the full National Institute of Standards and Technology (NIST) Cybersecurity Framework (108 core questions) to Duke University's IT security policies and practices. I used the Nationwide Cybersecurity Review (NCSR) maturity model to build an Excel matrix by looking through the institution's internal policies, procedures, standards, and actual practices.