Hi, I'm Afiz Adewale Lawal
Risk Management | Information Security | Compliance | Internal Audit | Continuous Improvement
Strategic Business Partner | Driving Business Resilience Through Audit, Risk & Compliance | MBA '26
About Me
I am an experienced Audit, Governance, and Cybersecurity professional with a track record of strengthening control environments, managing complex audit engagements, and aligning enterprise risk with organizational objectives.
As a Lead Auditor at highly regulated organizations, I have directed assurance projects spanning the full spectrum of enterprise risk—from financial reporting and operational workflows to regulatory compliance and cybersecurity defense. I work extensively with frameworks such as NIST 800-53/82, NIST-CSF, ISO 27001, COBIT, CIS v8, PCI-DSS, and SOX, ensuring both compliance and operational resilience.
My expertise is underpinned by a dual degree from Baylor University—an MBA in Business Analytics and an MSIS in Cybersecurity. This unique academic background allows me to bridge the gap between business strategy and technical security. Holding the CISA, CFE, CIA, CISSP, and CCSP credentials, I combine this multidisciplinary knowledge to communicate risk effectively to stakeholders. My approach emphasizes value-added auditing—moving beyond compliance checklists to deliver insights that improve business performance, resilience, and governance maturity.
Specialties: Audit | Cybersecurity Governance | Enterprise Risk Management | Regulatory Compliance | Control Framework Design
Education & Certifications
Baylor University
Master of Business Administration (Business Analytics)
Master of Science in Information Systems (Cybersecurity)
Expected Graduation: May 2026
LAUTECH
B.Tech Applied Economics
Graduated: 2012
Professional Certifications
Professional Experience
Compliance Manager
Baylor University (Intern)
May 2025 - Present- Revamped the University's Tax Compliance State Summary by restructuring multi-state filing data.
- Enhanced accuracy and external audit readiness by verifying 2023 overpayment applications.
Teaching Assistant
Baylor University - IS
Oct 2024 - Present- Support lab instruction in Risk Management, NIST AI RMF, and ISO 27001 frameworks.
- Guide students in system modeling and secure application development using Lucidchart and Visio.
Senior Associate - IS Audit
Wema Bank PLC
Nov 2023 - June 2024- Led risk-based IS audits assessing ITGC and Application controls (NIST, COBIT, ISO).
- Identified SQL Injection risks and unrevoked AD access, reducing privilege violations by 85%.
Associate - Compliance Audit
CSCS PLC
Aug 2022 - Oct 2023- Led readiness activities for ISO 27001:2022 surveillance audits, ensuring successful certification retention.
- Executed audits across business divisions to assess process efficiency.
Senior Analyst - IAM
TAJ BANK Limited
Jan 2022 - July 2022- Reduced access-related audit findings by 70% by implementing stricter entitlement controls.
- Managed user access reviews (SOX/FFIEC) via Active Directory and Okta.
Financial Analyst
JAIZ Bank PLC
Mar 2019 - Dec 2021- Led GL audits uncovering misclassified expenses and reconciliation delays.
- Achieved 90% reduction in month-end close errors through restricted manual postings.
Technical Skills & Tools
GRC & Frameworks
- NIST & COBIT
- ISO 27001 / 22301
- SOX & PCI DSS
- HIPAA & FFIEC
Security Tools
- Splunk & Wireshark
- Nessus & Nmap
- Burp Suite & Kali Linux
- IBM AppScan
Programming & Data
- Python | SQL
- Tableau | PowerBI
- Linux | Windows
- HTML | JavaScript
Key Projects
Automated User Access Review System
Developed a Python script to automate the reconciliation of Active Directory users against HR records, reducing manual review time by 60%.
View on GitHubISO 27001 Readiness Assessment
Led a mock audit and gap analysis for a financial institution, identifying 12 critical non-conformities prior to external certification.
View on GitHubCloud Security Posture Review
Conducted a configuration review of AWS S3 buckets and IAM roles, remediating public access risks for sensitive data.
View on GitHubVendor Risk Management Dashboard
Designed a Tableau dashboard to track third-party vendor compliance scores, expiring contracts, and security assessments.
View on GitHubInternal Audit Data Analytics Suite
Created SQL queries to identify duplicate vendor payments and split-transaction fraud indicators across 50,000+ records.
View on GitHubNIST CSF Implementation Roadmap
Developed a strategic roadmap to align an organization's legacy security controls with the NIST Cybersecurity Framework.
View on GitHubSQL Injection Vulnerability Scanner
Built a basic web scanner in Python to test internal web applications for common SQLi vulnerabilities.
View on GitHubBusiness Continuity Simulation
Coordinated a tabletop exercise for a ransomware scenario to test the effectiveness of the Incident Response Plan.
View on GitHubFraud Detection Algorithm
Utilized machine learning libraries (Scikit-Learn) to model transactional patterns and flag anomalies in credit card data.
View on GitHubAPI Security Audit Framework
Established a testing framework using Postman and Burp Suite to validate proper authentication in REST APIs.
View on GitHubPublications & Research
Blog & Industry News
AI-Driven Cyber Attacks
How artificial intelligence is reshaping the threat landscape in 2025.
Read MoreZero Trust Architecture
Why perimeter-based security is dead and identity is the new firewall.
Read MoreInsider Threat Mitigation
Detecting and responding to malicious or accidental insider risks.
Read MoreIoT Vulnerabilities
Securing the Internet of Things against botnets and unauthorized access.
Read MoreFuture of IS Audit
How automation and real-time monitoring are changing the audit profession.
Read MoreVolunteering
Red Cross Society
Volunteer
2020 - Present- Assisted in disaster response logistics and community support initiatives.
- Provided emergency relief coordination during local crisis events.
Baylor Cybersecurity Club
Member / Officer
2024 - Present- Organized Capture The Flag (CTF) competitions for student engagement.
- Mentored undergraduate students on network security fundamentals.