GRC practitioner working at the intersection of federal compliance and applied AI.
GRC practitioner working at the intersection of federal compliance and applied AI.
Featured Project
NIST 800-53 Common Controls Catalog
Most organizations implementing NIST 800-53 re-implement the same inheritable controls system by system — duplicating effort NIST 800-37 was designed to eliminate. This catalog pre-identifies 165 common control candidates across the full 1,189-control framework, tagged by baseline and implementation type, with a built-in decision framework for expanding your program.
Ugo Eze
CISSP · PMP
I'm Ugo — a Cybersecurity GRC Lead with over a decade of federal security assessment and compliance work across financial regulatory and education environments, including FDIC, Federal Student Aid, and the FFIEC.
Hundreds of security assessments, 30+ ATOs, and program leadership on a $1.25M engagement delivered on time and under budget.
A two-week security authorization at FDIC got a new access control system approved fast enough for the agency to retire a legacy contract, freeing over $1M in recurring costs.
A SQL-based automation tool built at the FFIEC cut vulnerability scan processing time by 75% and ran across four agencies for four years.
The Common Controls Catalog came from watching federal agencies re-implement the same inheritable controls system by system for a decade — so I built the starting point that didn't exist.
When I'm not doing assessment work, I build things. This is where they live.