Rodrigo Enrique Romero Rodríguez Consulting Lead Partner
Consulting Lead Partner
Expertise on the following sectors: financial, retail, manufacturing,consumer, healthcare, telecommunications, public
Professional Experience
With over 21 years’ experience in audit, control, security and IT process, and privacy projects. Enrique is responsible for Risk Management (technology and consulting) services.
He has developed a strong experience in internal control of technology, privacy, as well as IT elements of different SOX, JSOX, CNBV (CUB and CUACP) regulations and related control frameworks such as COSO, Cobit, ITIL, ISO27001.
He has extensive professional experience in services related to the design, implementation and evaluation of controls during processes of change and implementation of ERP applications; he also has experience in security, software asset management, software licensing reviews, software licensing reviews to third parties, business continuity planning & disaster Recovery plan, IT asset management, Vendor Management, Service Level Management, and control of information technologies.
Education
B.S. Computer Systems by ITESM
Memberships and registers
CRISC Certification (Certified Risk Information Systems and Controls) by ISACA
CGEIT Certification (Certified in Governance of Enterprise of IT) by ISACA
ITIL Foundation Certificate in IT Service Management
PECB Certified ISO 22301 Lead Auditor
Certified Data Privacy Solutions Engineer by ISACA
Member of ISACA
Member of ITAM
Want to know more?
Pages associated to Rodrigo Enrique Romero Rodríguez
Industries
Services
- System and Organisation Controls (SOC)
- Sistema y organización de los reportes de control (SOC)
- Aseguramiento y revisiones independientes
- System and Organisation Controls (SOC) Reporting
- PCI Compliance Service Offerings
- Process automation and digitalisation
- Enterprise solution transformation
- Data analytics solutions
- Technology and digital consulting
- Third party risk management & assurance
- Regulatory compliance
- IT assurance & advisory
- Internal control
- Internal audit
- Governance
- Enterprise risk management
- Cyber security & data protection
- Risk consulting
- Organisational design
- Business function strategy & excellence
- Change management
- Business continuity planning
- Management consulting
- Privately owned business services
- The reshape crisis recovery program
- Digital
- Strategy
- Compliance program preparation
- ISO 37001, Internal Audit certified
- ISO 37001, Leader Auditor certified
- ISO 37001, Lead Implementer certified
- ISO 370001 Foundations certified
- Risk Management Foundations with ISO 31000
- Internal Audit Foundations
- Contractual risk management
- Forvis Marzars and SoftExpert sign strategic alliance
- Forvis Mazars and Aspera sign alliance
- Forvis Mazars and DSTI Mexico sign alliance
- Robotic Process Automation (RPA)
- Microsoft Licensing course
- PCI – DSS course
- Software Asset Management (SAM) Course
- SAM Cloud Assessment
- SafePaaS
- ISO 37001 preparation course
- ISO 27032 preparation course
- COBIT 2019 preparation course
- CISA preparation course
- Preparation and certification courses
- Business resiliency
- Licensing Assurance and Forvis Mazars sign alliance
- Strategic Alliances
- Business Management Services
- Management by competencies
- Customer Relations Management (CRM)
- PenTesting
- Implementation and compliance for SGSI, PCI DSS, SPID y SPEI
- Service level management
- Supplier management
- Supplier management
- Implementation of SAM / HAM service
- SAMaaS / Licensing Assurance
- IT Asset Management and Control (ITAM)
- Consulting for Technology-based GRC Solutions (SAP / ORACLE)
- Audit of general IT controls
- Operations and Compliance Internal Audit
- Process reengineering
- Documentation of policies and performance indicators
- IT Internal Control
- Strategic business management
- Regulatory compliance: SOX, Solvency II, SSAE18-ISAE3402, local regulations (CNSF, CNBV, LFPDPPP)
- Management and process improvement
- Internal control system (COSO)
- Operational risk management (ISO 31000, COSO ERM)
- Implementation of technology-based Entrepreneurial Architecture (EA) and GRC solutions
- Evaluation of Corporate Governance
- Specialized IT Consulting Services
- Operational Strategy and Efficiency
- IT Consulting Services
- Consulting
Insights
- PCI DSS Compliance
- PCI DSS Update 4.0
- Not if, but when. Strengthening the safety net to improve cyber resilience
- Subcontracting in Mexico - How to ensure compliance?
- The robotic software revolution and mobility
- Driving public sector efficiency with RPA
- From crisis to innovation – an opportunity for RPA in transportation
- Next generation ecommerce driven by RPA
- Finding finance savings through RPA in telecoms
- Meeting food delivery demand with RPA
- The pharmaceutical sector’s important role in global health – using RPA to work smarter, better and faster
- How RPA can facilitate digital transformation in financial services
- Smarter, better, faster: RPA at work
- Internal Audit during and beyond the Covid-19 crisis
- Nuevo SAS 70