Miguel Obando

About Miguel

Miguel is a proven IT auditor and risk leader with advanced knowledge and experience in information systems and risk management, IT general and application controls, internal and external compliance audits, and global project management. With a keen understanding of cross-cultural business processes, regulatory requirements and emerging technologies, he confidently assists clients with their IT compliance programs, helping to drive business growth and minimize risks.

During his 20+ year career, Miguel has served in high-level management positions, including as an IT manager and regional IT compliance manager at a Fortune 500 multinational personal care and consumer products company. Subsequently, he was a senior information systems auditor at a Fortune 50 property, casualty, and automobile insurance provider and an IT compliance and risk manager for a global medical device company.

Miguel’s IT control framework skill set includes the National Institute of Standards and Technology (NIST), Control Objectives for Information Technologies (COBIT), Information Technology Infrastructure Library (ITIL), and Federal Financial Institutions Examination Council (FFIEC). He is adept at planning, executing and managing highly complex IT audit projects, including in-depth audit program development, vulnerability testing, root cause analysis, reporting findings and recommending solutions to management, implementing action plans and validating remediation solutions.

Additionally, Miguel’s experience includes enterprise-wide regulatory compliance with the governing laws of the Sarbanes-Oxley Act (SOX), Gramm-Leach-Bliley Act (GLBA), Health Insurance Portability and Accountability Act (HIPPA), Payment Card Industry Data Security Standard (PCI DSS), and General Data Protection Regulation (GDPR). He is skilled in corporate IT governance, internal and IT controls for information systems, network security, change management, business continuity plans and disaster recovery procedures. As a subject matter expert, he delivers awareness training of IT controls to organizations.

Clients value Miguel’s broad IT management experience as he collaborates with leadership and provides effective strategic direction, budget guidance and operational functions to maximize their information technology investments. He capably recognizes the IT controls needed to manage an organization’s compliance programs while finding the right balance between business needs and acceptable risks.