Executive summary
Andres has over twenty-three years of experience providing advisory services in the United States, Europe, and Latin America. Andres has experience assisting both publicly traded and privately held organizations manage their organizational risks through internal audits (business and IT processes), risk management, regulatory compliance, and special attestation reports (SOC, AUP, HITRUST) services.
Andres has managed large international engagements using in-country and US based resources ensuring delivery consistency and quality across different geographies, and teams. Providing advisory services to clients from an internal and external audit perspective has allowed Andres to understand both perspectives and assist clients implementing efficient and cost-effective programs to address their internal and external stakeholder needs.
Directing the implementation of successful Sarbanes-Oxley compliance programs, which included leading organization wide scoping efforts, controls optimization, development of process documentation, and controls testing of key financial processes in order to minimize the overall cost of compliance, minimize the impact on the day-to-day operations, and maximize the reliance from the external auditors.
Working with organizations to perform a comprehensive assessment of their operations to help the organizations identify ways to increase efficiency, reduce cost, address existing risks, and implement a control environment that would allow senior management and the board of directors to rely on the information provided from an operational level.
Pricing, directing, and managing risk assessment engagements to help identify risk exposures from an operational, information technology, regulatory compliance, and/or corporate compliance standpoints.
Leading special attestation reports engagements (e.g. SOC1, SOC 2, AT 601) and other risk services related engagements.
Assisting organizations determine how to leverage special attestation reports in order to meet their compliance, regulatory, or client requirements following an efficient, and cost-effective approach.
Scoping, planning, and delivering Internal Audits for large US and international organizations from the risk assessment process through the reporting phase.
Coordinating engagement across multiple industries including technology, retail, financial services, manufacturing, not-for-profit, healthcare, and professional services.