Claudia Erika Quintana Gómez

Experience

• 

  PwC

  Apr 1998 - Jul 2000

  Operational Systems Risk Management Senior

  Responsible to lead risk assessments for Y2K change and other projects related with data cleansing and analysis.Member of the IT Audit team for clients as Televisa, Maxcom and Iusacell.LN system applications development, considering analysis, development, testing, rollout and post implementation support to end users, besides email and applications servers management for the country.

• 

  EY

  Aug 2001 - Aug 2016

  Information Technology Risk Advisory / Financial Services

  PMO for Bank of Tokyo - Implementation of the core banking system. Project Implementation and operation of the IT PMO / Change management function for Santander Bank. HSBC -PMO support for Latin America in the homologation of work plans at a regional level, identification of risks for the implementation of global security standards to adopt an effective financial crime - AML controls. Evaluation of risks and controls for some of the credit card products in Citi bank to ensure compliance and operational risks were covered. Analyzed and quantified the claims portfolio for the bank's consumer sector. Select credit management software for Afore Banorte. PMO for BBVA Mexico to implement an operating model that met regulatory requirements for sales practices. Leads the change management track for the planning and design phases for a financial transformation and ERP Oracle Financials implementation in ICA Company. Improvement and automation for the accounts payable process in Grupo Mexico. Change management strategy for financial transformation and implementation of a SSC and Oracle Financials ERP for Latin America at Brinks Company. Project and change management for a feasibility study for the implementation of a new corporate operating model (COBAM) in Mexico for HSBC. (Technology, processes human resources). Project and change management for the implementation of an SAP ERP in AXA. Software selection and technology strategy definition at Médica Sur. SAP ERP software selection for Vitalmex. Core banking software selection for a bank in southeastern Mexico. Project management, design and implementation of an operational model (COBAM) aligned with the Financial Group's global compliance standards for HSBC. KYC function of the model. PMO for CITI, managing the portfolio of regional information security strategic mandatory projects (LATMEX). Leading IT Audit teams for TELMEX Mexico and LATAM . IT audits in the financial and consumer sectors. Show less

• 

  GICSA

  Sept 2016 - Feb 2020

  Head of the IT Project Management Office. Developed and implemented the regulatory framework for project management, designing the tools, processes, and infrastructure needed. Trained project leaders based on the PMI methodology and generated the dashboards for the reporting of the different projects.The IT portfolio included internal development projects of web application solutions using the Agile methodology, technological and communication enablement for the automation of processes in the different locations of shopping centers, implementation of systems for the backoffice (for example SuccessFactors) and the commercial area (Control Dashboards, BI), infrastructure assurance and updating, among others. The most relevant project due to its complexity, duration and volume of resources was the financial process reengineering accompanied by the migration of the SAPR3 core platform and logistics to the S4Hana cloud, in addition to the incorporation of new functionality for the correct control of the budget and the management of construction projects.As part of the project, the roles and profiles of the entire organization were also updated to strengthen the access control environment in addition to the identification and hardening of programs used internally (Zprograms). Managed, supervised and directed the performance and integration of 4 vendors in the project who carried out the change management tracks, infrastructure and functionality of the system, in addition to the internal project teams to generate synergies and achieve the objective. Show less Responsible for updating, generating and optimizing policies, procedures and processes considering the documentation life cycle until its approval and subsequent implementation in the company. Analysis and evaluation of business, operational, technological and compliance risks to ensure the existence of the necessary controls in the different processes and the solution from the root causes. Coordination for the documentation of walkthroughs to verify compliance with regulations and established controls for different processes. Generation from scratch of the regulatory framework for new business lines that were incorporated into the company. Show less Responsible for developing, updating and improving the regulatory framework for the Information Security area. Performed internal IT audits to verify compliance with general information security controls and security standards (COBIT and ISO2700) to implement and execute mitigation plans such as ensuring all OS, DB, application and network management accounts, awareness campaign and communication towards the security culture in the company, Enabling the "Security Management System" to ensure periodic review of internal vulnerabilities and compliance with IS policies, generation and application of configuration standards for OS, DB, applications and infrastructure, monitoring of availability and behavior of infrastructure and privileged accounts, backup recovery testing, disaster recovery plan, among others. Attended external IT audits and implemented projects such as vulnerability, attack and penetration analysis (external and internal) as well as infrastructure assurance with a 90% compliance level (databases, operating systems, networks and applications). Show less

  • IT PMO

    Mar 2019 - Feb 2020

  • Risk Management / Internal Control

    Mar 2018 - Feb 2019

  • Senior Manager Information Security

    Sept 2016 - Feb 2018
• 

  Citibanamex

  Jul 2020 - Jan 2021

  LATAM PMO Risk & Compliance

  Responsible for the management at regional level in LATAM (23 countries) for the Program of Regulatory Inventory and control mapping. Coordination of the execution, communication, reporting and risk management activities for consolidation and monitoring in conjunction with the central/global project team to report to the LATAM CEO. The role served to collaborate with the broader Independent Compliance Risk Management teams, business partners, technology and global functions to drive the implementation of strategies, tactics and action plans to meet Compliance requirements, consistent with Citi’s risk appetite to deliver long term benefits through building a baseline of tools and structure to manage regulatory risk.Leads the facilitation, coordination, and arbitration of cross functional macro level topics within/across projects and with Senior Management. Ensure that the end-to-end impacts of the changes being implemented as part of the programs are understood, resourced and prioritized.Leads the identification and drive resolution of issues, including those outside established projects of work with stakeholders to ensure project scope definition. Assists project team in negotiating for resources owned by other departments in order ensure the project can be completed.Directs the communication of status, issue, and risk disposition to all stakeholders, including Senior Management, on a timely basis. Show less

• 

  KPMG Technology Services Americas - KTSA

  May 2021 - now

  • Head of Information Technology

    Apr 2023 - now

  • IS PM

    May 2021 - Apr 2023