Andrés J. Castañeda portrait

El criterio se hereda. La prudencia se aprende.Judgment is inherited. Prudence is learned.

01About

Twenty-seven years, in the practice of judgment.

Independent global risk management executive. Bilingual in English and Spanish. Based in Miami, working across the Americas.

I advise the way I want to be advised. Plain language, early enough to matter, grounded in what the business is actually deciding.

01 Executive Focus

I am best aligned with executive, interim, and advisory roles where risk, audit, controls, cyber, AI governance, and cross-border complexity intersect.

02 What I do

I help global organizations make consequential decisions with clarity, and build the risk, governance, and control environment that holds up when those decisions are tested. The work happens alongside boards, audit committees, and senior leadership, where risk becomes a strategic input rather than a reporting obligation.

It sits at the intersection of enterprise risk, internal audit, SOX, IT risk, and AI governance — and shows up most often in three situations:

  • A multinational preparing for an IPO, where controls are about to be scrutinized.
  • A business scaling into new markets, where the old risk model no longer fits.
  • A function that has drifted from what the business now requires, and needs to be rebuilt.

The goal is not a heavier risk function. It is a sharper one that gives leaders the picture they need before they act.

03 Selected Impact

These snapshots reflect the work I am best aligned with: companies facing growth, scrutiny, transformation, cross-border complexity, or the need for stronger board level confidence.

01

Reducing SOX burden while strengthening control confidence

Challenge
A large multinational faced rising SOX effort, duplicated controls, heavy testing, and growing audit fatigue. Leadership needed to reduce compliance burden without weakening control discipline or creating new risk.
Response
I helped evaluate the control environment, challenge low-value activities, improve reliance, and redesign the control model around business risk, ownership, and assurance quality.
Result
The work identified opportunities to reduce compliance cost by up to 25% while preserving control strength and giving executives a clearer view of higher-priority risks.
02

Building cross-border risk leadership across the Americas

Challenge
Multinationals operating across Latin America needed more consistent risk, audit, controls, and compliance support across markets with different business practices, regulatory expectations, and local execution models.
Response
I led cross-border teams of more than 40 professionals across 14 Latin American markets, connecting local knowledge with regional oversight, executive reporting, and practical risk advisory delivery.
Result
The platform supported Fortune 1000 and multinational clients, strengthened client relationships across markets, and contributed to double-digit annual growth in the advisory practice over time.
03

Expanding internal audit from compliance coverage to leadership insight

Challenge
A company needed internal audit to provide stronger coverage, better issue visibility, and more useful insight for management and the audit committee. The function had to move beyond control testing and become more relevant to business decisions.
Response
I helped align audit coverage with enterprise risk, control priorities, cyber exposure, third-party risk, and executive concerns. The work improved how risks were identified, reported, owned, and escalated.
Result
The program expanded audit coverage and reduced control deficiencies by up to 30%, giving leaders a sharper view of risk and a stronger basis for action.
A client risk review agenda annotated by hand in both English and Spanish, in blue and red ink
In two languages I draft in the language the room is going to use.
04 How I work

I work alongside boards and executive teams to turn complex risk, regulatory, and operational questions into decisions the business can actually act on. I have led cross-border teams of more than forty professionals across North and Latin America, and I write and speak the way I advise clients. Plain, direct, and early enough to matter.

05 What I carry with me

I came to this work as a Latino immigrant, and the values I carried cross-border still shape how I lead. Family grounds me. My wife and our two children are the reason the work matters beyond the work itself.

Across every organization I have led, the constant has been the same: high-performing teams, built on trust, candor, and shared accountability. That is what produces results worth keeping.

I bring that same conviction to my independent practice today, advising leaders, sharpening how organizations make consequential decisions, and mentoring the next generation of risk professionals coming up behind me.

Certifications
  • Enterprise Decision-Making · Kellogg Executive Education
  • Certified Information Systems Auditor · ISACA
Education
  • B.S. Computer Science · Florida State University
Domains
  • Enterprise risk · Internal audit · SOX and controls · IT and cyber risk · AI governance · Third party and model risk
Industries
  • Financial services · Technology · Healthcare · Manufacturing · Service and adjacent sectors across the Americas
Languages
  • English and Spanish, native fluency in both

Where the rest of the detail lives. Curriculum vitae Speaker one-sheet

Andrés J. Castañeda signature
Andres J. Castañeda · Miami
Tweaks