Jose Antigua is a Director in the Firm’s IT & Risk Assurance Division. Mr. Antigua has more than 11 years of experience working with Governance, Risk and Compliance (GRC) and Information Technology for clients in the financial, healthcare, IT services, government and retail industries. His experience includes IT infrastructure, e-mail systems, backup and networking. He has assisted with numerous audit engagements, developing and assessing IT risk over financial reporting, IT security (including vulnerability assessment, penetration testing and social engineering), IT Governance, disaster recovery and information systems management.
He is an expert in the use of computerized audit techniques to access and analyze data to maximize audit efficiency. He has implemented numerous Continuous Audit (CA) and Continuous Control Monitoring (CCM) projects.
In addition, Mr. Antigua works with Marcum’s teams to bridge the gap between financial audits and internal controls and information systems auditing. He executes GRC and GRC assurance engagements according to various frameworks, regulations and standards including SOX, HIPAA, NIST, SSAE 18, COBIT 5 and GDPR. He identifies process and control weaknesses, analyzes complex systems and works with clients to streamline operations within time and resource constraints. Also he conducts IT Risk Assessments and IT Control Assessments in numerous vertical markets.
Professional & Civic Affiliations
- Information Systems Auditing and Control Association (ISACA)
- Institute of Internal Auditors (IIA)
- Toastmasters International
- FAIR Institute
- International Association of Privacy Professionals (IAPP)
Articles, Seminars & Presentations
- An Integral Approach to Cybersecurity, 2017
- Privacy and GDPR: who has my data, 2018
- GDPR: from doubt to hope, 2018
- Internal Auditor in the Digital Era, 2018
- Cybersecurity SEC requirements for Public Companies, 2016
- Privacy in Perspective: PII and PHI management, 2017
- Business Intelligence for IT Risk Monitoring, 2017
- Risk Management, an Integral Approach, 2015
- Governance, Risk and Compliance (GRC) in practice, 2014
- Internal Control Framework based on COSO 2013, 2014
- Closing the gaps between COBIT 4.1 and COBIT 5, 2014
- IT Audit for CISA exam preparation, 2014