Alberto Buffon

I’ve been accountable for ICT Risk process and GRC platform management. I’ve been responsible for tests execution and continuous improvement of IT General Controls (1st Line of Defense) framework, for policies, processes and other internal rules design and update (e.g. BoI Circ 285-40th update) and being responsible as main referent for internal audit and accounting independent auditors for IT control execution.

As IT Security manager, I'm accountable to establish Security Governance framework, conduct periodic technical and organizational security audit, maintenance and evolution of Business Continuity system and effectiveness of DR. Main achievements: - Cyber Security policy, Information classification policy, Security incident process approved by management board - Reviewed Security governance architecture HDI Italia was formerly Amissima Assicurazioni until February 2022.

I lead projects for General Data Protection Regulation (GDPR) compliance projects for 5 major clients on banking, industrial processing plants engineering, covering the role of matter expert of Organizational and Security topics too. I was accountable of GDPR methodology asset standardization and development and GDPR platform selection and customization. I worked on IT Governance implementation project as project manager and IT Governance subject matter expert.

Senior Consultant on IT Risk, Security and Compliance practise on Financial Services industry. Main achievements: - Established IT Risk management framework, executed IT Risk assessment and reporting for Board of Directors for 2 main Banks - Accomplished gap closing for major audit deviation (application security checklist, technical users, system administration activity auditing) by ECB and Bank of Italy for tier 1 EU bank - Defined a Data Classification and Protection methodology.

IT Strategy and Transdormation analyst role on Life Science and Financial Services industries. Main achievements: - Established IT Operating Model and implemented key processes on Clarity and RemedyForce for 4-geography worldwide group. - Managed project and quality assurance service for banking client, governing team of automated test development.

Power Electronics (circuits, devices, controlling), LED control, Microelectronics, DC-AC engines control, Advanced Control Theory

Microelectronics, Integrated Circuits, Electronics Devices and Materials, Control Theory, Linear Algebra, Mathematics, Phisics