Gartner Expert

Pedro Pablo Perea de Duenas

Sr Principal Analyst

Senior Principal Analyst with a focus on risk management & Security for different areas like Change Management, Operational Resilience, Platform Security, etc.

Previous experience

Prior to Gartner, Pedro Pablo has worked for Deloitte as a Consultant and for ING as IT Risk Expert.

The main tasks during that time were:


-IT support in Financial Audits: performing General IT Controls of different technologies over 4 levels

(application, database, operating system, network), identifying and testing automatic controls,

integrity and accuracy validation of relevant reports extracted from systems.

-Designing and implementing IT Control Models based on several standards and legislations. For

instance: SOC I, II, III defined by AICPA (American Institute of Certified Public Accountants), law

Sarbanes-Oxley (SOX), ISO 27001, SII (legislation of Spanish Tax Agency), etcetera.


-Leading and performing deep dives and process reviews in different entities around the world in order to see the level of compliance with the IT Security best practices and regulations.

-Documenting, preparing and reporting the results of the reviews to the high management and

different stakeholders of the entities.

-Reviewing, validating and challenging as 2nd Line of Defense the design and implementation for all the controls for the different areas of the ING IT Security Standards.

-Participating in the new Global initiatives about IT Risk, new standards and new technologies to be


Professional background


IT risk experienced senior


IT Security & Risk Management expert

Areas of coverage

Security of Applications and Data

Security Operations

Infrastructure Security

Cyber Risk

Cybersecurity Leadership


Computer Science at Complutense University of Madrid

Certifications: CISA, CISM

Read More Read Less

Top Issues That I Help Clients Address

1SOC 2 Certification

2Security issues

3Risk Management issues

4IT risk policies and standards