Bio section
PhD, LLM
Jorge Carrillo is an international specialist in Artificial Intelligence governance, cybersecurity, privacy, and governance, risk, and compliance (GRC), with more than two decades of experience across global technology, banking, consulting, higher education, and professional training.
His work sits at the intersection of technology, law, and policy, where digital regulation and enterprise practice converge.
He spent over a decade at Microsoft in senior privacy and compliance roles, leading work on software product compliance, privacy-by-design, data protection obligations, accessibility standards, and enterprise governance controls across international operations. This experience provides direct, first-hand insight into how leading global organisations operationalise privacy, cybersecurity, and regulatory compliance within complex digital ecosystems.
Jorge combines legal expertise, technical depth, and enterprise governance experience, making him well-positioned to design and deliver advanced executive programmes on AI regulation, governance, and cybersecurity compliance.
He holds a PhD in Applied Informatics and a Master of Laws (LLM), and is a Data Protection Officer (DPO) certified by the Spanish Data Protection Authority.
As both a practitioner and an educator, Jorge is committed to equipping technology professionals, executives, and policymakers with the knowledge required to navigate AI governance responsibly, ensuring that AI adoption strengthens organisational resilience, upholds ethical standards, and delivers measurable value to society.
Jorge Carrillo is recognised as the world's most ISACA-certified professional, holding 10 certifications:
CISA – Certified Information Systems Auditor
CISM – Certified Information Security Manager
CRISC – Certified in Risk and Information Systems Control
CGEIT – Certified in the Governance of Enterprise IT
CDPSE – Certified Data Privacy Solutions Engineer
CCOA – Certificate in Cybersecurity Operational Analyst.
ITCA – Information Technology Certified Associate
CET – Certified in Emerging Technology
AAIA – ISACA Advanced in AI Audit
AAISM – ISACA Advanced in AI Security Management
CISSP – Certified Information Systems Security Professional
ISSAP – Information Systems Security Architecture Professional
ISSEP – Information Systems Security Engineering Professional
ISSMP – Information Systems Security Management Professional
PECB Certified ISO Trainer, contributing to AI governance, cybersecurity, and more
Jorge Carrillo is an EXIN Ambassador, coordinating cybersecurity projects and the adoption of ethical AI.
CIPP/E, CIPP/US, CIPP/C, CIPP/A, CIPM, CIPT – IAPP
AIGP – Artificial Intelligence Governance Professional
CAIP – Certified Artificial Intelligence Practitioner
CEET – Certified Ethical Emerging Technologist
AIBIZ – AI Business credentials
Jorge Carrillo, PhD, is a notable expert in IT governance, information security, and privacy. He is renowned for his extensive certifications, particularly with ISACA, where he has been recognised as the 'World's Most ISACA-Certified Professional'.
His expertise spans a wide range of IT security credentials, including CISA, CISM, and CISSP, and he has been acknowledged as a top educator and content creator.
Jorge Carrillo's contributions to the privacy and security sectors are multidimensional. He is a recognised expert in privacy engineering and has worked extensively on high-impact projects across Europe, focusing on privacy, governance, and compliance. His writings on platforms like PECB Insights include topics such as data breach responses and privacy by design, further cementing his role as a scholar and practitioner in these domains
Beyond his ISACA achievements, Jorge Carrillo holds several certifications and awards that underscore his commitment to IT security and privacy. He is an IAPP Fellow of Information Privacy (FIP), illustrating his broad expertise across IT audit, governance, and privacy domains. He also received several educational awards for his contributions to the industry.