About this learning event

Nowadays it is essential for auditors to be familiar with the Information Technology (IT) risks, controls and techniques they can apply to check compliance of IT systems with regulations, security standards and best practices.

The International Organization of Supreme Audit Institutions (INTOSAI) defines IT audit as a process of collecting and evaluating evidence to determine whether a computer system has been designed to maintain data integrity and safeguard assets, and whether it allows organizational goals to be achieved effectively, and resources used efficiently.

Solid IT systems are vital for the continuous improvements and innovation of processes in public sector organizations. Management is responsible for the performance of these processes and therefore demands high quality standards from their IT operations. Managers also require an objective and independent judgment for their IT systems. IT auditors can play a crucial role in providing management with this judgment by providing assurance to help organizations achieve their goals. With their in-depth knowledge of IT systems, IT auditors are able to perform tailor made audits and assessments in which risks are identified. To reduce these identified risks recommendations are formulated to help improve the overall quality and performance of IT systems. IT auditing is becoming more and more important due to the rapid developments in IT as well as due to the dependence of the business on reliable IT operations.

If you want to become an IT auditor or learn more about the IT audit, a solid body of knowledge is essential. Participating at this event will give you an opportunity for strengthening your understanding of the IT audit and improving your skills for performing IT audits.

What you will learn

The main objective of this workshop is to familiarize participants with the underlying principles and standards, methodology and stages of IT audit execution.

During the workshop we will discuss the following topics:

IT risks analysis and internal controls
Principles, standards, and types of IT audit
IT audit approaches and techniques
IT audit stages: planning, performing and reporting.

How you will benefit

The three-day learning event will be facilitated by two experts from the Central Audit Service, the Ministry of Finance of the Netherlands. It will be based on practical examples and concrete experiences. Short theoretical presentations will be followed by group work exercises based on real examples from the public sector practice. Special attention will also be put to the demonstration of audit tools. This workshop will focus on developing participants’ capacities in IT audit and will allow them to apply the acquired knowledge in their daily work.

By the end of the course, participants are expected to:

Have improved understanding of IT risks analysis
Have learned about principles and common methodology of IT audit
Be familiar with the utilization of audit tools
Have gained insights in the process of performing an IT audit, from start-up to filling of the report.

Who should attend

The workshop is designed primarily for IT auditors working in public sector organizations. This workshop is also recommended for (internal and external) auditors who are interested in conducting IT-audits, as well as financial, quality and IT managers, IT project leaders, system analysts, and supervisors.

Requirements

The workshop will be highly participatory. Participants will have the opportunity to share experience and knowledge.

Event will be in ENGLISH only. No Translation will be provided.

Faculty

Lodewiek Jansen, MSc C|EH, Senior IT Auditor at the Central Audit Service

Lodewiek is a Senior IT Auditor with 5 years of experiences as an IT auditor at the Dutch Central Audit service where he conducts IT audits and security assessments. Previously he has worked as a consultant on IT strategy at the New Worlds of Work.

He works with the Ministry of Ministry of Finance, the Ministry of Security and Justice, the Ministry of the interior and Kingdom Relations, the Ministry of Economic Affairs, the Ministry of Infrastructure and the Environment and the Ministry of Foreign Affairs.

His main fields of expertise are performing IT security audits on Network & IT-Infrastructures, Web application Security, data analysis, ERP Systems as well as IT General Controls. He is also involved in several security assessments on web applications that allow secure and reliable data communications between citizens and the Dutch government through e-government networks.

Some of his personal interests are building web applications and experimenting with new IT (audit) tooling for IT Security or data analysis.

Jasper Veneman, MSc, Senior IT Auditor at the Central Audit Service

Jasper is a Senior IT Auditor with 2 years of experience in Information Security Consulting and over 5 years of experience in IT auditing. Since 2009, he has been employed at the Dutch Central Audit service where he conducts IT audits and security assessments.

He works with the Ministry of Security and Justice, the Ministry of Defense, the Ministry of Social Affairs and Employment, the Ministry of the interior and Kingdom Relations, National Police Corps, Medicines Evaluation Board and the Dutch Tax Administration.

His main fields of expertise are performing security audits on Network & IT-Infrastructures, High Secure environments, Data & Information security as well as IT General Controls. More recently, he has been involved in several security assessments on web applications that allow secure and reliable data communications between citizens and the Dutch government through e-government networks.

Some of his personal interests are finding innovative methods of auditing by using IT tooling and new ways of data analysis.

Information Technology Audit