Theme: Governance Risk & Compliance

Compact 2021/1 |

Handling data transfers in a changing landscape

Door: Laura Huijts LL.M. CIPP/E CIPM CIPT | Daniela Gonzalez Riedel CIPP/E

Although privacy has long been a discussion point within technology, its role in the use of Cloud services has not…
Compact 2020/3 |
Business Platforms & Internet of Things

Cross-system segregations of duties analysis in complex IT landscape

Ten lessons learned based on project at financial services company

Door: Hylke van Weperen MSc | Pascal van Vugt MSc

This article explains the importance of access controls and segregation of duties in complex IT landscapes and elaborates on performing…
Compact 2020/3 |
Business Platforms & Internet of Things

Exploring digital: empowering the Internal Control Function

Insight into four different digitization options to keep up with today's fast-paced world

Door: Sylvester van der Giesen MSc | Vincent Speelman MSc

The Internal Control Function, or second line of defense is a vital part of the organization tasked with devising and…
Compact 2020/2 |
Payments & Business Technology

Transaction monitoring model validation

An approach to self-attestation

Door: Chrit van Beusecom MSc | Jori van Schijndel MSc

The bar for transaction monitoring by financial institutions has been raised during the past decade. Recently, several banks have been…
Compact 2020/2 |
Payments & Business Technology

PSD2 risks and IT controls to mitigate

Door: Bhagyashree Mall CISA BTech | Orpa Schlemmert CISA ACMA CGMA | Stephanie Oechslin MCom CISA CA(SA)

With the introduction of the second Payment Service Directive (PSD2), some new IT risks evolved from the regulation which has…
Compact 2020/2 |
Payments & Business Technology

Outsourcing

Supervision of outsourcing at financial institutions becomes more extensive, also impacting service providers including payment service providers

Door: Kiruna Boll-van Schip MSc RA | Maarten Visser MSc

Service providers of payment and account information services are required to obtain a license issued by De Nederlandsche Bank (hereafter…
Compact 2020/1 | Cyber Security & Privacy

Emerging from the shadows

Why business ownership is the answer to managing the risk of Shadow IT

Door: Olga Kulikova MSc | Ramya Iyer MSc

Shadow IT might sound threatening to some people, as if it originates from a thrilling detective novel. In an organizational…
Compact 2019/4 | Digital Auditing & Beyond

How will blockchain impact an information risk management approach?

Door: Steven van der Weerd MSc

Blockchain is considered an emerging technology that has the potential to significantly transform the way we transact. The establishment of…
Compact 2019/4 | Digital Auditing & Beyond

Robo-advice: how to raise a new machine

What are the risks and the controls to mitigate them?

Door: R.J. Voster BEng

Johannes Kepler, a German 17th century astronomer, famous for discovering how planets revolve around the sun, is supposed to have…
Compact 2019/4 | Digital Auditing & Beyond

De impact van Robotic Process Automation op de audit

Door: Paul Kromhout RE CISA | Matthijs Pouwer MSc | Nirmala Chaturi

Het toepassen van nieuwe technologieën gericht op verbetering en automatisering van bedrijfsprocessen, neemt in hoog tempo toe. Eind 2019 hebben…
Compact 2019/1 | Enabling SAP Value

The lessons learned from did-do analytics on SAP

The 10 most valuable tips to analyse actual SoD violations in SAP

Door: Dave Günthardt MSc RE | Drs. D. Hallemeesch RE | Sylvester van der Giesen MSc

In addition to the traditional SAP authorization analysis (‘can-do’ analytics), the more enhanced did-do analytics enables you to understand the…
Compact 2018/4 |
Transparency of information

IoTT: Internet of Trusted Things?

Door: M.A. Voorhout MSc | R.S. Verhoeven MSc

The value of trust in data and information has increased with the adoption of new technologies such as the Internet…
Compact 2018/4 |
Transparency of information

CuRVe – Analyzing Regulatory Reporting

Door: Ir. drs. M. el Morabit RMFI | D. Tesselaar MSc | H.D. Boomsma MSc | I.M. Dashorst MSc

Financial institutions are required to comply with regulatory reporting according the Capital Requirements Directive (CRD IV). This set of regulations…
Compact 2018/3 |
Trust in IT

Trusted analytics is more than trust in algorithms and data quality

Door: R.S. Verhoeven MSc | M.A. Voorhout MSc | R.F. van der Ham MSc

Trusting data for analytics provides challenges and opportunities for organizations. Companies are addressing data quality within source systems, but most…
Compact 2018/3 |
Trust in IT

Software Asset Management

Nieuwste uitgave van ISO 19770-norm creëert inzicht, transparantie en kostenbesparingen

Door: W.K. Pluim LLB | L.R. Huijsman MSc RE CISA

Een belangrijke voorwaarde om vertrouwen te hebben in een IT-omgeving zijn gedocumenteerde processen rondom softwaregebruik, inclusief bijbehorende licentievoorwaarden. Software Asset…
Compact 2018/3 |
Trust in IT

A practical perspective on the EBA ICT Risk Assessment Guidelines

Developments in regulatory oversight of ICT risk

Door: B. Beugelaar RE RA | A. Alam MSc RE CISA

The European Banking Authority (EBA) has issued guidelines for the assessment of the ICT risk at large banks which became…