journal header

Volume 2, 2016

This Week's Online-Exclusive Feature

Internet Security Audits for Government: An Overview of the Lessons Learned in the Netherlands
27 April 2016
Jeroen van Lewe, CISA, CEH, CIA, ECSA

The number of attacks on government web sites continues to increase. In June 2015, Canadian government web sites were hit by a large-scale cyberattack. In the Netherlands, large-scale cyberattacks on government web sites began in 2011. In 2012, the Dutch government decided to use IT audits as one of the remedies for this issue. This decision, and the compulsory approach for audit in the Netherlands, had a major impact on the IT audit profession. At the end of 2014, members of parliament raised questions regarding the value of the IT audits on government web sites when media outlets reported on vulnerabilities in web sites of municipalities.

In countries where politicians and citizens are considering deploying IT audits on a large scale to diminish the chance of a cyberattack on government web sites, it is useful to see the lessons learned and the challenges experienced in the Netherlands as a result of mandatory IT audits. Read More >>

Indicates Online-Exclusive Content

 

 


This Week's Featured Author Blog

Experiences During Government-mandated Audits
28 April 2016
Jeroen van Lewe, CISA, CEH, CIA, ECSA

My recent Journal article is a case study about mandatory audits in the Netherlands. I am interested in comparing similar events on an international scale. I have already researched sectorwide IT projects to improve government services to citizens. In my opinion, the insights drawn from these comparisons are valuable. One can use these insights to avoid the same difficulties. It can save a lot of time and money if you can learn from insights gained elsewhere.

In the Netherlands, a digital crisis in 2011 resulted in many different types of changes over a short period of time. Some of the changes were mandatory IT audits and changes in the approach to IT audits. Read More >>

Indicates Online-Exclusive Content

 

 


What's New for Nonmembers

IS Audit Basics Articles

Is There Such a Thing as a Bad IS Auditor? Part 2

Is There Such a Thing as a Bad IS Auditor? Part 1

Trust, but Verify

Auditors and Large Software Projects, Part 3

The Soft Skills Challenge, Part 3: Dealing With Conflict

Auditors and Large Software Projects, Part 2

 

Full Journal Issues

Volume 2, 2015 Opportunities and Challenges of New Technology

Volume 1, 2015 Analytics and Risk Intelligence

Volume 6, 2014 Cybersecurity

Volume 5, 2014 Mobile Devices

Volume 4, 2014 Governance and Management of Enterprise IT (GEIT)

Volume 3, 2014 Big Data