Assuring the Cloud. Hans Bootsma Deloitte Risk Services +31 (0)

Size: px
Start display at page:

Download "Assuring the Cloud. Hans Bootsma Deloitte Risk Services hbootsma@deloitte.nl +31 (0)6 1098 0182"

Transcription

1 Assuring the Cloud Hans Bootsma Deloitte Risk Services +31 (0)

2 Need for Assurance in Cloud Computing Demand Fast go to market Support innovation Lower costs Access everywhere Increase efficiency Business driven Organization Challenges Rules and regulations Internal policies Integration Espionage Data leakage Data classification Concerns Compliance Sox / internal control Export Controls Privacy Continuity of the provider Reputation Where is my data? Security Confidentiality Availability Integrity Lock-In Assurance

3 Why is there a need for Assurance in Cloud Computing? GoGrid: We are not responsible for use or misuse of data by any third party, including, without limitation, providers of Third Party Products & Services AWS: We strive to keep Your Content secure, but cannot guarantee that we will be successful at doing so, given the nature of the Internet Rackspace: We do not promise that the Services will be uninterrupted, error free, or completely secure. You acknowledge that there are risks inherent in Internet connectivity that could result in the loss of your privacy, confidential information, and property Contract and SLA s not transparent and agreements hard to verify Existing standards provide some assurance but is this enough? ISO 2700x: no assurance for operating effectiveness ISAE3402/SAS70: not suitable for Cloud Computing, main focus on Internal Control over Financial Reporting Other standards have limited acceptance (e.g. Trust Services)

4 Developments in the area of Cloud assurance Cloud Security Alliance (CSA) becomes increasingly important. Key themes: Increase trust in Cloud providers is priority #1 Transparency and controls lead to trust Call for clear SLA s Create transparency in service levels (e.g. availability) Operating effectiveness of controls needs to be validated by third parties Move to continuous monitoring Location of data increasingly important, not only for EU American Institute of CPA s (AICPA) launched new standard: Service Organization Controls 2 Comparable to ISAE3402 but specifically aimed at Security Currently reports issued in the US (e.g. Microsoft)

5 Cloud Assurance: SOC 1, 2 & 3

6 SOC2 based on Trust Services principles Security: The system is protected against unauthorized access (both physical and logical). Availability: The system is available for operation and use as committed or agreed. Processing integrity: System processing is complete, accurate, timely, and authorized. Confidentiality: Information designated as confidential is protected as committed or agreed. Privacy: Personal information is collected, used, retained, disclosed, and disposed of in conformity with the commitments in the entity s privacy notice and with criteria set forth in Generally Accepted Privacy Principles GAPP issued by the AICPA and Canadian Institute of Chartered Accountants.

7 Infrastructure as a Service Platform as a Service Software as a Service How to apply SOC2 in Cloud Computing Security Security Physical Physical Logical (internal and external) Logical (incl. platform) Resource Resource provisioning/deprovisioning provisioning/deprovisioning Infra change management Infra/platform change Incident management management Availability Incident management Resource planning Availability Resiliency Resource planning BCP and Backup Resiliency Processing integrity BCP and Backup Environment configuration Processing integrity Data integrity Environment configuration SLA monitoring and usage Platform functionality reporting Confidentiality Data integrity SLA monitoring and usage Tenant due diligence reporting Deprovisioning of resources Confidentiality Privacy not applicable Tenant due diligence Comingling of data Data destruction Commitments Privacy Generally accepted privacy principles Security Physical Logical (incl. platform) Infra/application change management Incident management Availability Resource planning Resiliency BCP and Backup Processing integrity Application functionality and operation Data integrity SLA monitoring and usage reporting Confidentiality Tenant due diligence Comingling of data Data destruction Commitments Privacy Generally accepted privacy principles

8 New assurance: Continuous monitoring, more frequent reporting Normally, assurance reports cover a longer period of time. Report is issued once a year. Potentially telling an organisation that security measures have not been operating effectively over the last months. Increased demand for More frequent assurance reporting Increased demand for continuous insight in effectiveness of controls Identity management Data separation Availability... Concerns about the location of data is according to Gartner one of the main inhibitors for large scale adoption of cloud computing. In addition: Patriot Act and impact on datacenters in Europe Rules & regulations: US Export Regulation (ITAR, EAR, OFAC), Privacy National Banks (a.o. Dutch National Banks): circulaire on Cloud risk assessments Cyber security Espionage Lock-in and unstable economical environments Trust but verify US Companies have similar concerns. Today s allies can be tomorrow s enemy.

9 New assurance: data location Reactie van Minister van Justitie op Kamervragen over de impact van de Patriot Act op data opgeslagen bij Amerikaanse providers: Aan uw Kamer is toegezegd dat gegevens van de overheid binnen de grenzen van Nederland moeten worden opgeslagen, en dat de Rijksdienst van een gesloten Rijkscloud gebruik zal maken. Om te voorkomen, dat gegevens van de overheid (ook over burgers) in het kader van de Patriot Wet door de Verenigde Staten kunnen worden opgevraagd kan bij uitbesteding van rekencentra in het programma van eisen een eis worden opgenomen, dat het de leverancier nooit is toegestaan gegevens van de overheid (ook over Burgers) in het kader van de Patriot Wet aan de Verenigde Staten te leveren. Dit betekent feitelijk, dat bedrijven uit de Verenigde Staten bij dergelijke aanbestedingen en opdrachten worden uitgesloten. Patriot Act: Concern for many of our customers Not sure what the impact will be under the revised EU privacy rules: Revised EU regulation specifically states that no transfer outside the EU should occur without proper authorization from the EU Protection authorities, even if this is done because of a legal requirement or court order outside the EU. This will cause a lot of friction with legal requirements such as the Patriot act. I am sure in the next couple of months, there will be a lot of debate regarding the wording of the new EU Data protection regulation in this regard. DNB: Voor cloud computing dient hierbij expliciete aandacht besteed te worden aan de risico s die samenhangen met onder meer de integriteit, vertrouwelijkheid en beschikbaarheid van data. Tevens dient inzichtelijk te zijn op welke locatie de bedrijfsdata wordt bewerkt en opgeslagen 8

10

11 Assurance Move to the Cloud responsibly Agreed upon procedures ISAE3402/SOC2 Data location ISO 2700x Contract and SLA Basic service Application/data confidentiality

12 Hans Bootsma Deloitte Risk Services +31 (0)

GMP-Z Annex 15: Kwalificatie en validatie

GMP-Z Annex 15: Kwalificatie en validatie -Z Annex 15: Kwalificatie en validatie item Gewijzigd richtsnoer -Z Toelichting Principle 1. This Annex describes the principles of qualification and validation which are applicable to the manufacture

More information

CLOUD COMPUTING LESSONS LEARNED. Marc Vael, Chief Audit Executive Smals / President ISACA Belgium, November 2015

CLOUD COMPUTING LESSONS LEARNED. Marc Vael, Chief Audit Executive Smals / President ISACA Belgium, November 2015 CLOUD COMPUTING LESSONS LEARNED Marc Vael, Chief Audit Executive Smals / President ISACA Belgium, November 2015 WHEN WAS THE TERM USED FOR THE FIRST TIME? 26 th of October 1997 WHO HYPED ALL THIS? What's

More information

Met je hoofd in de wolken. Ard-Jan Glas

Met je hoofd in de wolken. Ard-Jan Glas Met je hoofd in de wolken Ard-Jan Glas Trend Hogere availability 24 uur per dag global customers Van mainframe naar distributed Omzet verlies door downtime Klanten stellen hogere eisen De volgende IT

More information

Uw partner in system management oplossingen

Uw partner in system management oplossingen Uw partner in system management oplossingen User Centric IT Bring your Own - Corporate Owned Onderzoek Forrester Welke applicatie gebruik je het meest op mobiele devices? Email 76% SMS 67% IM / Chat 48%

More information

Cloud Computing voor de overheid IBMs perspectief

Cloud Computing voor de overheid IBMs perspectief Cloud Computing voor de overheid IBMs perspectief Erik Rongen erik@nl.ibm.com Digitaal Bestuur, Januari 2011 2009 IBM Corporation Agenda What is Cloud computing (IBM Perspective) Steps to the Cloud 6 steps

More information

ABN AMRO Bank N.V. The Royal Bank of Scotland N.V. ABN AMRO Holding N.V. RBS Holdings N.V. ABN AMRO Bank N.V.

ABN AMRO Bank N.V. The Royal Bank of Scotland N.V. ABN AMRO Holding N.V. RBS Holdings N.V. ABN AMRO Bank N.V. Op 6 februari 2010 is de naam ABN AMRO Bank N.V. (geregistreerd bij de Kamer van Koophandel onder nummer 33002587) gewijzigd in The Royal Bank of Scotland N.V. Op 1 april 2010 is de naam van ABN AMRO Holding

More information

IP-NBM. Copyright Capgemini 2012. All Rights Reserved

IP-NBM. Copyright Capgemini 2012. All Rights Reserved IP-NBM 1 De bescheidenheid van een schaker 2 Maar wat betekent dat nu 3 De drie elementen richting onsterfelijkheid Genomics Artifical Intelligence (nano)robotics 4 De impact van automatisering en robotisering

More information

ISACA Roundtable. Cobit and Grab@Pizza 7 september 2015

ISACA Roundtable. Cobit and Grab@Pizza 7 september 2015 1 ISACA Roundtable 7 september 2015 ISACA Roundtable Cobit and Grab@Pizza 7 september 2015 2015 KPN Corporate Market B.V. ISACA, is a registered trademark of the Information Systems Audit and Control Association

More information

Cloud Security Introduction and Overview

Cloud Security Introduction and Overview Introduction and Overview Klaus Gribi Senior Security Consultant klaus.gribi@swisscom.com May 6, 2015 Agenda 2 1. Cloud Security Cloud Evolution, Service and Deployment models Overview and the Notorious

More information

what can we do with botnet data?

what can we do with botnet data? what can we do with botnet data? prof.dr. Ronald Leenes r.e.leenes@uvt.nl TILT - Tilburg Institute for Law, Technology, and Society background SURFnet (Dutch NREN) was offered 700 GB of data obtained from

More information

Platform voor Informatiebeveiliging IB Governance en management dashboards

Platform voor Informatiebeveiliging IB Governance en management dashboards Platform voor Informatiebeveiliging IB Governance en management dashboards Johan Bakker MSc CISSP ISSAP Principal Policy Advisor KPN Corporate Center Information Security Governance Agenda Drivers voor

More information

Examen Software Engineering 2010-2011 05/09/2011

Examen Software Engineering 2010-2011 05/09/2011 Belangrijk: Schrijf je antwoorden kort en bondig in de daartoe voorziene velden. Elke theorie-vraag staat op 2 punten (totaal op 24). De oefening staan in totaal op 16 punten. Het geheel staat op 40 punten.

More information

Advanced Metering Infrastructure

Advanced Metering Infrastructure Advanced Metering Infrastructure Research Project 2 Vic Ding SNE, UvA February 8th 2012 Agenda Background Research motivation and questions Research methods Research findings Stakeholders Legislation Smart

More information

PoliticalMashup. Make implicit structure and information explicit. Content

PoliticalMashup. Make implicit structure and information explicit. Content 1 2 Content Connecting promises and actions of politicians and how the society reacts on them Maarten Marx Universiteit van Amsterdam Overview project Zooming in on one cultural heritage dataset A few

More information

Citrix Access Gateway: Implementing Enterprise Edition Feature 9.0

Citrix Access Gateway: Implementing Enterprise Edition Feature 9.0 coursemonstercom/uk Citrix Access Gateway: Implementing Enterprise Edition Feature 90 View training dates» Overview Nederlands Deze cursus behandelt informatie die beheerders en andere IT-professionals

More information

How to manage Business Apps - Case for a Mobile Access Strategy -

How to manage Business Apps - Case for a Mobile Access Strategy - How to manage Business Apps - Case for a Mobile Access Strategy - Hans Heising, Product Manager Gábor Vida, Manager Software Development RAM Mobile Data 2011 Content Introduction 2 Bring your own device

More information

The Perfect Storm in IT

The Perfect Storm in IT The Perfect Storm in IT Nice to meet you. I m William ( @wvisterin ) Smart Business Strategies Smart Business Strategies The only Belgian IT magazine that takes the business manager in perspective Business

More information

Aan de Voorzitter van de Tweede Kamer der Staten-Generaal Postbus 20018 2500 EA DEN HAAG

Aan de Voorzitter van de Tweede Kamer der Staten-Generaal Postbus 20018 2500 EA DEN HAAG 1 > Retouradres Postbus 20301 2500 EH Den Haag Aan de Voorzitter van de Tweede Kamer der Staten-Generaal Postbus 20018 2500 EA DEN HAAG Turfmarkt 147 2511 DP Den Haag Postbus 20301 2500 EH Den Haag www.rijksoverheid.nl/venj

More information

Effectively using SOC 1, SOC 2, and SOC 3 reports for increased assurance over outsourced operations. kpmg.com

Effectively using SOC 1, SOC 2, and SOC 3 reports for increased assurance over outsourced operations. kpmg.com Effectively using SOC 1, SOC 2, and SOC 3 reports for increased assurance over outsourced operations kpmg.com b Section or Brochure name Effectively using SOC 1, SOC 2, and SOC 3 reports for increased

More information

Hoe kies je de juiste Microsoft Hosted Exchange Service Provider?

Hoe kies je de juiste Microsoft Hosted Exchange Service Provider? White Paper Cloud diensten zijn populairder dan ooit. Veel bedrijven zien nu dan ook de voordelen van het uitbesteden van bepaalde ICT onderdelen. Voordelen als: Beschikbaarheid van data, Snelle Implementatietijd

More information

Cloud. Gebruik. Cases.

Cloud. Gebruik. Cases. Cloud. Gebruik. Cases. Dé cloud bestaat niet. maakt cloud concreet 2 Overview Cloud Gebruik. Christiaan Hoos Alliance Manager Microsoft 3 Why Cloud? Cloud? 4 Cloud Promises... increase QoS improve Agility

More information

Netherlands National Contact Point OECD Guidelines for Multinational Enterprises. Lodewijk de Waal 23 October 2015

Netherlands National Contact Point OECD Guidelines for Multinational Enterprises. Lodewijk de Waal 23 October 2015 Netherlands National Contact Point OECD Guidelines for Multinational Enterprises Lodewijk de Waal 23 October 2015 De ondernemingsraad en MVO MVO moet geintegreerd onderdeel zijn van bedrijfsbeleid, het

More information

Risk-Based Monitoring

Risk-Based Monitoring Risk-Based Monitoring Evolutions in monitoring approaches Voorkomen is beter dan genezen! Roelf Zondag 1 wat is Risk-Based Monitoring? en waarom doen we het? en doen we het al? en wat is lastig hieraan?

More information

(Optioneel: We will include the review report and the financial statements reviewed by us in an overall report that will be conveyed to you.

(Optioneel: We will include the review report and the financial statements reviewed by us in an overall report that will be conveyed to you. 1.2 Example of an Engagement Letter for a Review Engagement N.B.: Dit voorbeeld van een opdrachtbevestiging voor een beoordelingsopdracht is gebaseerd op de tekst uit Standaard 2400, Opdrachten tot het

More information

Tradable Energy Saving Certificates (ESC) in The Netherlands - considerations & possible design

Tradable Energy Saving Certificates (ESC) in The Netherlands - considerations & possible design Tradable Energy Saving Certificates (ESC) in The Netherlands - considerations & possible design Hans Schneider 27 October 2005 Groningen Energy Convention CEA, new roads towards sustainability Outline

More information

NL VMUG UserCon March 19 2015

NL VMUG UserCon March 19 2015 NL VMUG UserCon March 19 2015 VMware Microsoft Let's look beyond the war on checkbox compliancy. Introductie Insight24 Technologie is een middel, geen doel 3x M (Mensen, Methoden, Middelen) & Organisatie

More information

Public. Big Data in ASML. Durk van der Ploeg. ASML System Engineering Product Industrialization, October 7, 2014 SASG @ NTS Eindhoven

Public. Big Data in ASML. Durk van der Ploeg. ASML System Engineering Product Industrialization, October 7, 2014 SASG @ NTS Eindhoven Big Data in ASML Durk van der Ploeg ASML System Engineering Product Industrialization, October 7, 2014 SASG @ NTS Eindhoven Slide 2 ASML Company (BIG) Machine Data in ASML Management and infrastructure

More information

ruimtelijk ontwikkelingsbeleid

ruimtelijk ontwikkelingsbeleid 38 S a n d e r O u d e E l b e r i n k Digitale bestemmingsplannen 3D MODELLING OF TOPOGRAPHIC Geo-informatie OBJECTS en BY FUSING 2D MAPS AND LIDAR DATA ruimtelijk ontwikkelingsbeleid in Nederland INTRODUCTION

More information

Informatiebeveiliging volgens ISO/IEC 27001:2013

Informatiebeveiliging volgens ISO/IEC 27001:2013 Informatiebeveiliging volgens ISO/IEC 27001:2013 Dave Hagenaars, directeur BSI Group Nederland Copyright 2012 BSI. All rights reserved. Inhoud Wie zijn wij? Waarom informatiebeveiliging? Wat is de relevantie

More information

CO-BRANDING RICHTLIJNEN

CO-BRANDING RICHTLIJNEN A minimum margin surrounding the logo keeps CO-BRANDING RICHTLIJNEN 22 Last mei revised, 2013 30 April 2013 The preferred version of the co-branding logo is white on a Magenta background. Depending on

More information

100 Series Keyboard Tray Pivot

100 Series Keyboard Tray Pivot 00 Series Keyboard Tray Pivot INSTALLATION MANUAL USA -800-888-8458 Europe +3 0 3.9.39 A B 3/3" 4x 8-3 x 5/6" Ergonomics Ergonomía Ergonomie Ergonomi 888-99-04 REMOVE PIVOT COVERS IF ALREADY ATTACHED.

More information

The state of DIY. Mix Express DIY event Maarssen 14 mei 2014

The state of DIY. Mix Express DIY event Maarssen 14 mei 2014 The state of DIY!! Mix Express DIY event Maarssen 14 mei 2014 Inleiding Mix press DIY sessie Maarssen 14 mei 2014 Deze presentatie is gemaakt voor het Mix DIY congres en gebaseerd op onze analyse van de

More information

Principles of Fund Governance BNP Paribas Investment Partners Funds (Nederland) N.V.

Principles of Fund Governance BNP Paribas Investment Partners Funds (Nederland) N.V. Principles of Fund Governance BNP Paribas Investment Partners Funds (Nederland) N.V. Versie november 2012 Inleiding Het doel van de Principles of Fund Governance (verder Principles ) is het geven van nadere

More information

Hot Topics Treasury Seminar

Hot Topics Treasury Seminar Hot Topics Treasury Seminar Supplier financing 18 June, 2015 Discover and unlock your potential 1 Program 1. A WCM Opportunity 2. The Concept 3. Business Case 4. Platforms 5. P2P Process Optimisation 6.

More information

IC Rating NPSP Composieten BV. 9 juni 2010 Variopool

IC Rating NPSP Composieten BV. 9 juni 2010 Variopool IC Rating NPSP Composieten BV 9 juni 2010 Variopool AGENDA: The future of NPSP Future IC Rating TM NPSP Composieten BV 2 Bottom line 3 Bottom line 4 Definition of Intangibles The factors not shown in the

More information

Logging en Monitoring - privacy, beveiliging en compliance Enkele praktijkvoorbeelden

Logging en Monitoring - privacy, beveiliging en compliance Enkele praktijkvoorbeelden Logging en Monitoring - privacy, beveiliging en compliance Enkele praktijkvoorbeelden Pascal Oetiker Security Management Solutions Novell EMEA poetiker@novell.com Privacy- en compliance-druk PCI-DSS NEN

More information

Security Assessment Report

Security Assessment Report Security Assessment Report Prepared by: Opmerking: Alle informatie in dit rapport is uitsluitend bestemd voor gebruik bij bovenvermelde client. Het kan vertrouwelijke en persoonlijke informatie bevatten

More information

UvA college Governance and Portfolio Management

UvA college Governance and Portfolio Management UvA college Han Verniers Principal Consultant Han.Verniers@LogicaCMG.com Programma Governance IT Governance, wat is dat? Governance: structuren, processen, instrumenten Portfolio Management Portfolio Management,

More information

SOC Readiness Assessments. SOC Report - Type 1. SOC Report - Type 2. Building Trust and Confidence in Third-Party Relationships

SOC Readiness Assessments. SOC Report - Type 1. SOC Report - Type 2. Building Trust and Confidence in Third-Party Relationships Building Trust and Confidence in Third-Party Relationships Today s businesses rely heavily on outsourcing certain business tasks or functions to service organizations, even those that are core to their

More information

Data Driven Strategy. BlinkLane Consul.ng Amsterdam, 10 december 2013. Ralph Hofman Arent van t Spijker

Data Driven Strategy. BlinkLane Consul.ng Amsterdam, 10 december 2013. Ralph Hofman Arent van t Spijker Data Driven Strategy BlinkLane Consul.ng Amsterdam, 10 december 2013 Ralph Hofman Arent van t Spijker 1 Data Driven Strategy 08.00 08.05 Welkom 08:05 08.20 Data Driven Strategy 08.20 08.30 Het Business

More information

Citrix XenApp and XenDesktop Fast Track

Citrix XenApp and XenDesktop Fast Track Citrix XenApp and XenDesktop Fast Track Duration: 5 Days Course Code: CMB-207 Overview: Deze 5-daagse Fast Track training biedt studenten de basis die nodig is om effectief desktops en applicaties in het

More information

Information Security Governance

Information Security Governance Information Security Governance Aart Bitter Aart.Bitter@information-security-governance.com Agenda Governance & Compliance Information Security Governance Aanpak om information security governance in organisaties

More information

Use of trademarks with a reputation as Adwords by competitors: Permissible comparative advertising or impermissible coat-tail riding / dilution?

Use of trademarks with a reputation as Adwords by competitors: Permissible comparative advertising or impermissible coat-tail riding / dilution? Use of trademarks with a reputation as Adwords by competitors: Permissible comparative advertising or impermissible coat-tail riding / dilution? On Thursday March 24, 2011 The Trademark Law Institute (TLI)

More information

Ons privacybier. Derde privacycafé Data Protection Institute 13 januari 2016 Thomas More Mechelen 21/01/16

Ons privacybier. Derde privacycafé Data Protection Institute 13 januari 2016 Thomas More Mechelen 21/01/16 21/01/16 Derde privacycafé Data Protection Institute 13 januari 2016 Thomas More Mechelen 1 Privacycafé copyright 2016 Data Protec7on Ins7tute BVBA Ons privacybier 2 Privacycafé copyright 2016 Data Protec7on

More information

Network Assessment Client Risk Report Demo

Network Assessment Client Risk Report Demo Network Assessment Client Risk Report Demo Prepared by: Henry Knoop Opmerking: Alle informatie in dit rapport is uitsluitend bestemd voor gebruik bij bovenvermelde client. Het kan vertrouwelijke en persoonlijke

More information

Dutch Mortgage Market Pricing On the NMa report. Marco Haan University of Groningen November 18, 2011

Dutch Mortgage Market Pricing On the NMa report. Marco Haan University of Groningen November 18, 2011 Dutch Mortgage Market Pricing On the NMa report Marco Haan University of Groningen November 18, 2011 Introductory remarks My comments are complementary: I do not focus so much on this market as such, more

More information

DO BUSINESS WITH 1.000 FINANCIALS

DO BUSINESS WITH 1.000 FINANCIALS 2015 // unlock the power of technology DO BUSINESS WITH 1.000 FINANCIALS Show you r worth as an IT partner a t the 4th Financial Systems fair www.financialsystems.n l THURSDAY 21 MAY 2015 - NBC CONFERENCE

More information

Adopting Cloud Computing with a RISK Mitigation Strategy

Adopting Cloud Computing with a RISK Mitigation Strategy Adopting Cloud Computing with a RISK Mitigation Strategy TS Yu, OGCIO 21 March 2013 1. Introduction 2. Security Challenges Agenda 3. Risk Mitigation Strategy Before start using When using 4. Policy & Guidelines

More information

Maximizer Synergy. info@adafi.be BE 0415.642.030. Houwaartstraat 200/1 BE 3270 Scherpenheuvel. Tel: +32 495 300612 Fax: +32 13 777372

Maximizer Synergy. info@adafi.be BE 0415.642.030. Houwaartstraat 200/1 BE 3270 Scherpenheuvel. Tel: +32 495 300612 Fax: +32 13 777372 Maximizer Synergy Adafi Software is een samenwerking gestart met Advoco Solutions, een Maximizer Business Partner uit Groot Brittannië. Advoco Solutions heeft een technologie ontwikkeld, genaamd Synergy,

More information

Opportunities in the South Korean cheese market. Kansendossier Zuid-Korea

Opportunities in the South Korean cheese market. Kansendossier Zuid-Korea Opportunities in the South Korean cheese market Kansendossier Zuid-Korea Inhoud 1 Opportunities in the South Korean cheese market 3 1.1 1.2 Fast growing market 3 Premiumization 4 1.3 High potentials in

More information

IJkdijk: June 24 2007 04:33:06

IJkdijk: June 24 2007 04:33:06 IJkdijk: June 24 2007 04:33:06 IJkdijk tens of thousends kilometers of dike, next generation internet, Grid & business Robert Meijer De IJkdijk: De samenhang tussen tienduizenden kilometers dijkproblemen,

More information

SOC on Amazon Web Services (AWS) What You Need To Know Understanding the regulatory roadmap for SOC on AWS

SOC on Amazon Web Services (AWS) What You Need To Know Understanding the regulatory roadmap for SOC on AWS SOC on Amazon Web Services (AWS) What You Need To Know Understanding the regulatory roadmap for SOC on AWS Jeff Cook November 2015 Summary Service Organization Control (SOC) reports (formerly SAS 70 or

More information

Opportunity Report on Korean gaming Kansendossier Korea

Opportunity Report on Korean gaming Kansendossier Korea Opportunity Report on Korean gaming Kansendossier Korea Game is not a new field in Korea. It is a major industry in Korea, accounting for 55% of the cultural contents export in 2011. E-sports, where gaming

More information

ABN AMRO Bank N.V. The Royal Bank of Scotland N.V. ABN AMRO Holding N.V. RBS Holdings N.V. ABN AMRO Bank N.V.

ABN AMRO Bank N.V. The Royal Bank of Scotland N.V. ABN AMRO Holding N.V. RBS Holdings N.V. ABN AMRO Bank N.V. Op 6 februari 2010 is de naam ABN AMRO Bank N.V. (geregistreerd bij de Kamer van Koophandel onder nummer 33002587) gewijzigd in The Royal Bank of Scotland N.V. Op 1 april 2010 is de naam van ABN AMRO Holding

More information

Digitale muziekbewerking en productie

Digitale muziekbewerking en productie 16 februari 2009 Totaal model hardware (audio & midi) mengtafel fx synthesizer drumcomputer sampler sequencer keyboard Software sequencers: Cubase, Ableton, enz. mengtafel fx synthesizer drumcomputer sampler

More information

MAYORGAME (BURGEMEESTERGAME)

MAYORGAME (BURGEMEESTERGAME) GATE Pilot Safety MAYORGAME (BURGEMEESTERGAME) Twan Boerenkamp Who is it about? Local council Beleidsteam = GBT or Regional Beleidsteam = RBT Mayor = Chairman Advisors now = Voorlichting? Official context

More information

Het Secure Datacenter

Het Secure Datacenter Het Secure Datacenter If trust and reliability matters Michiel Steltman CTO Siennax Drivers voor IT Security Financiële aansprakelijkheid Sox, Basel II Persoonlijke aansprakelijkheid van managers Operationele

More information

Intermedia s Dedicated Exchange

Intermedia s Dedicated Exchange Intermedia s Dedicated Exchange This is a practical guide to implementing Intermedia s Dedicated Hosted Exchange on AWS. Intermedia, the world s independent provider of Hosted Exchange, and AWS, the leading

More information

ABN AMRO Bank N.V. The Royal Bank of Scotland N.V. ABN AMRO Holding N.V. RBS Holdings N.V. ABN AMRO Bank N.V.

ABN AMRO Bank N.V. The Royal Bank of Scotland N.V. ABN AMRO Holding N.V. RBS Holdings N.V. ABN AMRO Bank N.V. Op 6 februari 2010 is de naam ABN AMRO Bank N.V. (geregistreerd bij de Kamer van Koophandel onder nummer 33002587) gewijzigd in The Royal Bank of Scotland N.V. Op 1 april 2010 is de naam van ABN AMRO Holding

More information

Service Organization Controls. Managing Risks by Obtaining a Service Auditor s Report

Service Organization Controls. Managing Risks by Obtaining a Service Auditor s Report Service Organization Controls Managing Risks by Obtaining a Service Auditor s Report Contributing Authors Audrey Katcher, CPA/CITP, Partner at RubinBrown, LLP Janis Parthun, CPA/CITP, Sr. Technical Manager

More information

How to ensure control and security when moving to SaaS/cloud applications

How to ensure control and security when moving to SaaS/cloud applications How to ensure control and security when moving to SaaS/cloud applications Stéphane Hurtaud Partner Information & Technology Risk Deloitte Laurent de la Vaissière Directeur Information & Technology Risk

More information

Cloud Computing An Auditor s Perspective

Cloud Computing An Auditor s Perspective Cloud Computing An Auditor s Perspective Sailesh Gadia, CPA, CISA, CIPP sgadia@kpmg.com December 9, 2010 Discussion Agenda Introduction to cloud computing Types of cloud services Benefits, challenges,

More information

De tarieven van Proximus Niet meer gecommercialiseerde Bizz packs

De tarieven van Proximus Niet meer gecommercialiseerde Bizz packs De tarieven van Proximus Niet meer gecommercialiseerde Bizz packs Juli 2015 Prijzen in Euro Telephony Belgacom Mobile Voice Internet TV Excl. BTW Incl. BTW Pack Business Intense Ltd + ADSL Internet Maxi

More information

NOVEMBER/DECEMBER 2014. Netherlands Society Rotorua (Inc) Geyser News

NOVEMBER/DECEMBER 2014. Netherlands Society Rotorua (Inc) Geyser News NOVEMBER/DECEMBER 2014 Netherlands Society Rotorua (Inc) Geyser News Club building at Neil Hunt Park, Lynmore, PO Box 1526, Rotorua Anneke Meerkerk President/caterer 357 4273 Douwe Visser Vice President/editor

More information

ITCulinair Cisco InterCloud

ITCulinair Cisco InterCloud ITCulinair Cisco InterCloud Uw Rijstleiders : Harald de Wilde & Niels van den Berg Strategic Partner Business Development Data Center Virtualizatie & Cloud Cisco Confidential 2 Waarom Hybride? Controle

More information

Service Organization Controls. Managing Risks by Obtaining a Service Auditor s Report

Service Organization Controls. Managing Risks by Obtaining a Service Auditor s Report Service Organization Controls Managing Risks by Obtaining a Service Auditor s Report Contributing Authors Audrey Katcher, CPA, CITP, Partner at RubinBrown, LLP Janis Parthun, CPA, CITP, Sr. Technical Manager

More information

Compliance in the Cloud: A Pragmatic Approach to SOC2 and PCI compliance

Compliance in the Cloud: A Pragmatic Approach to SOC2 and PCI compliance : A Pragmatic Approach to SOC2 and PCI compliance The Cadence Group is a professional services firm specializing in financial and IT compliance and risk management services. Our value proposition includes:

More information

ACTIVITIES AT THE STEUNPUNT O&O STATISTIEKEN. Koenraad Debackere

ACTIVITIES AT THE STEUNPUNT O&O STATISTIEKEN. Koenraad Debackere ACTIVITIES AT THE STEUNPUNT O&O STATISTIEKEN Koenraad Debackere The most important task of the Steunpunt O&O Statistieken is the development of an appropriate system of indicators to quantify R&D efforts

More information

INSEAD ALUMNI ASSOCIATION THE NETHERLANDS EVENT CALENDAR

INSEAD ALUMNI ASSOCIATION THE NETHERLANDS EVENT CALENDAR INSEAD ALUMNI ASSOCIATION THE NETHERLANDS EVENT CALENDAR Corporate Sponsors of the INSEAD Alumni Association of The Netherlands Booking Form This booking form is for your convenience as well as to give

More information

Relationele Databases 2002/2003

Relationele Databases 2002/2003 1 Relationele Databases 2002/2003 Hoorcollege 5 22 mei 2003 Jaap Kamps & Maarten de Rijke April Juli 2003 Plan voor Vandaag Praktische dingen 3.8, 3.9, 3.10, 4.1, 4.4 en 4.5 SQL Aantekeningen 3 Meer Queries.

More information

Load Balancing Lync 2013. Jaap Wesselius

Load Balancing Lync 2013. Jaap Wesselius Load Balancing Lync 2013 Jaap Wesselius Agenda Introductie Interne Load Balancing Externe Load Balancing Reverse Proxy Samenvatting & Best Practices Introductie Load Balancing Lync 2013 Waarom Load Balancing?

More information

Tooway 2015 prices / prijslijst

Tooway 2015 prices / prijslijst Tooway Nederland Bergstraat 25 558BL Waalre +340-223656 mailbox@rian-bv.nl info@internetbysatellite.eu Hardware en B2B prijzen zijn excl.btw. Consumer Abonnement prijzen zijn incl. Btw. Tooway 205 prices

More information

TELECOM SOCIETY 2 JULI 2015. Over de moeizame verhouding tussen de privacywet en big data. En wat we daaraan kunnen doen. prof mr.

TELECOM SOCIETY 2 JULI 2015. Over de moeizame verhouding tussen de privacywet en big data. En wat we daaraan kunnen doen. prof mr. TELECOM SOCIETY 2 JULI 2015 Over de moeizame verhouding tussen de privacywet en big data. En wat we daaraan kunnen doen prof mr. Gerrit-Jan Zwenne roadmap A. WTF is IoT? What is datafication? And what

More information

Big Data.. Big Business?

Big Data.. Big Business? Big Data.. Big Business? or just another hype? Frank De Saer, CIO FOD Economie http://economie.fgov.be Big data is een (mode)term om aan te duiden dat je veel en snel veranderende gegevens uit meerdere

More information

Oversight Management: een zinvolle aanvulling!

Oversight Management: een zinvolle aanvulling! Oversight Management: een zinvolle aanvulling! Houfhoff Pension Fund Academy Christiaan Tromp info@fiduciaryservices.eu April 2012 1 Agenda The Fiduciary Management promise The evolution of Pension Fund

More information

Hans Bos Microsoft Nederland. hans.bos@microsoft.com

Hans Bos Microsoft Nederland. hans.bos@microsoft.com Hans Bos Microsoft Nederland Email: Twitter: hans.bos@microsoft.com @hansbos Microsoft s Cloud Environment Consumer and Small Business Services Software as a Service (SaaS) Enterprise Services Third-party

More information

Orchestrating the New Paradigm Cloud Assurance

Orchestrating the New Paradigm Cloud Assurance Orchestrating the New Paradigm Cloud Assurance Amsterdam 17 January 2012 John Hermans - Partner Current business challenges versus traditional IT Organizations are challenged with: Traditional IT seems

More information

Business opportunities by legislative developments in infrastructure, environment, water and waste management

Business opportunities by legislative developments in infrastructure, environment, water and waste management Source: Agency NL Poland: Business opportunities by legislative developments in infrastructure, environment, water and waste management 05-07-2012 1-6 1.1 Motorways National roads and motorways are owned

More information

IT-waardeketen management op basis van eeuwenoude supply chain kennis

IT-waardeketen management op basis van eeuwenoude supply chain kennis IT-waardeketen management op basis van eeuwenoude supply chain kennis Hans van Aken / November 28, 2012 Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject

More information

The Chinese market for environmental and water technology. Kansendossier China

The Chinese market for environmental and water technology. Kansendossier China The Chinese market for environmental and water technology Kansendossier China Kansendossier The Chinese market for environmental and water Technology Datum 2 5 2013 Agentschap NL is een agentschap van

More information

OGH: : 11g in de praktijk

OGH: : 11g in de praktijk OGH: : 11g in de praktijk Real Application Testing SPREKER : E-MAIL : PATRICK MUNNE PMUNNE@TRANSFER-SOLUTIONS.COM DATUM : 14-09-2010 WWW.TRANSFER-SOLUTIONS.COM Real Application Testing Uitleg Real Application

More information

Voorbeeld. Preview. Disability Care. Certification scheme >

Voorbeeld. Preview. Disability Care. Certification scheme > Certification scheme > Disability Care Version 2008 Dit document mag slechts op een stand-alone PC worden geinstalleerd. Gebruik op een netwerk is alleen. toestaan als een aanvullende licentieovereenkomst

More information

SSAE 16 Everything You Wanted To Know But Are Afraid To Ask. Kurt Hagerman CISA, CISSP, QSA Managing Director, Coalfire December 8, 2011

SSAE 16 Everything You Wanted To Know But Are Afraid To Ask. Kurt Hagerman CISA, CISSP, QSA Managing Director, Coalfire December 8, 2011 SSAE 16 Everything You Wanted To Know But Are Afraid To Ask Kurt Hagerman CISA, CISSP, QSA Managing Director, Coalfire December 8, 2011 1 Agenda SAS 70 Misunderstood and Overused o Why the change? SSAE

More information

Dierenwelzijn in Nederland & Europa

Dierenwelzijn in Nederland & Europa Dierenwelzijn in Nederland & Europa Gluren bij de buren: Dierenwelzijn in internationaal verband 12 maart 2014 - Hans Spoolder Op dierenwelzijnsgebied behoort Nederland tot de koplopers Van belang is dat

More information

COOLS COOLS. Cools is nominated for the Brains Award! www.brainseindhoven.nl/nl/top_10/&id=507. www.cools-tools.nl. Coen Danckmer Voordouw

COOLS COOLS. Cools is nominated for the Brains Award! www.brainseindhoven.nl/nl/top_10/&id=507. www.cools-tools.nl. Coen Danckmer Voordouw Name Nationality Department Email Address Website Coen Danckmer Voordouw Dutch / Nederlands Man and Activity info@danckmer.nl www.danckmer.nl Project: Image: Photographer: Other images: COOLS CoenDVoordouw

More information

Het Dynamisch Datacenter uitgelicht. Arne Peleman

Het Dynamisch Datacenter uitgelicht. Arne Peleman Het Dynamisch Datacenter uitgelicht Arne Peleman Wie ben ik? Name: Work: Arne Peleman Solution Team Lead Ferranti Computer Systems Twitter: Blog: @arnepeleman http://scug.be/blogs/arne Email: arne.peleman@ferranti.be

More information

Hoe onze wereld aan het veranderen is

Hoe onze wereld aan het veranderen is Hoe onze wereld aan het veranderen is Michiel Schaalje CTO Cisco Nederland Sinds 1996 actief binnen Cisco Vanaf 2006 verantwoordelijk voor o.a. de gehele Nederlandse presales organisatie Richt zich vanuit

More information

The Changing SAS 70 Landscape Dan Hirstein Director Rebecca Goodpasture Senior Manager Deloitte & Touche LLP January 13, 2011

The Changing SAS 70 Landscape Dan Hirstein Director Rebecca Goodpasture Senior Manager Deloitte & Touche LLP January 13, 2011 The Changing SAS 70 Landscape Dan Hirstein Director Rebecca Goodpasture Senior Manager Deloitte & Touche LLP January 13, 2011 Table of Contents A Short History of SAS 70 Overview of SSAE 16 and ISAE 3402

More information

Anton Wilsens. The LIRIS Academy 2010-2011 Keys to a successful mobile channel in the Financial Services Sector and beyond

Anton Wilsens. The LIRIS Academy 2010-2011 Keys to a successful mobile channel in the Financial Services Sector and beyond LAC - "Architectuur voor nieuwe business modellen in de cloud" The LIRIS Academy 2010-2011 Keys to a successful mobile channel in the Financial Sector and beyond Anton Wilsens Mobile is coming no, wait

More information

ABN AMRO Bank N.V. The Royal Bank of Scotland N.V. ABN AMRO Holding N.V. RBS Holdings N.V. ABN AMRO Bank N.V.

ABN AMRO Bank N.V. The Royal Bank of Scotland N.V. ABN AMRO Holding N.V. RBS Holdings N.V. ABN AMRO Bank N.V. Op 6 februari 2010 is de naam ABN AMRO Bank N.V. (geregistreerd bij de Kamer van Koophandel onder nummer 33002587) gewijzigd in The Royal Bank of Scotland N.V. Op 1 april 2010 is de naam van ABN AMRO Holding

More information

Brad Smith, General Counsel & Executive Vice President, Legal and Corporate Affairs, Microsoft

Brad Smith, General Counsel & Executive Vice President, Legal and Corporate Affairs, Microsoft Brad Smith, General Counsel & Executive Vice President, Legal and Corporate Affairs, Microsoft 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows and other product names are or may be

More information

Reports on Service Organizations Where we ve been?

Reports on Service Organizations Where we ve been? Reports on Service Organizations Where we ve been? What s changing? How does this impact Internal Audit? Eric Wright Shareholder Frank Dezort Senior Manager Schneider Downs & Co., Inc. May 2, 2011 Overview

More information

Key Considerations of Regulatory Compliance in the Public Cloud

Key Considerations of Regulatory Compliance in the Public Cloud Key Considerations of Regulatory Compliance in the Public Cloud W. Noel Haskins-Hafer CRMA, CISA, CISM, CFE, CGEIT, CRISC 10 April, 2013 w_haskins-hafer@intuit.com Disclaimer Unless otherwise specified,

More information

Software VOC netwerkbijeenkomst De kansen van OEM. Hans Schut OEM Partner Manager Nederland 9 juli 2014

Software VOC netwerkbijeenkomst De kansen van OEM. Hans Schut OEM Partner Manager Nederland 9 juli 2014 Software VOC netwerkbijeenkomst De kansen van OEM Hans Schut OEM Partner Manager Nederland 9 juli 2014 Wat is OEM? Het principe Wanneer een bedrijf zijn producten verkoopt aan andere bedrijven, en dat

More information

Word -Introduction. Contents

Word -Introduction. Contents Introduction Everything about tables Mail merge and labels Refreshment of the basics of Word Increasing my efficiency : tips & tricks New in Word 2007 Standard - corporate documents What is new in Word

More information

How to deliver Self Service IT Automation

How to deliver Self Service IT Automation How to deliver Self IT Automation Roeland Verhoeven, Manager Cloud Supply Chain Simac ICT Rien du Pre, HP Cloud Solution Architect Datum: 17-06-2014 Hoe te komen tot een Self Customer Centric Portal Er

More information

Nuances in de roadmap naar Open Science

Nuances in de roadmap naar Open Science Nuances in de roadmap naar Open Science OPEN SCIENCE SPARC.ORG dissemination of results of research is an essential, inseparable component of the research process Wikipedia Open science is the movement

More information

SAS No. 70, Service Organizations

SAS No. 70, Service Organizations SAS No. 70, Service Organizations A standard for reporting on a service organization s controls affecting user entities' financial statements. Only for use by service organization management, existing

More information

employager 1.0 design challenge

employager 1.0 design challenge employager 1.0 design challenge a voyage to employ(ment) EMPLOYAGER 1.0 On the initiative of the City of Eindhoven, the Red Bluejay Foundation organizes a new design challenge around people with a distance

More information

Sustainability Impact Assessment Tool

Sustainability Impact Assessment Tool Welcome Land use change Impact indicators Risk assessment Sustainability Impact Assessment Tool To o l s f o r E n v i r o n m e n t a l, S o c i a l a n d E c o n o m i c E f f e c t s o f M u l t i-f

More information