INTOSAI Development Initiative

Supporting effective, accountable and inclusive Supreme Audit Institutions

Leveraging on Technological Advancement

LOTA Talks on Cybersecurity

IDI is pleased to invite you to join the 3rd edition of LOTA Talks.

This time we will talk about Cybersecurity.

The interpretation will be available in Arabic, French, English and Spanish.

ūüēí 22nd November 2023 | 14:00 - 17:00 CET

Poster: Download Poster

Register: HERE

Our speakers:

Performance Audit of Preparedness for Cybersecurity: Bhutan Experience
Photo   Kinley Zam
Kinley Zam | Performance Auditor, SAI Bhutan

Kinley Zam, a seasoned Performance Auditor at SAI Bhutan since 2008, is known for her pioneering work in Performance auditing. She has a Master's in IT from Murdoch University, Australia. As an active contributor to knowledge-sharing initiatives, she provides training on performance auditing, IT auditing, data analysis and communication skills. Kinley is an alumni of the IDI's SAI Young Leader Programme.

Audit of Cybersecurity
 Photo   Renato Braga
Renato Braga | Security Information Audit Manager, SAI Brazil

Renato is a Security Information Audit Manager from the Brazilian Federal Court of Accounts (Tribunal de Contas da Uni√£o). He has 21 years of auditing experience, 11 of which are in IT auditing. Renato has the following certifications: CISA, CFE,  CIA,  CGAP,  CCSA, CRMA, DPO, CRTP, OSWP, eJPT, CySA+, and Security+.

 Photo   Andre Torres
Andre Torres | Cybersecurity Specialist, SAI Brazil

Andre is a Cybersecurity specialist from the Brazilian Federal Court of Accounts (Tribunal de Contas da Uni√£o). He has 18 years of cybersecurity experience. Andre's focus is on incident response, vulnerability management and offensive security. He has the following certifications: CRTE, CRTP, CESP ADCS, PNPT, eCPPTv2, eWPT, eJPT, CASP+, PenTest+, CySA+, Security+, and Linux+.

Audit of Zero Trust Architecture
 Photo   Jeffrey Knott
Jeffrey Knott | Assistant Director, IT and Cybersecurity, SAI USA

Jeff Knott is an Assistant Director within the Information Technology and Cybersecurity team at the U.S. Government Accountability Office (GAO). He leads engagements that focus on an array of cybersecurity issues, including reviews at the government-wide, agency-specific, and system-specific levels. Jeff joined GAO in 1992 and has performed reviews at most federal agencies. He is a certified information system auditor. He earned a bachelor of science degree in computer science from the University of Mississippi and a master’s degree in business administration, with a concentration in information systems, from the University of Texas at Arlington.

 Photo   Kevin Smith
Kevin Smith | Senior Analyst, IT and Cybersecurity, SAI USA

Kevin Smith is a Senior Analyst within the Information Technology and Cybersecurity team at the U.S. Government Accountability Office (GAO). He manages engagements that focus on cybersecurity issues, including reviews at the government-wide, agency-specific, and system-specific levels. Kevin joined GAO in 2018 and has performed reviews at many federal agencies. He earned a bachelor of science degree in physics and a master’s degree in information science from the University of Michigan.

Cyber Security in a rapidly evolving Space industry 
  Photo   George Tountas
George Tountas | Senior Manager, Information Security Management, SES

George has a background in Computer Science and holds an M.Sc. Information Security from University College London. He has been working on Cyber Security and IT Audit for more than 13 years. He is passionate about the topic and loves to collaborate with teams to get the best and most secure solutions. Currently, he is a Senior Manager in Information Security Management at SES, a global satellite communications provider. He is CISA and CISSP certified. 

Cybersecurity and data protection
 Photo   Kareem Ismail
Kareem Ismail | Senior Auditor, SAI Egypt

Kareem is the Senior Auditor, with over 12 years of experience in Auditing at the Supreme Audit Institution of Egypt, known as Accountability State Authority. He has a Bachelor's degree in Accounting and Finance from Cairo University and a Master's degree in Information Systems from DePaul University in the United States of America. Kareem is an active team member of two INTOSAI working groups - WGITA (Working Group of Information Technology Audit) and WGBD (Working Group of Big Data). 

Cybersecurity and data protection guidelines

Photo   Roberto Hernandez
Roberto Hernandez Rojas Valderrama | General IT Audit Director, SAI Mexico

Roberto is the General IT Audit director in the Superior Audit of Mexico with more than 30 years of experience IT Audit Governance, risk and Cybersecurity. He is in charge of IT compliance audits and cybersecurity evaluations (based on NIST Cybersecurity Framework, Basel III, PCI, CSI and CCCM) in different government sectors, such as financial, energy, health, social development, telecommunications, and national security. He is also in charge of the Big Data and Analytics initiative and project leader of Cybersecurity and data protection guidelines in the Working Group of IT Audit WGITA. Roberto is a Subject Matter Expert in many IT standard-setting committees and in Cloud Security.

Cyber security and internal auditors
 Photo   Jose Manuel
José Manuel Espinoza Reyes | System Engineer, SAI Costa Rica

José is a system engineer with more than 20 years of working in Information Technologies, 7 years of experience in IT Audits and coordinator of Information Technology Audit teams at the SAI Costa Rica. He is a teacher in the IT Engineering program at the National Technical University.

 

Come join LOTA Talks and let us make the world a safer place!‚Äč‚Äč

Register: HERE

For more information on the LOTA initiative, please visit:

https://www.idi.no/work-streams/relevant-sais/lota

LOTA Scan Tool is now available and published in 4 languages

LOTA Scan: A tool for Supreme Audit Institutions

In response to this rapidly changing environment and technology development, IDI has developed a LOTA Scan Tool to help SAIs in making better use of technology in fulfilling their audit mandates, by planning technology-specific audits, developing technology skills and introducing new technologies into the SAI audit practice.

The LOTA Scan aims to provide SAIs with a tool to analyse their internal and external environment in the use technology in audits and use of technology by governments. The LOTA Scan part related to external environment assessment helps to identify areas where technology audits are required and outlining technology-related audit projects to be included in LOTA Strategy. At the same time, external environment assessment helps to identify the technological needs of SAI for using technology in audits. In turn, the internal environment assessment helps to assess the current state at the SAI and how well SAI responds to the technological needs arising from the external environment.

The LOTA Scan Tool consists of

  • LOTA Scan Guide. The LOTA Scan Guide provides basic guidance on running the LOTA Scan project at a SAI. This includes guidance on prerequisites for conducting a LOTA Scan and the LOTA Scan workflow including key phases and analysis.
  • LOTA Scan Canvas. The LOTA Scan Canvas provides a template for conducting and high-level reporting on the LOTA scan.
  • LOTA Scan Question Bank. The LOTA Scan Question Bank lists detailed questions to be considered during the analysis.

The more information on LOTA Scan Tool along with download links may be found here: https://idi.no/work-streams/relevant-sais/lota/lota-scan

LOTA Pioneers logo

Applications for LOTA Pioneers 2023-2024 are open now!

The applications for LOTA Pioneers 2023-2024 are now open!

LOTA Pioneers is an initiative that aims to facilitate the transformation of a pool of SAI auditors into change agents who bring technology to SAI’s audit world by scanning their internal and external audit environments to strategize for leveraging on technology in audits and auditing the use of technology by governments.

To begin with this initiative will be offered in English for up to 25 SAIs. Each SAI is requested to nominate two persons from different leadership levels in the SAI. While one will act as LOTA Pioneer (Strategy), the other will act as LOTA Pioneer (Audit).

Besides creating a pool of LOTA Pioneers, this initiative is expected to result in LOTA scans, LOTA strategies and LOTA audits at the participating SAI level.

Those candidates who successfully complete their education, LOTA scan / strategy and audit will graduate as IDI’s LOTA Pioneers and become a part of an alumni network.

Please find more information in the LOTA Pioneers web page: https://www.idi.no/work-streams/relevant-sais/lota/lota-pioneers

To apply for LOTA Pioneers please visit: https://www.idi.no/work-streams/relevant-sais/lota/lota-pioneers/apply-for-lota-pioneers-2023-2024

If you have any questions or doubts about LOTA Pioneer please contact IDI LOTA team at This email address is being protected from spambots. You need JavaScript enabled to view it.

We hope you will join us on this journey of SAI audits digital transformation for the benefit of all!

Launch of LOTA Pioneers

Launch of LOTA Pioneers

Pioneering audits of technology: Launch of IDI’s LOTA Pioneers,

Launch of IDI's LOTA Initiative

LOTA Talks on Healthcare Audit Analytics

1st edition of LOTA Talks on Healthcare Audit Analytics

Launch of IDI's LOTA Initiative

IDI launches LOTA initiative

IDI has kicked off its first project under new initiative, Leveraging on Technological Advancement - LOTA.