We are excited to share that the Demystifying Technologies brochure is now available.
Leveraging on Technological Advancement
IDI is pleased to invite you to join the 3rd edition of LOTA Talks.
This time we will talk about Cybersecurity.
The interpretation will be available in Arabic, French, English and Spanish.
🕒 22nd November 2023 | 14:00 - 17:00 CET
Poster: Download Poster
Register: HERE
Our speakers:
Performance Audit of Preparedness for Cybersecurity: Bhutan Experience |
|
Kinley Zam | Performance Auditor, SAI BhutanKinley Zam, a seasoned Performance Auditor at SAI Bhutan since 2008, is known for her pioneering work in Performance auditing. She has a Master's in IT from Murdoch University, Australia. As an active contributor to knowledge-sharing initiatives, she provides training on performance auditing, IT auditing, data analysis and communication skills. Kinley is an alumni of the IDI's SAI Young Leader Programme. |
|
Audit of Cybersecurity |
|
Renato Braga | Security Information Audit Manager, SAI BrazilRenato is a Security Information Audit Manager from the Brazilian Federal Court of Accounts (Tribunal de Contas da União). He has 21 years of auditing experience, 11 of which are in IT auditing. Renato has the following certifications: CISA, CFE, CIA, CGAP, CCSA, CRMA, DPO, CRTP, OSWP, eJPT, CySA+, and Security+. |
|
Andre Torres | Cybersecurity Specialist, SAI BrazilAndre is a Cybersecurity specialist from the Brazilian Federal Court of Accounts (Tribunal de Contas da União). He has 18 years of cybersecurity experience. Andre's focus is on incident response, vulnerability management and offensive security. He has the following certifications: CRTE, CRTP, CESP ADCS, PNPT, eCPPTv2, eWPT, eJPT, CASP+, PenTest+, CySA+, Security+, and Linux+.
|
|
Audit of Zero Trust Architecture |
|
Jeffrey Knott | Assistant Director, IT and Cybersecurity, SAI USAJeff Knott is an Assistant Director within the Information Technology and Cybersecurity team at the U.S. Government Accountability Office (GAO). He leads engagements that focus on an array of cybersecurity issues, including reviews at the government-wide, agency-specific, and system-specific levels. Jeff joined GAO in 1992 and has performed reviews at most federal agencies. He is a certified information system auditor. He earned a bachelor of science degree in computer science from the University of Mississippi and a master’s degree in business administration, with a concentration in information systems, from the University of Texas at Arlington. |
|
Kevin Smith | Senior Analyst, IT and Cybersecurity, SAI USAKevin Smith is a Senior Analyst within the Information Technology and Cybersecurity team at the U.S. Government Accountability Office (GAO). He manages engagements that focus on cybersecurity issues, including reviews at the government-wide, agency-specific, and system-specific levels. Kevin joined GAO in 2018 and has performed reviews at many federal agencies. He earned a bachelor of science degree in physics and a master’s degree in information science from the University of Michigan.
|
|
Cyber Security in a rapidly evolving Space industry |
|
George Tountas | Senior Manager, Information Security Management, SESGeorge has a background in Computer Science and holds an M.Sc. Information Security from University College London. He has been working on Cyber Security and IT Audit for more than 13 years. He is passionate about the topic and loves to collaborate with teams to get the best and most secure solutions. Currently, he is a Senior Manager in Information Security Management at SES, a global satellite communications provider. He is CISA and CISSP certified. |
|
Cybersecurity and data protection |
|
Kareem Ismail | Senior Auditor, SAI EgyptKareem is the Senior Auditor, with over 12 years of experience in Auditing at the Supreme Audit Institution of Egypt, known as Accountability State Authority. He has a Bachelor's degree in Accounting and Finance from Cairo University and a Master's degree in Information Systems from DePaul University in the United States of America. Kareem is an active team member of two INTOSAI working groups - WGITA (Working Group of Information Technology Audit) and WGBD (Working Group of Big Data). |
|
Cybersecurity and data protection guidelines |
|
Roberto Hernandez Rojas Valderrama | General IT Audit Director, SAI Mexico |
|
Cyber security and internal auditors |
|
José Manuel Espinoza Reyes | System Engineer, SAI Costa RicaJosé is a system engineer with more than 20 years of working in Information Technologies, 7 years of experience in IT Audits and coordinator of Information Technology Audit teams at the SAI Costa Rica. He is a teacher in the IT Engineering program at the National Technical University. |
|
Come join LOTA Talks and let us make the world a safer place!
Register: HERE
For more information on the LOTA initiative, please visit:
LOTA Scan: A tool for Supreme Audit Institutions
In response to this rapidly changing environment and technology development, IDI has developed a LOTA Scan Tool to help SAIs in making better use of technology in fulfilling their audit mandates, by planning technology-specific audits, developing technology skills and introducing new technologies into the SAI audit practice.
The LOTA Scan aims to provide SAIs with a tool to analyse their internal and external environment in the use technology in audits and use of technology by governments. The LOTA Scan part related to external environment assessment helps to identify areas where technology audits are required and outlining technology-related audit projects to be included in LOTA Strategy. At the same time, external environment assessment helps to identify the technological needs of SAI for using technology in audits. In turn, the internal environment assessment helps to assess the current state at the SAI and how well SAI responds to the technological needs arising from the external environment.
The LOTA Scan Tool consists of
- LOTA Scan Guide. The LOTA Scan Guide provides basic guidance on running the LOTA Scan project at a SAI. This includes guidance on prerequisites for conducting a LOTA Scan and the LOTA Scan workflow including key phases and analysis.
- LOTA Scan Canvas. The LOTA Scan Canvas provides a template for conducting and high-level reporting on the LOTA scan.
- LOTA Scan Question Bank. The LOTA Scan Question Bank lists detailed questions to be considered during the analysis.
The more information on LOTA Scan Tool along with download links may be found here: https://idi.no/work-streams/relevant-sais/lota/lota-scan
|
The applications for LOTA Pioneers 2023-2024 are now open! LOTA Pioneers is an initiative that aims to facilitate the transformation of a pool of SAI auditors into change agents who bring technology to SAI’s audit world by scanning their internal and external audit environments to strategize for leveraging on technology in audits and auditing the use of technology by governments. To begin with this initiative will be offered in English for up to 25 SAIs. Each SAI is requested to nominate two persons from different leadership levels in the SAI. While one will act as LOTA Pioneer (Strategy), the other will act as LOTA Pioneer (Audit). Besides creating a pool of LOTA Pioneers, this initiative is expected to result in LOTA scans, LOTA strategies and LOTA audits at the participating SAI level. Those candidates who successfully complete their education, LOTA scan / strategy and audit will graduate as IDI’s LOTA Pioneers and become a part of an alumni network. Please find more information in the LOTA Pioneers web page: https://www.idi.no/work-streams/relevant-sais/lota/lota-pioneers To apply for LOTA Pioneers please visit: https://www.idi.no/work-streams/relevant-sais/lota/lota-pioneers/apply-for-lota-pioneers-2023-2024 If you have any questions or doubts about LOTA Pioneer please contact IDI LOTA team at We hope you will join us on this journey of SAI audits digital transformation for the benefit of all! |
Pioneering audits of technology: Launch of IDI’s LOTA Pioneers,
1st edition of LOTA Talks on Healthcare Audit Analytics
IDI has kicked off its first project under new initiative, Leveraging on Technological Advancement - LOTA.
Roberto is the General IT Audit director in the Superior Audit of Mexico with more than 30 years of experience IT Audit Governance, risk and Cybersecurity. He is in charge of IT compliance audits and cybersecurity evaluations (based on NIST Cybersecurity Framework, Basel III, PCI, CSI and CCCM) in different government sectors, such as financial, energy, health, social development, telecommunications, and national security. He is also in charge of the Big Data and Analytics initiative and project leader of Cybersecurity and data protection guidelines in the Working Group of IT Audit WGITA. Roberto is a Subject Matter Expert in many IT standard-setting committees and in Cloud Security.