The ISACA Risk Event will take place for the 5th time on Wednesday, November 6, 2024; our first lustrum. We will therefore provide an even more substantive and interesting program than in previous years.
The conference takes place in collaboration with IIA, NOREA and PvIB.
Jump directly to: About Speakers Aftermovie Programme & Downloads Location Gallery
Risk Event 2024
Purple Ocean - inspiring change and creating value
The central theme this year is Purple Ocean – inspiring change and creating value.
This day we will highlight four tracks
- Governance
- Risk
- Regulatory
- Resilience
Each track contains various seminars from top speakers, where the participant can choose the program that best fits their wishes and interests. You will find all names of speakers on the program page.
Workshop: This year we also add a separate workshop stream to the program. There are only limited places available for the workshops.
During the day (breaks, lunch and dinner) there is plenty of time to talk with speakers and participants.
The ISACA Risk Event mainly focuses on (IT) Risk Managers and Risk Consultants, Security/Privacy and Cyber specialists, IT Auditors, CIOs, (Senior) Management, Thought leaders in organizations, Business information managers, Application managers, Project and service managers and consultants in the IT industry.
Aftermovie
Programme Risk Event 2024
Regulatory
Resilience
Governance
Risk
Workshop
My name is Dwayne Valkenburg, I work as an IT Auditor and IT Risk & Compliance Manager. Since 2006, I have been active in the Managed IT Services & IT Outsourcing sector as an IT Engineer, switching to the IT Auditing profession at a BIG4 firm in 2013 and as of 2017, I founded Cyberus, an IT Assurance, Advisory & Consultancy firm.
I am also active on a voluntary basis since November 2014 with the professional associations the NOREA, ISACA and the IIA as, Chairman and Vice-Chairman of the Young Profs committees. In recent years, I have been responsible within the ISACA Board, with all events, webinars and conferences of ISACA Netherlands, as well as the Privacy and Young Profs working groups.
As of June 2022, I could call myself chairman of ISACA Netherlands and together with an enthusiastic and, above all, fun group of fellow volunteers, we may together offer a platform where we jointly take the profession of IT Auditing, IT Governance, IT Compliance, IT Security & IT Risk Management to a higher level.
If you have any questions, or are interested in working together, please feel free to contact me.
Hans de Vries is the Chief Cybersecurity and Operations Officer (COO) at the EU Agency for Cybersecurity (ENISA) since April 2024. Hans provides guidance and direction on the Agency’s operations activities and strategically advises the Executive Director.
Hans specifically represents ENISA in the NIS Cooperation Group, the European Cyber Crisis Liaison Organisation Network (EU-CyCLONe) and the CSIRTs Network, which is composed of CSIRTs appointed by EU Member States and CERT- EU. His primary focus is the NIS2 implementation in the EU Member States and thereby helping to strengthen the current state of cybersecurity in Europe.
Prior to this role, Hans was the director of the Dutch National Cyber Security Centre (NCSC-NL) for almost a decade. In this position, Hans was a member of the ENISA Management Board and Executive Board. He was also one of the main organisational forces behind The Hague’s ‘ONE Conference’, which is among Europe’s prime cybersecurity events.
Hans’ prior working experience includes a top management position at the General Intelligence Services (AIVD) and the Ministry of the Interior and Kingdom Relations (BZK), where he served as head of the ‘ICT Management Division’ and head of ‘Operational Management Coordination’. He has also extended working experience in the ICT security domain at an inter-ministerial and international level gained while in the Ministry.
Hans has a law degree from Leiden University in the Netherlands and began his professional career in the private sector, before working for the Dutch central government in 2002.
Dimitri is the Cybersecurity Director and CISO of Dutch Railways (Nederlandse Spoorwegen). He is Co-Chair to the Dutch and European Rail ISACS and European Railway CISO Forum and chair of the board of the Dutch CISO Foundation.
He’s also Non-Executive Director of NGRT, advisory board member of Cybersec Netherlands, supervisory board member of the Dutch Anti Online Child Abuse foundation OFFLimits, GISEC Cyberstars Jury member and a regular cyber-columnist/author/speaker/lecturer.
Dimitri holds an international master’s degree and cyber certificates such as CISSP, CRISC, CISA, CISM, CDPSE, CIPP/E, CIPM, FIP, ISO27001 and ISO42001
Mimoent is a Partner in PwC Cyber, Forensics and Privacy practice with a strong background in cyber security and hands-on experience in the financial sector. With more than twenty years of experience in IT and related areas such as (IT) risk management, agile, compliance and business continuity, third party management, including proper metrics and reporting to prove the value of measures and actions.
Renske is een ervaren expert op het gebied van Crisis & Resileince bij PwC NL met een achtergrond die zich uitstrekt over diverse sectoren. Haar expertise omvat het ontwikkelen van programma’s voor Bedrijfscontinuïteit en Crisismanagement, en ze is vaardig in strategische crisismanagementtrainingen en simulaties voor boards en ExCo.
For over 20 years, I have been active in governments internationally, focusing on bringing innovation with new technology. I am adding an academic dimension by researching how a business platform model changes a government organization’s operating model, dynamics, and governance.
Peter is sinds 2018 als partner werkzaam bij EY betreffende Cyber assurance. Daarvoor heeft Peter 24 jaar gewerkt bij KPMG (Security & Technology), en 4 jaar bij Booking.com (Risk & Compliance). Ook is peter al meer dan 20 jaren betrokken bij de opleiding IT-auditing van TIAS, waaronder als hoofddocent voor de specialisatie Auditing Cybersecurity.
Vandaag het maximale rendement halen en parallel toewerken naar de strategische doelen van morgen, dat is wat Gemma Jansen kenmerkt in haar werk als CISO. Gemma heeft daarbij een duidelijke visie op samenwerking, in combinatie met veel ervaring met end-to-end proces- & projectmanagement. Zowel de interne- als externe klant is daarbij haar uitgangspunt. Door alle betrokkenen op ieders verantwoordelijkheidsniveau mee te nemen in het proces, realiseert zij het doel: Een omgeving waar de verbeteringen en/of veranderingen zijn geborgd en worden gedragen door de mensen die het doen.
Patrick currently works as Head of Cybersecurity Supervision at the Ministry of Infrastructure and Water Management, Environment and Transport Inspectorate. In this role he is involved in the supervision of cybersecurity measures within essential service providers in various vital infrastructure sectors, including Maritime, Rail, Aviation, Drinking Water. He has expertise in supervision, regulatory compliance and risk management within the domain of cybersecurity, ensuring the resilience and security of critical infrastructure. Prior to his current position, Patrick held key positions in the private sector, most recently as IT Lead Identity & Access Management at Rabobank. He also served as Domain Continuity and Risk Officer and GDPR coordinator.
Marcel werkt 27 jaar voor Hoppenbrouwers Techniek en heeft in die periode als eindverantwoordelijke voor Finance en IT meegebouwd aan de groei van een lokale installatiebedrijf met 60 medewerkers naar een landelijk opererende technisch dienstverlener met bijna 2000 medewerkers. Sinds 2024
In 2002 heeft Guido Ivengi.com opgericht. Inmiddels behoort Ivengi tot de grootste internet/softwarebureaus en hebben we veel succesvolle oplossingen gerealiseerd. Ivengi.com is daarnaast koploper op het gebeid van subsidiesystemen en levert haar oplossing EasyFunders aan gemeentes met meer dan 100.000 inwoners en provincies. De ambitie van Ivengi.com is verder groeien in het subsidielandschap. Na 23 jaar heeft hij ruime ervaring met het besturen van een MKB-bedrijf.
Information Security Specialist from Germany working in the Netherlands for nearly 10 years.
Rooted in the hacker scene now working for the Port of Rotterdam and help make the Port a more secure + compliant place.
Sandeep is Trust Officer at Schuberg Philis. Chair of the NOREA DevOps working group. Chair of the NOREA DORA Taskforce.
Author of DevOps in Control NOREA report. Co-author of Ransomware in Control NOREA report. Guest lecturer on DevOps & Ransomware at several universities.
Jeremy is IT auditor at Schuberg Philis. Expert on digital resilience and privacy legislation. Co-creator of the DORA in Control Framework
Fleur Koster studied accountancy and joined ASML as auditor. Later on she moved towards SS&P and got more involved in the area of supplier risk management. Today she is head of S&P Risk, ESG & Contract Management. In her role she leads different risk dimensions applicable to suppliers and the supply chain.
Robbert Kramer studied business information technology and started working for EY as an IT Auditor. He performed IT audits and was also involved in Legal Hack activities. After EY he started working for Van Lanschot in ‘s-Hertogenbosch. Joined the Internal Audit department and afterwards moved to Security Management. In 2016 Robbert became Security Risk Manager for ASML performing Supplier Security. Main pillars for supplier security are protecting ASML Information and Cyber Security.
Robbert Kramer is also lecturer at the TIAS for the IT audit program. As senior lecturer he is responsible for the module that deals with Trust and Control of technologies.
Jan is director Leadership & Governance at Erasmus University and serves as a boardroom advisor. In 2023, he published ‘Het Spel in de Boardroom’, the first book on Behavioral Governance. In 2009, he founded the Erasmus Governance Institute, the postgraduate education center for non-executive directors. Since 2002, he has executed corporate restructurings in Western Europe and held non-executive board functions in different sectors of the economy. Earlier, he held leadership positions at ABN AMRO in corporate banking, risk management, and private equity.
Arash has over 15 years of experience in leading IT and information security teams. He is passionate about digital resilience, AI and innovation. He believes that technology has the power to enrich lives and contribute to a safer, more prosperous society.
Besides his role as a board member of ISACA Netherlands. He is also a Trusted Advisor at Sogeti (part of Capgemini), where he provides management teams with strategic guidance on improving digital resilience and manages teams in roles such as a CISO. He is a speaker in the field of digital resilience, innovation and AI, active within the Dutch association of board members (NCD) and an apprentice in the supervisory board of HTM.
Within ISACA Netherlands, he is committed to ensuring liquidity and financial stability, enabling us to continue investing in our community and helping our members to develop their knowledge and skills.
Ali Alam, Senior Manager at KPMG Netherlands,. Wide range of experience on performing assessments, implementations pertaining the DNB Information Security Good Practice 2019/2020, EBA Guidelines on Security and Outsourcing.
Currently building expertise and capabilities on the Digital Operational Resilience Act (DORA) within KPMG.
Lives in The Hague.
Arnoud is a computer scientist and IT lawyer, working as Chief Knowledge Officer at ICTRecht in Amsterdam. He specializes in AI, data and software and has published many books, such as “ICT & Recht”, “AI & Algorithms” and “The Annotated AI Act”. Arnoud is also a lecturer at the Vrije Universiteit Amsterdam
Jeroen van Kesteren is CISO van DNB. In deze rol is hij verantwoordelijk voor het Information Security Office, Security Operations Center, Team Digital Forensics en Identity and Access Management. “Ik geloof niet in Security by obscurity, maar in security door transparantie” is een veel gebruikt citaat van hem. Dit is voor hem een belangrijke drijfveer om de kennis en ervaringen binnen DNB te delen met andere organisatie. Door elkaar te informeren worden we met z’n alle sterker.
Voordat hij CISO werd, heeft Jeroen diverse rollen gehad; Toezichthouder en Head of Mission bij grote financiële instellingen, Gast docent op de VU en TIAS, programma manager bij Capgemini, IT auditor bij van Lanschot zijn hier een aantal van.
Peter Hartog is Directeur Vaktechniek van IIA Nederland, en was lid van de International Internal Audit Standards Board gedurende het opstellen van de nieuwe standaarden. Hij doceert ook aan de Internal Auditing & Advisory opleiding van de EUR. In het verleden werkte hij onder andere bij de SVB, ACS en KPMG.
Jair is an enthusiastic and passionate principal researcher (@Northwave Cyber Security) and an assistant professor (@University of Twente). He is a practical, data-driven and extremely curious person. He loves to spread the knowledge with the scientific community and with cybersecurity practitioners. He prepares his presentations thinking about you (the audience). Therefore, he promises to give an engaging, enthusiastic, and to-the-point presentation.
Ramsés, with an MBA and Law education, has over 25 years of experience in security, with expertise in Risk Management and Governance. Recently the CTO at OpenText Cybersecurity, he previously served as Strategist & Evangelist at Symantec’s Office of the CTO and held roles at Dell Security, CA Technologies, SurfControl, and Entelgy. Active in ISACA, he served on the CISM and CGEIT Certification Committees, chaired the ISRM Conference, and contributed to the first ISACA World Congress. He is certified in CISM, CGEIT, CISSP, SCPM, CCSK, ITIL, and COBIT, and is a Six Sigma Black Belt. Ramsés is an award-winning international speaker and was recently inducted into the ISACA Hall of Fame. He teaches at IE Business School and is the Executive Vice President of the Quantum World Association.
Pav, renowned for exposing the €24 billion Wirecard fraud, is a former Magic Circle lawyer and fintech general counsel. He founded Confide in late 2023, a pioneering whistleblowing & corporate investigations platform. Pav’s work has redefined governance technology and corporate ethics, earning him global recognition and prestigious awards.
<h1 class='my-heading'>Just some HTML</h1><?php echo 'The year is ' . date('Y'); ?>document.addEventListener("DOMContentLoaded", function () {
const container = document.querySelector(".risk-loop-container");
if (!container) return;
const kaarten = Array.from(container.querySelectorAll(".risk-card"));
const rijen = {};
// Sorteer alle kaarten eerst op starttijd
kaarten.sort((a, b) => {
const tijdA = a.getAttribute("risk-starttijd") || "";
const tijdB = b.getAttribute("risk-starttijd") || "";
return tijdA.localeCompare(tijdB);
});
// Verdeel kaarten per tijdslot
kaarten.forEach((kaart) => {
const tijd = (kaart.getAttribute("risk-starttijd") || "").trim();
if (!rijen[tijd]) {
const rij = document.createElement("div");
rij.classList.add("risk-row");
rij.setAttribute("data-starttijd", tijd);
container.appendChild(rij);
rijen[tijd] = rij;
}
rijen[tijd].appendChild(kaart);
});
// Sorteer binnen elke rij op data-podium
Object.values(rijen).forEach((rij) => {
const cards = Array.from(rij.querySelectorAll(".risk-card"));
cards.sort((a, b) => {
const pA = parseInt(a.getAttribute("data-podium")) || 999;
const pB = parseInt(b.getAttribute("data-podium")) || 999;
return pA - pB;
});
cards.forEach((kaart) => rij.appendChild(kaart));
});
});function sorteerEnGroepeerKaarten() {
const container = document.querySelector(".risk-loop-container");
if (!container) return;
// Verwijder oude rijen (voor het opnieuw opbouwen)
container.querySelectorAll(".risk-row").forEach((el) => el.remove());
// Zoek alle kaarten
const kaarten = Array.from(container.querySelectorAll(".risk-card"));
const rijen = {};
// Sorteer kaarten op starttijd
kaarten.sort((a, b) => {
const tijdA = a.getAttribute("risk-starttijd") || "";
const tijdB = b.getAttribute("risk-starttijd") || "";
return tijdA.localeCompare(tijdB);
});
// Groepeer kaarten per tijdslot
kaarten.forEach((kaart) => {
const tijd = (kaart.getAttribute("risk-starttijd") || "").trim();
if (!rijen[tijd]) {
const rij = document.createElement("div");
rij.classList.add("risk-row");
rij.setAttribute("data-starttijd", tijd);
// 🔧 Dit is waar de grid toegepast moet worden:
rij.style.display = "grid";
rij.style.gridTemplateColumns = "repeat(auto-fit, minmax(220px, 1fr))";
rij.style.gap = "1rem";
container.appendChild(rij);
rijen[tijd] = rij;
}
rijen[tijd].appendChild(kaart);
});
// Sorteer binnen elke rij op podium-nummer
Object.values(rijen).forEach((rij) => {
const cards = Array.from(rij.querySelectorAll(".risk-card"));
cards.sort((a, b) => {
const pA = parseInt(a.getAttribute("data-podium")) || 999;
const pB = parseInt(b.getAttribute("data-podium")) || 999;
return pA - pB;
});
cards.forEach((kaart) => rij.appendChild(kaart));
});
}
// Initieel en bij AJAX reload
document.addEventListener("DOMContentLoaded", sorteerEnGroepeerKaarten);
document.addEventListener("bricks/ajax/nodes_added", sorteerEnGroepeerKaarten);
function sorteerEnGroepeerKaarten() {
const container = document.querySelector(".risk-loop-container");
if (!container) return;
// Verwijder oude gegroepeerde rijen
container.querySelectorAll(".risk-row").forEach((el) => el.remove());
// Verzamel en sorteer alle kaarten op starttijd
const kaarten = Array.from(container.querySelectorAll(".risk-card"));
const rijen = {};
kaarten.sort((a, b) => {
const tijdA = a.getAttribute("risk-starttijd") || "";
const tijdB = b.getAttribute("risk-starttijd") || "";
return tijdA.localeCompare(tijdB);
});
// Groepeer kaarten per tijdslot
kaarten.forEach((kaart) => {
const tijd = (kaart.getAttribute("risk-starttijd") || "").trim();
if (!rijen[tijd]) {
const rij = document.createElement("div");
rij.classList.add("risk-row");
rij.setAttribute("data-starttijd", tijd);
rij.style.display = "grid";
rij.style.gridTemplateColumns = "repeat(auto-fit, minmax(220px, 1fr))";
rij.style.gap = "1rem";
container.appendChild(rij);
rijen[tijd] = rij;
}
rijen[tijd].appendChild(kaart);
});
// Sorteer binnen elk tijdslot op podium
Object.values(rijen).forEach((rij) => {
const cards = Array.from(rij.querySelectorAll(".risk-card"));
cards.sort((a, b) => {
const pA = parseInt(a.getAttribute("data-podium")) || 999;
const pB = parseInt(b.getAttribute("data-podium")) || 999;
return pA - pB;
});
cards.forEach((kaart) => rij.appendChild(kaart));
});
}
function initKaarten() {
sorteerEnGroepeerKaarten();
const container = document.querySelector(".risk-loop-container");
// Herinitialiseer Bricks Extras Lightbox
if (typeof doExtrasLightbox === "function" && container) {
doExtrasLightbox(container, true);
console.info("✅ Bricks Extras Lightbox opnieuw geïnitialiseerd");
} else {
console.warn("⚠️ Bricks Extras Lightbox functie niet beschikbaar of container niet gevonden");
}
}
// Init bij paginalaad
document.addEventListener("DOMContentLoaded", initKaarten);
// Init na AJAX/facet filtering
document.addEventListener("bricks/ajax/nodes_added", initKaarten);
Location
This year’s Risk Event took place at Spant!, a modern and inspiring venue in the heart of the Netherlands. Located in Bussum, just 25 minutes from Amsterdam and easily accessible by car and public transport.
Spant!
Dr. A. Kuyperlaan 3
1402 SB, Bussum
Gallery
Take a look back at Risk Event 2024. A day full of inspiring talks, lively discussions, and meaningful connections.
Scroll through the highlights and relive the atmosphere, the energy, and the people who made it unforgettable.
