Getting in control through Living Policies
Policies are often seen as outdated, 30+ page documents that no one reads – let alone uses effectively. But what if policies could truly engage your organisation in getting (and staying) in control?
In this Square Table webinar, Bas Weegels and Jeroen Zuijderhoudt will introduce the concept of Living Policies and explain how you can use them to achieve the results your organisation is after.
You’ll discover:
- What makes a policy “living”.
- How Living Policies can achieve results that static policies never could.
Meet the experts: Bas Weegels and Jeroen Zuijderhoudt
Bas Weegels is an experienced IT Risk and Controls professional with profound knowledge of assurance standards such as SOC II, ISAE3000, and ISAE3402, including many common frameworks. With his background in auditing, he’s been helping organisations to achieve their next level in maturity, proving trust to their customers and regulators. Along the way, Bas recognised that many organisations feel overwhelmed by the ever-increasing number of requirements, often competing with their primary business objectives. At the same time, benefits of risk management are not always perceived and mostly derived from external motivators. He made it his mission to unlock the true potential of risk management at organisations.
Jeroen Zuijderhoudt brings extensive experience in programme management within the financial industry and beyond, working with frameworks such as SOx, Solvency II, ISO 27001, SOC II, DORA, and NIS-2. Over the years, he has identified a recurring pattern: while new frameworks are introduced to address emerging risks, they often fail to resolve underlying structural shortcomings. This results in superficial fixes that do not stand the test of time. Jeroen emphasizes the importance of structural solutions, cultural change, and creating environments where people can collaborate creatively, effectively, and happily. These principles drive his work at Root Industries and his contributions to the Control Praxis community, where he focuses on fostering sustainable, framework-agnostic approaches to control implementation.
Bas Weegels
Bas Weegels is an experienced IT Risk and Controls professional with profound knowledge of assurance standards such as SOC II, ISAE3000, and ISAE3402, including many common frameworks. With his background in auditing, he’s been helping organisations to achieve their next level in maturity, proving trust to their customers and regulators. Along the way, Bas recognised that many organisations feel overwhelmed by the ever-increasing number of requirements, often competing with their primary business objectives. At the same time, benefits of risk management are not always perceived and mostly derived from external motivators. He made it his mission to unlock the true potential of risk management at organisations.
Jeroen Zuijderhoudt
Jeroen Zuijderhoudt brings extensive experience in programme management within the financial industry and beyond, working with frameworks such as SOx, Solvency II, ISO 27001, SOC II, DORA, and NIS-2. Over the years, he has identified a recurring pattern: while new frameworks are introduced to address emerging risks, they often fail to resolve underlying structural shortcomings. This results in superficial fixes that do not stand the test of time. Jeroen emphasizes the importance of structural solutions, cultural change, and creating environments where people can collaborate creatively, effectively, and happily. These principles drive his work at Root Industries and his contributions to the Control Praxis community, where he focuses on fostering sustainable, framework-agnostic approaches to control implementation.
