IT Risk/Audit Transformation

How to stay relevant as an IT Risk/Audit professional in an agile and DevOps setting?

Assurance functions like IT risk management and IT audit face a huge challenge to provide assurance on new IT risks, increasing IT automation and renewed IT operating models. As the conventional IT controls are replaced by high-level IT automation, assurance functions are required to re-design their IT risk management and IT control frameworks to remain relevant. This requires new knowledge and skills to assess the risks. This training helps you to require the necessary skills and insights.

"Conventional IT risk and control frameworks are not ‘fit for purpose’ anymore”.

Seda Foppen, Director IT Risk and Regulations, PwC

About this course

This course includes

Successful firms of the future will likely be those that can adapt quickly, move fast, learn rapidly and embrace dynamic customer demands. IT functions of these firms respond to the business expectation of agility by eg implementing agile software development methodologies and changing their working style to DevOps, for example. To help you remain relevant and cope with the challenges, these will be learning goals of this training:

  • Understand new concepts such as Agile, DevOps, Continuous Integration/Continuous Delivery pipelines, automated infra delivery ecosystem, Cloud
  • Understand the skillset/capabilities required for assurance professionals to develop for the future
  • Recognize the potential adjustments required to IT risk and control frameworks in order to accommodate the implementation of DevOps and agile way of working
  • Be motivated to learn the capabilities required for IT risk agility and apply them into the daily practice

Target audience

This training is for:

  • IT risk and/or IT security professionals
  • IT auditors
  • Software engineers who would like to build IT risk management skills and/or demonstrate that the IT risks are managed effectively


Laurens Jan Terwee is a senior associate with experience as both an IT auditor and IT risk consultant. Laurens Jan focusses on technology and the impact of DevOps on internal control frameworks.

"As processes and controls are being automated we increase consistency, reliability and scalability; however, we also increase the complexity. Data-driven insights are key to staying in control in an ever-evolving IT landscape."  

Seda Foppen is a director with 17 years of experience in IT risk governance, IT regulations & compliance, IT internal control frameworks and transformation of the assurance functions (in particular IT risk & IT audit).

“PwC plays an important role as an external auditor and advisor in IT audit space in how we look at IT controls automation and compliance vs digital IT transformation, important influencial party.”


Currently there are no dates available. Express your interest by sending an email to (please specify which training you are interested in). We will contact you as soon as new dates are scheduled.


The costs are 1250 euro, exempt from VAT, including the preparation and the two classroom trainings. Also included are the training materials, lunch for both sessions, and drinks.

Permanent Education 

PE-Portfolio accountants (AA en RA)

You can include this training as a learning activity in your PE portfolio. After the training, you will receive a certificate of participation (number of hours of training included).

PE points register controllers (RC)

At the end of the training you will receive a certificate of participation from us with the number of hours of training followed. You can register this yourself on the VRC website.


Contact us

Magda Chrysoulis-Stegeman

Magda Chrysoulis-Stegeman

Senior Director, PwC Netherlands

Tel: +31 (0)62 061 58 22

Volg ons