Who am I – Van Hoof IT Audit

I am Kees (pronounce as Case) van Hoof, born 1956. I started my carrier in 1980 as an I/O operator at AMRO bank The Netherlands, providing the printers with paper and ribbons, and mounting the large IBM tapes. Within 2 years I was promoted to the Production support department. This department prepared JCL and provided operators with the right tape volumes as this was not automated during those days. About a year later I moved to the Operations support department and implemented: Job scheduling, tape automation, HSM and so on. 5 years later I joined the Systems programming department and was responsible for technical implementation of database management systems like IMS and DB2 and a lot of other MVS subsystems like Telekurs, Teletext. But also JES2, ISPF, Omegamon etc. In 1991 I joined the IT audit department. In the meanwhile ABN and AMRO were combined and the new Escon fiber technique and DASD mirroring where introduced. So I audited these DR projects implementing EMC2 units and fiber techniques. I also audited crypto projects and implementation of development methodologies. I moved to ING in 2001 also joining the IT audit department for auditing the mainframe environments which at that time where sysplex compliant using f.i. EMIF for IO. ING was migrating different subsystems like RACF and ACF2 but also Roscoe and TSO, and I had to audit these migration projects. I also audited the mainframe environments abroad in Switzerland and Brazil. At that time management thought they could migrate away from the mainframe so I also specialised in auditing HP Nonstop (Tandem) and other midranges systems like AS400. I have audited all these systems in different environments and countries. Not only the technical part but also development, maintenance and business part.

I am also a free lance teacher at the Free University at the post graduate IT audit compliance and advisory academy.

In 2013 I left the bank and started as a free lance IT auditor. During the last couple of years I performed mainframe audits at several companies (also government) and audits regarding OHI (Oracle Health Insurance Application) as well as implementations of second line of defence.