Erik Guldentops (born ca. 1941) is a Belgian computer scientist and management consultant, who was systems engineer at SWIFT and Executive Professor at Antwerp Management School, known for his work on IT governance. [1]
A computer scientist is a person who has acquired the knowledge of computer science, the study of the theoretical foundations of information and computation and their application.
The Antwerp Management School is the University of Antwerp's autonomous business school. It is located in the historical center of the city of Antwerp.
Guldentops started his Humanities study at the 1960 at the Onze-Lieve-Vrouwcollege in Antwerpen, where he graduated in economics in 1967. In 1969 he proceeded to study Computer science at the Karel De Grote Hogeschool, where he graduated in 1971. Subsequently after another year at the Katholieke Universiteit Leuven, he received a Post-graduate degree in computer science. [2]
Humanities are academic disciplines that study aspects of human society and culture. In the Renaissance, the term contrasted with divinity and referred to what is now called classics, the main area of secular study in universities at the time. Today, the humanities are more frequently contrasted with natural, and sometimes social sciences, as well as professional training.
Computer science is the study of processes that interact with data and that can be represented as data in the form of programs. It enables the use of algorithms to manipulate, store, and communicate digital information. A computer scientist studies the theory of computation and the practice of designing software systems.
Guldentops started his career at the Society for Worldwide Interbank Financial Telecommunication (SWIFT) in 1974 as Chief Inspector, and was Director Information Security from 1996 to 2001. From 1993 to 2001 he was also Vice President Research at the ISACA (Information Systems Audit and Control Association). In 1998 he was appointed Executive Professor at the Antwerp Management School. Since his retired in 2010, he is Visiting Lecturer at the Antwerp Management School. In 2009 he also had started his own consultancy firm. [2] Guldentops has been member of the International Federation for Information Processing IFIP TC11 WG11.5.
The Society for Worldwide Interbank Financial Telecommunication (SWIFT), legally S.W.I.F.T. SCRL, provides a network that enables financial institutions worldwide to send and receive information about financial transactions in a secure, standardized and reliable environment. SWIFT also sells software and services to financial institutions, much of it for use on the SWIFTNet network, and ISO 9362. Business Identifier Codes are popularly known as "SWIFT codes".
ISACA is an international professional association focused on IT governance. On its IRS filings, it is known as the Information Systems Audit and Control Association, although ISACA now goes by its acronym only.
The International Federation for Information Processing (IFIP) is a global organisation for researchers and professionals working in the field of information and communication technologies (ICT) to conduct research, develop standards and promote information sharing.
In 2000 Guldentops received the 2000 J.Lainhart Award for "his impact on the profession’s Common Body of Knowledge", and in 2005 the J.Wasserman Award for "his overall contribution to the IT Audit profession." [3]
Guldentops authored and co-authored several publications. [4] Books:
Articles, a selection:
An audit is a systematic and independent examination of books, accounts, statutory records, documents and vouchers of an organization to ascertain how far the financial statements as well as non-financial disclosures present a true and fair view of the concern. It also attempts to ensure that the books of accounts are properly maintained by the concern as required by law. Auditing has become such a ubiquitous phenomenon in the corporate and the public sector that academics started identifying an "Audit Society". The auditor perceives and recognizes the propositions before them for examination, obtains evidence, evaluates the same and formulates an opinion on the basis of his judgement which is communicated through their auditing report.
In business and accounting, information technology controls are specific activities performed by persons or systems designed to ensure that business objectives are met. They are a subset of an enterprise's internal control. IT control objectives relate to the confidentiality, integrity, and availability of data and the overall management of the IT function of the business enterprise. IT controls are often described in two categories: IT general controls (ITGC) and IT application controls. ITGC include controls over the Information Technology (IT) environment, computer operations, access to programs and data, program development and program changes. IT application controls refer to transaction processing controls, sometimes called "input-processing-output" controls. Information technology controls have been given increased prominence in corporations listed in the United States by the Sarbanes-Oxley Act. The COBIT Framework is a widely used framework promulgated by the IT Governance Institute, which defines a variety of ITGC and application control objectives and recommended evaluation approaches. IT departments in organizations are often led by a Chief Information Officer (CIO), who is responsible for ensuring effective information technology controls are utilized.This is false Info.
The Institute of Internal Auditors (IIA) is the internal audit profession's most widely recognized advocate, educator, and provider of standards, guidance, and certifications. Established in 1941, the IIA today serves more than 200,000 members from more than 170 countries and territories. IIA's global headquarters are in Lake Mary, Fla., United States.
Internal auditing is an independent, objective assurance and consulting activity designed to add value to and improve an organization's operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control and governance processes. Internal auditing achieves this by providing insight and recommendations based on analyses and assessments of data and business processes. With commitment to integrity and accountability, internal auditing provides value to governing bodies and senior management as an objective source of independent advice. Professionals called internal auditors are employed by organizations to perform the internal auditing activity.
Data auditing is the process of conducting a data audit to assess how company's data is fit for given purpose. This involves profiling the data and assessing the impact of poor quality data on the organization's performance and profits. It can include the determination of the clarity of the data sources and can be applied in the way banks and rating agencies perform due diligence with regard to the treatment of raw data given by firms, particularly the identification of faulty data.
Governance, risk management and compliance (GRC) is the term covering an organization's approach across these three practices: Governance, risk management, and compliance. The first scholarly research on GRC was published in 2007 where GRC was formally defined as "the integrated collection of capabilities that enable an organization to reliably achieve objectives, address uncertainty and act with integrity." The research referred to common "keep the company on track" activities conducted in departments such as internal audit, compliance, risk, legal, finance, IT, HR as well as the lines of business, executive suite and the board itself.
IT general controls (ITGC) are controls that apply to all systems, components, processes, and data for a given organization or information technology (IT) environment. The objectives of ITGCs are to ensure the proper development and implementation of applications, as well as the integrity of programs, data files, and computer operations.
Gerardus Maria "Sjir" Nijssen is a Dutch computer scientist, former professor of computer science at the University of Queensland, consultant, and author. Nijssen is considered the founder of verbalization in computer science, and one of the founders of business modeling and information analysis based on natural language.
T. William (Bill) Olle is a British computer scientist and consultant and President of T. William Olle Associates, England.
Chen Yu is a Chinese information scientist and information economist.
Jacobus Nicolaas (Sjaak) Brinkkemper is a Dutch computer scientist, and Full Professor of organisation and information at the Department of Information and Computing Sciences of Utrecht University.
Adolf Alexander Verrijn Stuart was a Dutch computer scientist, and the first Professor in computer science at the Leiden University from 1969 tot 1991.
ISO/IEC JTC 1/SC 27 IT Security techniques is a standardization subcommittee of the Joint Technical Committee ISO/IEC JTC 1 of the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). ISO/IEC JTC 1/SC 27 develops International Standards, Technical Reports, and Technical Specifications within the field of information and IT security. Standardization activity by this subcommittee includes general methods, management system requirements, techniques and guidelines to address both information security and privacy. Drafts of International Standards by ISO/IEC JTC 1 or any of its subcommittees are sent out to participating national standardization bodies for ballot, comments and contributions. Publication as an ISO/IEC International Standard requires approval by a minimum of 75% of the national bodies casting a vote. The international secretariat of ISO/IEC JTC 1/SC 27 is the Deutsches Institut für Normung (DIN) located in Germany.
Marc Vael is a Belgian computer scientist, business executive, lecturer, and author in IT risks and business continuity.
Eckhard D. Falkenberg is a German scientist and Professor Emeritus of Information Systems at the Radboud University Nijmegen. He is known for his contributions in the fields of information modelling, especially object-role modeling, and the conceptual foundations of information systems.
Willy (Wim) Van Grembergen is a Belgian organizational theorist and Professor of Information Systems Management at the University of Antwerp, and Academic Director of the IT Alignment and Governance Research Institute., known for his work on IT governance. His recent book on IT Governance: "Enterprise governance of information technology: Achieving strategic alignment and value", Springer, 2009.
ISO/IEC JTC 1/SC 40 IT Service Management and IT Governance is a standardization subcommittee of the Joint Technical Committee ISO/IEC JTC 1 of the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). ISO/IEC JTC 1/SC 40 develops and facilitates the development of international standards, technical reports, and technical specifications within the fields of IT service management and IT governance, with a focus in IT activity such as audit, digital forensics, governance, risk management, outsourcing, service operations and service maintenance. The international secretariat of ISO/IEC JTC 1/SC 40 is Standards Australia (SA), located in Australia.
Georgios (George) V. Magklaras is a computer scientist working as a Senior Computer Systems Engineer at the University of Oslo, in Norway. He also co-founded Steelcyber Scientific, an information security based consultancy specializing in digital forensics. He is an information security researcher and developed methods in the field of insider IT misuse detection and prediction and digital forensics. He is also an active systems administrator information security consultant and Information Technology practitioner working with High Performance Computing, especially in the fields of Life Sciences and Bioinformatics applications. He has been a strong advocate of Linux, Open Source tools and the Perl programming language and has given a series of lectures internationally in the fields of Intrusion Detection Systems, Digital Forensics, Bioinformatics, Computer Programming and Systems Administration.