Skip to content
MVPeople Group Logo
MVPeopleGroup
GRC & Compliance

IT Auditor (Interim, Part-time)

Den HaagConsultancyHybridSenioroverheid
Apply nowAsk a question

About the assignment

A leading public sector organisation in South Holland needs an experienced IT auditor to strengthen its audit function. You'll own the full audit lifecycle—from planning and execution to stakeholder reporting—covering critical systems like DigiD, Suwinet, and financial IT infrastructure.

This interim role carries real responsibility. You coordinate external and internal audits (ENSIA, year-end controls), oversee audit findings, and advise on emerging legislation (Cybersecurity Act, Data Processing Act). You're the central contact for regulators and internal stakeholders across multiple departments.

Your responsibilities

  • Coordinate and oversee all audit obligations, including ENSIA and IT-audit for annual accounts
  • Plan, organise and execute internal IT audits on critical controls (DigiD, Suwinet, financial systems)
  • Assess and strengthen existing audit documentation and audit structure
  • Prepare and deliver board-level reporting, regulatory submissions and correspondence to supervisors
  • Manage external audit arrangements—from tendering through delivery and stakeholder alignment
  • Monitor follow-up on audit findings and recommendations from previous audits
  • Advise on new audit requirements under emerging legislation (Data Processing Act, PARTA, Cybersecurity Act)
  • Contribute to integration of ISMS, Privacy Management System and GRC tooling implementation

Tech Stack & Tools

Platforms & Tooling

ENSIA toolingGRC platforms (ServiceNow GRC, Archer, OneTrust—advisory role)

Frameworks & Standards

ENSIA (Dutch IT Audit standard)COBIT 2019ISO/IEC 27001NIS2 DirectiveNIST Cybersecurity Framework

Methodologies

IT audit lifecycle managementRisk-based audit planningControl testing and effectiveness assessmentRegulatory compliance mapping

Certifications (preferred)

CISA (Certified Information Systems Auditor)CISSPCISM

Must-haves

  • 10+ years IT audit or IT risk management experience, preferably in public sector
  • Deep knowledge of Dutch audit frameworks (ENSIA, annual accounts IT audit standards)
  • Proven experience auditing critical systems (identity management, payments, data processing)
  • Strong stakeholder management across technical and executive teams
  • Expert-level Dutch; fluent English for technical documentation

Nice-to-haves

  • Hands-on experience with GRC tooling implementation or advisory
  • Knowledge of DigiD, Suwinet or similar government IT ecosystems
  • Experience with ISMS/PMS design and integration
  • Familiarity with Cybersecurity Act or NIS2 compliance requirements

What we offer

  • Direct impact on public sector IT governance and security
  • Lead a visible, strategic function—reporting to board and regulators
  • Flexible part-time arrangement (20 hours/week) with extension options
  • Collaborate with CISO, security teams and multiple departments
  • Shape audit modernisation and GRC tool implementation
  • Personal guidance from a dedicated MVPeople consultant who knows your niche

The process

1

Introduction

Phone call with your MVPeople consultant (within 24 hours)

2

Match & Brief

We discuss the assignment in detail and prepare you

3

Client meeting

Introduction to the client

4

Start

Contracting and onboarding

Details

Type

Consultancy

Location

Den Haag

Work model

Hybrid

Level

Senior

Industry

overheid

Posted

22 May 2026

Contact

MVPeople Group

jobs@mvpeoplegroup.com
Apply nowMore information

Related vacancies

IAM / IGAConsultancy

Authorization Management Expert (IAM)

Arnhem, GEHybrid
View vacancy
IAM / IGAConsultancy

Senior Business Consultant Identity & Access Management

's-Hertogenbosch, NBHybrid
View vacancy
Privacy & DPOConsultancy

Privacy Officer (DPO)

UtrechtHybrid
View vacancy
Apply now