EDP Audit specialist
· NOREA (Dutch association of post graduate certified IT auditors)
· ISACA (Information Systems Audit and Control Association)
· ISC2 (International Information Systems Security Certification Consortium)
· IIA Nederland (Institute of Internal Auditors Nederland)
· Examinator of exams at the “Executive Master in IT Auditing” postgraduate education (Vrije Universiteit Amsterdam)
Education (year of graduation):
· Post graduate IT auditing course at the Vrije Universiteit Amsterdam (Free University of Amsterdam): 2.5 years education to become certified IT auditor (Register EDP auditor), graduated in May 2003. Admitted to the professional association for EDP auditors in February 2004.
· Certified Internal Auditor (CIA), certified as of November 2003
· Certified Information System Auditor (CISA), certified as of June 2002
· Certified Information System Security Professional (CISSP), September 2002
Erasmus University Rotterdam, Master of Science (M.Sc.) in Business Economics
Accountancy (doctorandus), started in September 1990, date of passing the Master’s
examination 1 September 2001.
Graduation thesis: ‘Auditing of Metrics of Internet Advertisements Reports’.
VWO, St. Laurenscollege, Rotterdam (diploma)
2008 - 2010
Ad interim - Getronics PinkRoccade. Constant has been working ad-interim as Internal Auditor for three project to prepare Third Party Memorandums for key customers of Getronics PinkRoccade.
2009 Timex Group B.V. Constant has been working as temporary global head of audit at the Timex Group.
Ad interim – Fortis IST Constant is working as of February 2008 on a SAS 70 readiness
project for the Fortis Information System and Technology (IST). Fixed end date of this
project is 30 May 2008.
2006 – 2007
TomTom International B.V. Constant has joined the Risk Management/Internal Audit
department of TomTom as of October 2006 as an EDP Audit Specialist. Constant has led
audits on the IT Department, Data Center operations, Internet projects, software
development, interfacing including US-EDI and the Product Management department.
Constant has performed two reviews of local offices (TomTom Work and TomTom
Constant has performed audits, consultancy and guidance for vendor selection related to
outsourced activities for the ERP project, the new webshop including its payment provider
and fraud management. Constant has also been the lead auditor on the hosting activities in
data centers and the new corporate headquarters.
Constant has acted as project manager on audit/risk management projects relating to Digital
Rights Management, business process review as part of the ERP implementation, privacy
and corporate information security. Constant has been involved at a strategic, tactical and
operational level for these projects.
In addition, Constant has been the key contact between the Internal Audit department and
other departments on IT and product developments, such as the project team for the new
ERP system and attending milestone meetings of Product Management. Constant has been
the key contact on IT matters with the statutory external auditors.
2005 – 2006
Liberty Global Europe B.V. Constant joined the Internal Audit department of Liberty Global
Europe as Senior IT Auditor as of July 2005. Given departmental changes in roles, Constant
has become IT Audit Manager as of 1 July 2006. Liberty Global Europe is the owner of UPC
Broadband and Chellomedia and is active in 13 European countries.
Constant has been strongly involved in preparing UPC Swiss (Cablecom) to become SOX
compliant. On a European level, Constant has been involved in the service level
management of local entities with the European shared service center in Schiphol-Rijk.
Constant is also experienced with the review of SAS70 declarations.
Constant has been involved as lead auditor and/or team member in audits on IT General
Controls reviews and operational audits in several European offices (e.g. Amsterdam,
Dublin, Limerick, Bucharest, Warsaw, Zurich, etc.) and the shared service center (invoicing)
Constant has been the lead writer on the Office Review work program to review new entities
and a Revenue Assurance review program to analyse the revenue chain.
Constant also has participated in designing, consulting and actual performing of Sarbanes
Oxley test work on IT, financial and operational areas of control. Constant has reviewed the
IT controls at the LGI headquarters in Denver (USA).
2002 – 2005
Euronext Amsterdam, Internal Audit Services. Constant joined the Internal Audit
Services of Euronext as IT Auditor in May 2002, was promoted as Senior IT Auditor and left
the organisation in June 2005. Euronext N.V. is the merger of the bourses of Amsterdam
Stock Exchange, Brussels, Paris, and Lisbon bourses, and the London Derivatives Market.
The Internal Audit Services performs audits in all Euronext locations including the
outsourced IT activities of AtosEuronext. Given the full integration of IT and operational
processes (all Euronext market have migrated to electronic screen trading), most audits
require an integrated approach of IT, operational and financial audit skills.
Since all IT development and operations of Euronext has been outsourced, Constant has
gained extensive experience in service level management, partner relationships and vendor
selection of outsourced activities (core IT systems, ERP, billing, etc.). Constant is also
familiar with SAS70, Third Party Memorandums, Enterprise-wide Risk Management, IT
legislation and Compliance.
Constant’s reports on the audits on the core trading systems have been send by the
Management Board of Euronext to financial regulators such as the Dutch Authority Financial
Markets. Constant has been lead auditor on audits on critical business systems and
business processes such as the stock exchange and derivatives trading systems, financial
systems (e.g. CODA Financials, billing & collection of trading fees), data center operations
and historical databases.
Other audits have been the verification of the completeness of revenues for FY 2005 of all
SBUs of Euronext, investigations of trading disruptions and the review of the Systems
Constant also participated as auditor/quality assurance consultant into project teams,
vendor selections and has given support to the corporate security officer.
1998 - 2002
Arthur Andersen Accountants, Technology Risk Consulting, Amstelveen. Constant has
performed the position of IT-auditor and consultant. Constant joined Andersen in October
1998 and has build up an extensive experience in IT audits, Revenue Assurance reviews,
operational audits and consultancy engagements in the telecom, media and entertainment
industry. As part of a financial audit team on financial yearly statements of various
organisations (e.g. trading, manufacturing, lease, banking organisations), Constant has
performed IT audits and data analyses.
Constant has been strongly involved with outsourcing relationships in telecom companies
(inter- operator connectivity, IT and billing) and with the Dutch government (shared IT
service center of the Department of Defense).
During these engagements Constant has gained deep knowledge of business processes of
telephony operators, cable television companies and Internet Service providers. Constant
has large experience in reviewing various billing applications, mediation platforms,
telephony switches, cable modem platforms, technical IT security and network
Constant also has experience with auditing and advising E-Commerce companies, mainly
on IT security, data protection and integrity, and efficiency of the business process.
For the Royal Dutch Navy, Constant has written 6 information security plans for critical
business information systems during a 9 month period. These information security plan
were based upon the method developed by the CCTA (founders of ITIL) for performing a
risk based approach for information security (CRAMM). These security plans included
security aspects of outsourced activities.
Lodder & Co Registeraccountants, Nieuwegein, in the position of assistant-accountant.
From March 1998 till September 1998. Constant performed financial audits and accounting
1997 - 1998
Accountantskantoor Admiraal, Castricum, Constant fulfilled the position of assistant
accountant. Constant was hired for a year project starting in February 1997 and ending in
February 1998. Constant was in charge of implementing a bookkeeping application
involving about 300 different financial administrations. For this system he maintained the
standing ledger data and programmed the templates for the report generator to produce
annual reports and financial statements. Constant also performed several consulting
assignment in this position.
Constant has been editor for a financial accounting magazine of the accounting students association of the Erasmus University (Pacioli) for three years and has written articles on IT security and e-Commerce. Constant also has designed and maintained the website for this accounting students association.
· Dutch (naturally speaking and writing)
· English (fluently in speaking, writing and reporting)
· (French is on my wish list)
· IIA Conference 2007
· EuroCACS 2006
· Auditing of Oracle Financials, November 2005
· Internet Security Scanner, October 2000
· CRM Basic, Arthur Andersen, 1998
· All round financial auditing
· Operational review
· Privacy and security reviews
· IT/Revenue Assurance/Operational audits on technical infrastructure and business processes (service delivery, billing & collection) of telecom operators regarding telephony, CATV, pay-per-view, en Internet services (ISP, web hosting).
· Expert knowledge regarding frameworks and methodology such as ISO 17799/27001, CoBIT, ITIL Service Level Management and PRINCE2 Project Management.
· Review of accounting systems and consolidation applications, such as Oracle Financials and Hyperion Financial Manager, financial spreadsheet controls, etc.
· Data analyses using computer aided audit techniques as ACL software, MS Excel and MS Access.
· IT Forensics supporting Fraud and Integrity investigations of forensic accountants with the use of specialist forensic software (Encase) and review of system loggings.