What does an ENSIA audit provide?
Local government bodies in many areas must annually account for the state of affairs regarding information security. ENSIA stands for Uniform Standard Single Information Audit.
One of the goals of ENSIA is to reduce the audit burden for municipalities by replacing individual audits with a single audit. This relates to the so called vertical accountability of local government to national supervisors such as Logius. Another aim is to stimulate the horizontal accountability of the official organization to politics (city council). Eurofins supports municipalities with ENSIA.
The design of an ENSIA audit
Our approach starts by assessing the results of a self-evaluation: Eurofins looks whether a local government body is ready to carry out the formal ENSIA audit.
During the ENSIA audit itself, Eurofins assesses the in control statement to issue an assurance report based on this. The ENSIA audit results in an assurance report with the in control statement. The audit is performed by qualified auditors (RE and/or CISA) according to Guideline 3000 of NOREA.
The benefits of an ENSIA audit:
- We exceed the notional requirements of the audit
- We support local government in the self evaluation stage
- One audit party for all individual topics such as DigiD and SUWI