Skip to the content

Q&A IT audit

2-Control offers IT audit support in the broadest sense of the word. We support accountants and companies in evaluating the quality of their internal IT processes, we support companies with the implementation of GDPR and we perform audits in the area of ISAE 3402 en SOC 2.


Arno Mouwen, Rogier Haest and Jeroen de Klerk are qualified IT auditors (REs) within 2-Control.

With our targeted approach we focus on the risk areas that are most important to accountants. Partly due to Arno Mouwen's work history at one of the largest accounting firms in the Netherlands, we have a large network of accountants and our IT audit background ensures that we are a good discussion partner for accountants.


Companies have become increasingly dependent on IT processes. This is no different in your organization's business operations. These internal IT systems and the large amount of available data must be properly secured to prevent incidents and misuse. By ensuring good data security you can prevent data breaches. 

As experienced IT auditors, we can provide insight into the security risks of your internal IT systems. Then we can jointly determine what measures need to be taken. 


With audits based on various standards frameworks, we can demonstrate the quality of your data security. We do this mainly for the healthcare sector, housing corporations and IT-service organizations. 

We have years of experience performing audits in the areas of ISAE 3402, SOC 2, and GDPR.

The General Data Protection Regulation (GDPR) is a regulation for EU citizens about data protection and privacy. It has been active since the 25th of May 2018 and sets new demands on the storage and processing of personal data. You can find more info about the GDPR and how to implement the new regulation on this page.


Our RE auditors Arno Mouwen and Rogier Haest also carry the CISA title behind their names and are also allowed to conduct audits abroad.

Q&A software

With our software suite consisting of Authorization Box, Field & dataset security and Mandatory fields we offer user-friendly support for the full authorization cycle in Dynamics NAV. Our Inventory reconciliation module easily and quickly compares the connection between your sub administration for the stock and the ledger. And our Cost allocation module allows a booking to be distributed over a predetermined period. In addition, we have developed a Field Security app for Dynamics 365 Business Central.

In addition to Microsoft Dynamics NAV, our software is now also available for Dynamics 365 Business Central. Authorization software for Dynamics AX is under development. We do offer support for the authorization process for Dynamics AX.


Authorization Box is a cloud application that simplifies and accelerates the authorization process in Dynamics NAV. It is the all-in authorization solution for building, managing and monitoring authorizations. It improves the security and internal control of your ERP environment.

Authorization Box costs €1450 per year (regardless of the size of your organization and the number of Dynamic NAV users). You get three database connections and five Authorization Box user accounts.

With the Field & Dataset security module you can refine authorizations to field and dataset level. For example, you can easily split the permissions for different documents. It is an addition to Authorization Box and enables you the apply ‘waterproof’ segregation of duties in Dynamics NAV.

One-time purchase price of € 1450 + the cost of the annual maintence. These maintenance costs are invoices via your Microsoft Dynamics partner.

The Mandatory fields module makes it possible to have fields filled in compulsorily or to let them be filled in using predefined values. This prevents incomplete data and gaps in your internal data processing.

One-time purchase price of € 1450 + the cost of the annual maintence. These maintenance costs are invoices via your Microsoft Dynamics partner.

The latest version can be requested from your Microsoft Dynamics Partner or downloaded from our web portal.

No, our software is not (yet) suitable for Dynamics AX. Our focus is on Dynamics NAV. The software for AX is in development. If you use Dynamics AX, we can support you in the setup of the authorizations and gain insight into the quality of the authorizations.

Both the delivery and the invoicing is done via your Microsoft Dynamics partner.

Yes, we provide training for all our software. After that, you can start working on your own.


You can find the manual of the software on our Support page. If you would like (extra) training you can request this via our contact form.

For your support questions, please visit our Support page. By creating a ticket, your application will be processed as quickly as possible.

This is possible with Field and Dataset security. This module allows you to easily split up the permissions for different documents.

First ask your 2-Contol consultant for more or new possibilities. If you still would like to cancel the use you can contact your Microsoft Dynamics partner.

Q&A consultancy

An adequate segregation of duties contributes to the reliability of the automated data processing in your company. In Microsoft Dynamics NAV authorizations (who is allowed to do what in which systems) serve as a basis for the segregation of duties. This prevents fraud and reduces the chance of users accidentally changing important data. Ensuring that authorizations are properly set up ensures improved security and internal control and is the basis for a proper company policy.

Segregation of duties is implemented on the basis of authorizations. If these are set up properly, you limit the risks of unintentional errors and fraud. You will then know who has which rights and who has made what changes. With a good authorization structure, you can bring the security and internal control of your Dynamics NAV environment to a sound and desired level.

We have developed software for the Microsoft Dynamics NAV ERP system. With our tooling, we offer user-friendly support for the complete cycle of authorizations; from designing and constructing to managing and monitoring the authorizations.

The format of an authorization process depends entirely on the capacity and wishes of you, the customer. You can use our software on your own or ask for our support. We can offer you support in many different flexibel ways.

Yes, that is possible with the monitoring functionality in Authorization Box. This gives you direct insight into the quality of the authorizations within Dynamics NAV. This gives you a clear view of the authorizations and you can see who granted authorizations at what time.

Q&A all other questions

2-Control was founded in 2006 by Arno Mouwen and is under the direction of Arno and Rogier Haest. Prior to that Arno worked as Senior EDP audit manager at PWC where he was responsible for Microsoft Dynamics NAV customers. By establishing 2-Control, he has fulfilled his ambition by following his vision on IT audit and Dynamics NAV. 2-Control has grown into a renowned IT audit organization with a team of 11 enthusiastic and driven professionals.

If you have any questions about your invoice, please send an e-mail to Administratie @

You can register here via our website.

You can unsubscribe from our newsletter at any time via the link at the bottom of our newsletters. Or you can send an e-mail to info @