2014 Top Paying Certs (United States)

Below is a list of the top paying certs for 2014 (including average salary amount).

The list is based on the 2014 IT Skills and Salary Survey conducted by Global Knowledge and Penton, completed in October 2013.

After the list, I offer a few comments on some of the certs and the salaries.

Continue reading →

10 Technical Resume Tips

Back in 2007, Steve Yegge listed 10 technical resume tips for people applying for technical jobs. While his focus is programmers, his tips apply to IT staff and auditors, and anyone technical.

Even though the article is 7 year old as of this writing, it still has staying power. I’ve seen each of these tips ignored in countless resumes.

It’s a long article, but very helpful and funny.

Continue reading →

Great Training at the 2014 ACL Conference

If you have ever wanted to go to an ACL conference, this is the year to do it.

Continue reading →

Teach Yourself ACL UPDATED

If you’re trying to learn ACL on your own, Teach Yourself ACL, the widest read post on this blog, has been updated.

ACL revised their website, which broke many of the links. Those are now fixed.

Until ACL does the dirty deed again (they like to change links for some reason, without redirecting the old ones).

I also updated other items that ACL has changed since the last blog update in 2012.

ACL: How to Add a Conditional Computed Field

In ACL, a conditional computed field (CCF), is basically a regular computed field with some fireworks.

It looks and acts much like a regular computed field, but has some extra parts that do some extra work. Fortunately, the extras are NOT complicated, and after reading this post, you will find that will you use CCFs frequently.

So what’s the difference?

Continue reading →

5 Things I Hate About ACL

I have 5 things I really hate about ACL. 

No, these aren’t critical issues, but I deal with them constantly, and they waste my time. All of them deal with the user interface.

Continue reading →

ACL Error: Cannot Export to Excel

Next time you get the cannot perform export to Excel error in ACL, try one of the 3 solutions described below.  The full text of the error is:

 Cannot perform the export.
You can export fields with maximum of 254 characters to Excel.

Continue reading →

Can Skyyler Not Write About ACL?

If you’re new to the blog in 2013, you might think that Skyyler is only an ACL gear-head. But he DOES write about non-ACL topics. Occasionally.

Continue reading →

ACL: How to Add Computed Fields via Script

Once you’ve mastered creating computed fields, you’re ready to add computed fields to a table via script. It is easier than it sounds.

If you need some background on computed fields, see my previous posts, What is a Computed Field? and How to Add a Computed Field (manually). Now let’s explore writing a script that adds computed fields to a table.

Continue reading →

FREE Global Security Resource Guide

ISC2.org, the organization that grants the CISSP certification, has a great, online, FREE global security resource guide.

No membership, certification, or log-in required!

Update 1-11-14: See Kim White’s comment below about availability of this resource. If it is made public, I will link to the new version. The “remove this post now” comment makes me wonder if it’s coming back for public consumption*. – Mack

Continue reading →

How to Perform Data Validation

Do you perform appropriate population validation of the data you rely on in an audit?

Population or data validation is simply gaining confidence that the data you are using in your audit contains all the appropriate data for your audit objectives (e.g., your server list includes all the SOX servers).  So how do you do it? Let’s look at an example…

Continue reading →

Auditing is a Noble Profession

While commenting on AuditMonkey’s blog, I noted that because companies often don’t do the right thing, auditing is a noble profession.

Mainly because we can right some of those wrongs.

Then I said…

Continue reading →

How to Ping a Server

If you’re an IT auditor or security analyst and you don’t know how to ping a server, then I have some words for you:

LEARN HOW!

So let’s do it.

I’m assuming most of my readers already know how to do this. If so, please answer the poll question at the bottom. If not, please read on, then answer the poll question. Thanks!

Continue reading →

ACL: Edit Scripts Easily

As soon as you create an ACL script, you often have to add to it or edit it. There’s an easy way to do it.

Continue reading →

Free CISA Prep: Self-Assessment Exam

If you’re planning to take the CISA exam, you need to take ISACA‘s own CISA Self-Assessment exam (get it here).

The exam consists of 50 questions that allow exam candidates to “assess their knowledge of the CISA job practice areas and determine in which information security areas they may have strengths and weaknesses.”

Continue reading →