I was checking out the latest post of my new blogger colleague from London, Audit Monkey, and read the following….
I’m sitting here in reflective mood thinking what the ‘Top 10′ worst possible jobs could be. Here’s my list.
10. Internal Auditor
9. Internal Auditor
8. Internal Auditor
7. Internal Auditor
6. Internal Auditor
5. Internal Auditor
4. Internal Auditor
3. Internal Auditor
2. Internal Auditor
1. Internal Auditor. Sorry, late correction, Senior Internal Auditor.
That gave me a good chuckle. Check out the rest of his post here. The only job that is worse is a senior internal auditor that is hiring and managing IT audit contractors. I don’t want to get started on contractors…
Although being an internal auditor can be a sad job, I’ve had some other jobs that had their ups and dips. Here’s the differences I’ve noted between them.
System/Network Administrator – The only time people come to see you is when something is wrong and they want to see you strung up, even though it’s usually caused by a ID-ten-T error* from a user in their own department who ignored some IT policy.
Admins have access to almost everything on the network, servers, etc., so even though it’s a thankless, 24 x 7 job, they are in control. The destiny of others is in their fists. Most admins have gone to the LAN closet and unplugged the network connections of their enemies once or thrice, or had them blocked from reaching the Internet accidentally.
Information Security Analyst – Most of the time, these guys are chasing others. When they attend a meeting, everyone hopes he’s not the target. Like auditors, security folks usually bring bad news that no one wants to hear or fix.
Normally, the security analyst is given no access to anything (segregation of duties), but that’s okay, because he knows how to steal the access he needs. That’s the fun of being the security guy, all the hacking and pentesting (with a GOOJ card of course), but the downside is that he has to help fix it. Security problems are always his to deal with, regardless of who caused it. Security is also a 24 x 7 job.
Auditor – Do I really need to go into this?
Auditors are the homing pigeons that everyone wants to shoot due to their bad tidings they bring. Bad tidings of how management and staff ignored common sense, policy, regulations, and their mom’s advice, and did it their own way by the edge of their pants.
I’m always humored that auditors, like news reporters, simply report on what’s happening. They don’t make it up, they just shine a really bright light on it. And for some reason, it’s always the light bearer’s fault.
Auditors usually aren’t given much access to systems and the like, but they can ask for and be given access to pretty much anything per the audit charter. That seems to sober people up, and it I’ve found mentioning it is usually enough; I’ve never had to produce the audit charter and wave it at anyone.
Unlike the security guy, the auditor gets to find the problems, but doesn’t have to fix them. He makes his recommendations, and goes home and eats supper. Usually a 9 to 5 job. Ain’t so bad after all.
* For those not familiar with this help desk term, write it out: I D 10 T