A while back, I noted some reasons why people hate auditors. Well, you can hop those hurdles, and be an auditor that people love or at least respect. Here’s how:
- Smile and use people’s names. Smiling says you’re a happy, pleasant person, who puts the interests of other first. Smiles put people at ease, and everyone loves the sound of his name–so use it often.
- Keep your meetings short and focused, and publish an agenda before the meeting. Arrive at meetings early and be prepared (papers, projector, etc.). Occasionally bring good food.
- When someone complains, ask questions to understand the complaint, the reason behind it, and how to fix it. Then fix it.
- Ask auditees what you can do to make their jobs easier, then do it.
- Avoid nitpickiness and aid understanding by continually asking yourself and your auditees, What’s the risk? If you can’t describe what could happen and the probability of it, think again. Keep the big picture in mind.
- Never surprise an auditee with a finding; make sure you discuss it before you report it. This is fundamental, but some auditors still forget this.
- Before you ask an auditee to explain a technical issue, Google it first. You may find your answer, have to only ask for minor explanation, or at worst, can ask a more intelligent question.
- Listen more than you talk. When you do talk, be brief, explain what you need, and why.
- Don’t ask for data or a person’s time before you need it. If you don’t really need something for a week, tell the auditee that. I’ve never had someone put me off and deliver late when I asked early and told them when I REALLY needed the data.
- Don’t audit departments during busy times (e.g., never audit payroll in January as it is running and sending W2 forms). Remember, audit serves the business, not the other way around.
- Don’t throw your weight around. An auditor should always keep in mind that he is “here to help” (not harp).
- Deliver more than you promise (in this case, more than 10 ways).
What tips can you add to this list?
P.S. These tips even make security pros lovable too!
Top 10 Bad Jobs (Difference between sys admins, security pros, and auditors)
3 responses to “Top 10 Ways to be a Lovable Auditor”
13. Don’t find anything and don’t raise any recommendations!
Now that’s a real audit monkey! When you do that, you won’t be loved, you’ll be laughed at!
I prefer the monkey wrench approach.
Pingback: New IT Auditors Should Start Here | ITauditSecurity