Here’s my list of the top 10 reasons to be an IT auditor:
10. You have access to all systems, data, and people (with a business reason, of course). Employees rarely ignore you.
9. You can uncover fraud, mischief, ignorance, and just plain laziness. Either way, you “add value to the business” (yeah, I hate that term too, but it is what audit is about, and so appropriate).
8. You can work hand-in-hand with security to raise risk awareness.
7. You get a broad overview of all company operations and get to know people in all departments. That helps you know whether you want to stay with that company or whether to leave it before it implodes. If you choose to stay, all those contacts will be valuable in advancing into other areas of the company.
6. Sometimes your work enables IT to get the funding that it needs, which it hasn’t been able to get on its own.
5. You get to do some cool data analytics to discover misconfigurations, anomalies, trends, and more.
4. You can cross pollinate ideas from one area of the company to another (or one division to another).
3. You are able to constantly learn about technology without having to implement and support it. And when you identify problems, you get to provide guidance on how to fix them, but you don’t have to fix them.
2. You work with technology all day, but when you go home, your work doesn’t follow you. No phone calls at 2 a.m. for support.
1. It usually pays better than financial auditing!
I admit that most of these apply to financial or operations auditors also. But I think the last 3 reasons really make IT audit stand out.
What are your reasons? Or why are you glad that you’re NOT an IT auditor or any kind of auditor?