Careers After IT Auditing

life-after-it-auditRecently, a reader named Porak asked me what careers IT auditors can move to when they leave auditing (see the original question here).

I couldn’t find much on the Internet on this topic, but there’s a lot of options.

I’ve actually worked in quite a few of the areas mentioned below…


If you’re skilled in general IT, you should consider the following fields, depending on your specific IT auditor skills and years of experience. Bold text indicates you’d probably need to possess a high level of skill in that area already to make a move.

  • Business Continuity Planning/Disaster Recovery* – help departments do risk assessments, business impact analyses, and create and test BCP/DR plans, and update them.
  • Compliance, Risk Management, or Information Security* – all these departments need people who understand policies, standards, risk, controls, running technical projects, research, etc.

Here’s one of the few articles on found re: life after IT audit:

  • Vulnerability Assessor or Penetration Tester* – Run vulnerability scans and try to break software/hardware manually and/or with tools.
  • Technical Writing* – Documenting manufacturing processes, computer operation manuals, training materials, etc. Assuming you have excellent interviewing and written communication skills.
  • Training – teach others how to use computer systems, software, hardware, etc.
  • Data Analytics* – most departments are doing some type of analytics these days.
  • Management* – easy to move into if you managed or mentored people when you were in audit.
  • Process Improvement – usually auditors identify problem areas that can be made more efficient as part of some audits, so this may be a possibility.
  • Merger integration – Assist your company acquire another company, working through the redundant networks, IT systems, personnel, etc. I list this one as an example that almost anything is possible, especially since one IT audit director I know just moved within the same company to this very position.

*These are positions I’ve held prior to my experience as an IT auditor. The only exception is Data Analytics, which I did not get into until I was in IT audit. In my case, all this prior experience made me a better IT auditor, but it works the other way around too.

I’m sure I missed several other careers.

Who can add a few more, with a short description of why you think it’s a valid option for a IT auditor to aspire to?



Filed under Audit, Employment, How to..., Technology

5 responses to “Careers After IT Auditing

  1. Hello sir,

    I have a few questions about IT Auditing. I have done my SOX certification. What will be the next step I should take? Also I have been applying for jobs but no luck yet but I’m not giving up. Since I don’t have any job experience. Please do let me know your concerns.



  2. Bill Dwight

    What a great blog!


  3. Pingback: Top 10 Reasons Why Being an IT Auditor is So Hard | ITauditSecurity

  4. Audit Monkey

    Become normal, well adjusted people?


Leave a Comment

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s