Hi folks, it has been a while since I posted. I’m not dead or in solitary confinement.
I’ve just been busy studying Python, and it has taken a bit of my time.
I’ll post something soon….
Anybody else working on Python?
-
Join 1,312 other subscribers
Quick Links
-
Recent Posts
- My Python Journey, Part 2
- Battle of the AI Bots
- My Python Journey, Part 1
- Where’s Mack?
- Most Popular Blog Posts of 2021
- Shatter Silos to Identify More Risk
- Software Components NOT Removed from Servers
- ACL Table Already Open error message
- My Favorite ACL Tricks
- Quote: Not Concerned about General Ledger Changes
Top 7 Posts
Categories
Links
Blogroll
- Audit Monkey (not real active) The life and times of an Internal Auditor
- risk3sixty IT audit blog
- SANS Handler's Diary Daily security pulse
- Security Monkey (not active, but still good content) Great security blog
ITauditSecurity · IT audit/security/analytics/analysis, HOW-TOs, humor, and a whole lot more…
ITauditSecurity 
Congratulations! Finally you made it! I remember somewhere in your posts you mentioned that the reason you had not continued your IT security(technical) career because of the lack of programming skill. Are you learning Python for fun or work now?
I have “studied” Python for a while. Took Google IT Automation with Python training and finished it in May. I now make sure that I spend at least half an hour everyday coding so that I can turn Python programming to a habit.
LikeLiked by 1 person
Thanks for remembering that! Learning Python for work.
I need to code every day like you do. Keep that up.
LikeLike
Congrats, I have liked the move to python very much. It is definitely programming though. Juypter notebooks can make it a lot easier to baby step your way, but it is still programming. Are you using full run scripts, or do you use more of the juypter notebook exploration approach. Which IDE are you using? I have been using Jetbeans, PyCharm Community version on top of an anaconda install. I use anaconda for notebooks but pycharm for the runtime. In typical form, for me, I ran off to build as much, as fast, as I could, which means 8 years later there are fundamentals that I discover I should have been doing from the start. But it is definitely not the same as something with an interface. Anyway good luck with your progress it is a great tool.
LikeLike
Sorry for the long wait for a reply.
I use Jupyter and have used PyCharm.
I’m mainly using the Jupyter notebook exploration approach.
Thanks for the encouragement.
LikeLike
I have been in this game for quite a long time now, and can’t help but feel a sense of deja vu regarding your programming foray. It reminds me of the very same conversations that have happened a number of times over the years in the audit community. It used to be with respect to Basic programming, then SQL, and these days it’s Python. The problem is that, historically, when auditors start programming they occasionally make errors, and these are very challenging to identify.
Don’t get me wrong; I’m a coder myself, and realize the value that it can bring to a task. It’s just that a little bit of knowledge can be a dangerous thing in the wrong hands. The issues with spreadsheet errors have been well documented in the past, but identifying programming errors is a much more challenging exercise, and just as likely. This is the very reason that the audit analytics tools such as IDEA, ACL, or my tool Analyzer, were created. To minimize the amount of coding an auditor had to do.
Now you are a very technical guy, and I’m sure that you will build in appropriate controls to ensure that your results are valid, but not everyone will be. From an audit management perspective, it is very hard to assess the skills of the auditor/programmer that has submitted a result, and even the most skilled programmers make errors (I have voluminous personal experience in that area). And what about the auditor who takes over responsibility for the program in the future? Your career plans are well documented in this forum, but almost everybody moves on at some point, and maintainability is a valid concern.
Programming audit procedures is often the most expedient way to solve a problem, but it is a double-edged sword. I encourage you to continue your journey, but please be aware of the consequences embodied in that choice.
Grant
LikeLike
I’ll reply to you as part of a post, probably the next one. As usual, you got my hair up, but you make a lot of truthful and painful statements.
Always good to hear from you.
I will say this: Late last year, I asked ACL about Arbutus and the differences between them. No answer. Very telling. I want to hear it from their perspective.
I’ve always disliked how ACL manages their accounts. The account managers are not helpful and endless push their so-called “Robotics”. I sure hope your reps are better.
LikeLike
Pingback: My Python Journey, Part 1 | ITauditSecurity
Pingback: My Python Journey, Part 1 | ITauditSecurity
Pingback: My Python Journey, Part 2 | ITauditSecurity