Passing the CISA exam does not make you a good IT auditor anymore than passing a driving test makes you a good driver.
Passing either exam says that you know the basics, but you still have a lot to learn.
Most likely, you still don’t know how and when to use what you know and apply it to the current situation. That’s why experience is necessary. Lots of it.
I’m going on a rant here, so reader beware. If you read on, make sure you hang in there until I make my main point in the end.
You just won’t feel the love right away…
If you’re looking for an IT Audit job, here’s how to use LinkedIn to get noticed.
In a nutshell, you need to enhance your LinkedIn profile so that everyone knows you’re working hard at learning IT auditor skills.
If you’re already working as an IT auditor, use these suggestions to get noticed more and move ahead (or into another company with more opportunities).
I get asked all the time, “How do I get a job in IT audit with little or no experience?”
When Michael Onuoha asked me this question (see here), I thought I’d share my response with my readers.
You’ll find these same answers scattered around the blog as I answered people in the past, but I thought I’d pull it all together into one place.
Breaking into any field can be difficult, but it can be done. Especially when the demand for IT auditors is so high.
If you’re a new IT auditor or want to become one, I’ve listed a number of my earlier posts for your consideration. If you’re an experienced auditor, here’s an overview of the profession through my eyes.
These posts will:
- Provide basic information regarding IT audit and security and links to other sources.
- Help you avoid some of the hidden pitfalls that control owners and auditors face.
- Give you ideas and approaches for some common and uncommon audits.
- Give you a few chuckles.
If you start at the top and read through each post, you’ll get a good taste of the positives and negatives of IT auditing. Since you can’t do it in one sitting, yoo could bookmark the list and work your way through it as you have time.
Several of my friends passed the CISSP exam recently, and told me that it isn’t as technical as I told them it would be.
They said it was more of a security manager certification.
Effective April 15, 2015, the CISSP Common Body of Knowledge (CBK) is changing, which affects the CISSP exam and CPEs.
ISC2, the organization that awards the CISSP certification, provides 1 FREE webcast about the 10 CISSP security domains, as well as several FREE webcasts about the CISSP concentrations.