Category Archives: Employment

Analytics Blog Debate Heating Up

A debate on this blog over analytics and the future of internal audit is heating up.

A few readers, including our colleague across the sea, AuditMonkey, have dove in, and skyller and I have responded in kind.

Well, not exactly. AuditMonkey has been more kind, to his credit. But I digress.

Continue reading

Leave a comment

Filed under Audit, Data Analytics, Employment

No Analytics, No Audit Department

dead-audit-department

If YOUR audit department doesn’t embrace data, analytics, and automation eventually, your audit department will NOT exist.

No data, no analytics. No analytics, no automation. Eventually, no audit department.

Editor Note: This post really applies to all departments in a company, but mainly I’m addressing auditors, but you might want to read between the business lines….

By embrace, I don’t mean have one or two auditors working on this. I mean the entire department.

Before you cite all the regulatory requirements mandating the existence of an audit department in companies, having an audit department in name only won’t cut it.

Having an inept audit department will not be acceptable to regulators, and it shouldn’t be acceptable to company management either. Or Audit Committees!

Companies need skilled and efficient auditors that can do the heavy lifting, and this need will only increase.

Continue reading

17 Comments

Filed under Audit, Data Analytics, Employment, Technology, Written by Skyyler

CISA Does NOT an IT Auditor Make

cisa study guide, tipsPassing the CISA exam does not make you a good IT auditor anymore than passing a driving test makes you a good driver.
Passing either exam says that you know the basics, but you still have a lot to learn.

Most likely, you still don’t know how and when to use what you know and apply it to the current situation. That’s why experience is necessary. Lots of it.

I’m going on a rant here, so reader beware. If you read on, make sure you hang in there until I make my main point in the end.

You just won’t feel the love right away…

Continue reading

10 Comments

Filed under Audit, Certification, Employment, How to..., Technology, Written by Skyyler

Require Analytic Skills to Hire and Promote 

up down arrowsUnless your department is still in the early stages of your analytics journey, analytic skills should be one of your hiring and promotion criteria.

In an earlier post I outlined 10 Signs Mgmt Doesn’t Really Support Analytics.

One of the signs is that hiring and promotion decisions are made without reference to a person’s analytic skills.

Continue reading

Leave a comment

Filed under Audit, Data Analytics, Employment, How to..., Written by Skyyler

New IT Auditor (and WannaBEs) Master List

Here’s a list of all my posts to-date related to becoming or growing as an IT Auditor, all in one place for easy reference.
I’ll add other posts as they are written.

Continue reading

11 Comments

Filed under Audit, Employment, How to..., Security, Technology

Use LinkedIn to get an IT Audit job

If you’re looking for an IT Audit job, here’s how to use LinkedIn to get noticed.

new-auditorIn a nutshell, you need to enhance your LinkedIn profile so that everyone knows you’re working hard at learning IT auditor skills.

If you’re already working as an IT auditor, use these suggestions to get noticed more and move ahead (or into another company with more opportunities).

Continue reading

4 Comments

Filed under Audit, Certification, Employment, How to..., Technology

Why Internal Auditors Should Care about Robotic Process Automation

3 Comments

Filed under Audit, Data Analytics, Employment, How to..., Technology

Audit Management Sometimes Sucks

see no evilWhen internal auditors (or those pretending to be such) do poor work and don’t follow the appropriate audit and IT standards, they are unprofessional. However, I put the blame at the feed of audit management.

Continue reading

7 Comments

Filed under Audit, Employment

How to get an IT Audit job with little or no experience

I get asked all the time, “How do I get a job in IT audit with little or no experience?”

When Michael Onuoha asked me this question (see here), I thought I’d share my response with my readers.

You’ll find these same answers scattered around the blog as I answered people in the past, but I thought I’d pull it all together into one place.

Breaking into any field can be difficult, but it can be done. Especially when the demand for IT auditors is so high.

Continue reading

26 Comments

Filed under Audit, Certification, Employment, How to..., Technology

Top 10 Reasons Why Being an IT Auditor is So Hard

tenBefore you choose a career as an IT auditor, consider my top 10 reasons why being an IT auditor is so hard.

Continue reading

3 Comments

Filed under Audit, Employment, Technology, Top 10

Careers After IT Auditing

life-after-it-auditRecently, a reader named Porak asked me what careers IT auditors can move to when they leave auditing (see the original question here).

I couldn’t find much on the Internet on this topic, but there’s a lot of options.

I’ve actually worked in quite a few of the areas mentioned below…

Continue reading

16 Comments

Filed under Audit, Employment, How to..., Technology

Auditors, Do Data Analytics or Die

If you’re an auditor, you need data analytic skills or you will die.

Or put another way, if you don’t acquire them in the next 1-5 years, you will no longer be an auditor.

Pretty bold statement, isn’t it?

Continue reading

10 Comments

Filed under Audit, Data Analytics, Employment, Free, Technology, Written by Skyyler

New IT Auditors Should Start Here

new-auditorIf you’re a new IT auditor or want to become one, I’ve listed a number of my earlier posts for your consideration. If you’re an experienced auditor, here’s an overview of the profession through my eyes.

These posts will:

  1. Provide basic information regarding IT audit and security and links to other sources.
  2. Help you avoid some of the hidden pitfalls that control owners and auditors face.
  3. Give you ideas and approaches for some common and uncommon audits.
  4. Give you a few chuckles.

If you start at the top and read through each post, you’ll get a good taste of the positives and negatives of IT auditing. Since you can’t do it in one sitting, you could bookmark the list and work your way through it as you have time.

Continue reading

15 Comments

Filed under Audit, Certification, Employment, Excel, Free, How to..., Humor/Irony, Technology

Mack Falls Prey to Phishing Email

phishing emailIt finally happened: I fell prey to a phishing email.

I actually clicked a link.

At work, no less. Not good.

Continue reading

3 Comments

Filed under Audit, Employment, Humor/Irony

How to Describe What an IT Auditor Does?

IT auditor shot serverIf you’re an IT auditor, how do you describe your job to those who don’t understand technology or auditing? Even more interesting, how do others describe your activities?

Here’s what I say, but I’m not satisfied with it:

I review computer systems and networks to determine whether they are secure and that access to those systems is limited to the appropriate people.

I review the policies and procedures that describe how those systems are used and determine whether those documents make sense, are up-t0-date, and are followed.

Continue reading

15 Comments

Filed under Audit, Employment, Humor/Irony, Technology

Hiring Auditors Who Can Think

Nthinkorman Marks, of the Institute of Internal Auditors, likes to hire auditors who can think.

You should too.

How does he do it?

Continue reading

5 Comments

Filed under Audit, Employment, How to...

2014 Top Paying Certs (United States)

Below is a list of the top paying certs for 2014 (including average salary amount).

The list is based on the 2014 IT Skills and Salary Survey conducted by Global Knowledge and Penton, completed in October 2013.

After the list, I offer a few comments on some of the certs and the salaries.

Continue reading

14 Comments

Filed under Audit, Certification, Employment, Technology, Top 10

10 Technical Resume Tips

Back in 2007, Steve Yegge listed 10 technical resume tips for people applying for technical jobs. While his focus is programmers, his tips apply to IT staff and auditors, and anyone technical.

Even though the article is 7 year old as of this writing, it still has staying power. I’ve seen each of these tips ignored in countless resumes.

It’s a long article, but very helpful and funny.

Continue reading

3 Comments

Filed under Employment

Shine Your Shoes Like a Pro

Open letter to you-know-who: Shine your shoes.

I know lots of things don’t matter much in life, and this might be one of them, but it doesn’t take much effort to put some polish on your shoes. It makes your shoes happy, it helps them last longer, and you look better too, which can translate into more confidence on your part. And being taken more seriously by others, especially people older than you.

Continue reading

2 Comments

Filed under Employment, How to...

Top 10 Cybercrime Specialist Jobs

According to the FBI, crime pays pretty well sometimes, at least for a while. And cybercrimers are hiring. Like the rest of the workforce, crooks are specializing. In this speech, Steven R. Chabinsky, FBI Cyber Division Deputy Assistant Director, discusses the top 10 crooked specialties:

Continue reading

3 Comments

Filed under Employment, Security, Top 10

Can U Do This Job?

While reading a job description for an IT security analyst recently, I noticed that the details were somewhat vague. The position required so many years of the usual security requirements and experience with routers, firewalls, IPS, but it didn’t mention which ones.

Then I saw this statement, which explained the vagueness:

Continue reading

4 Comments

Filed under Employment, Security

Avoid Hiring Paroled Auditors and CSOs

CSO magazine had a great article some time ago that I came across again entitled, How Not to Hire an Information Security Officer Who’s on Parole. After it describes some true-life hiring horrors, it provides some good points to remember about hiring:

4 Comments

Filed under Audit, Employment, How to..., Security

Quote of the Weak (Unqualified Opinion)

Some people do not understand that both diamonds and the Internet are forever. I found this statement in a discussion on LinkedIn:

I am excited about 2 interviews next week even though  I’m not fully qualified for either one.

Continue reading

Leave a comment

Filed under Employment, Humor/Irony, Quote of the Weak, Security

Pain of Letting (Auditors) Go

As I’ve mentioned already, hiring good IT auditor contractors is hard enough. But when you hire them and they can’t do the work, rolling them off the project isn’t easy either.

Continue reading

2 Comments

Filed under Audit, Employment

Most Popular Posts

I was reviewing my blog stats and noticed that posts regarding employment and interviewing were my all-time most popular posts. At first, this surprised me, but as I thought about the economy and how many people (including myself) were laid off, it made sense. Here’s my most popular posts to-date:

Continue reading

Leave a comment

Filed under Audit, Employment, Humor/Irony

More Pain, No IT Auditors Hired

I don’t make this stuff up…

In a recent phone interview where I was trying to hire a IT SOX auditor for a short-term project, I had asked most of my interviewing questions. So I asked the candidate, “Do you have any questions for me?”

“You said that this project consists solely of testing IT SOX controls. SOX is now 5 to 6 years old. What is driving this project?”

I swallowed my surprise, and answered, “SOX compliance – annual testing requirements.”

“Oh,” said the consultant, “That makes sense.”

[You know what that means, don’t you? More interviews. Help!]

Related Posts:

Interviewing IT Auditors

Bad Interviews Qs

More IT Auditor Interviews…

Pain of Letting (Auditors) Go

4 Comments

Filed under Audit, Employment

More IT Auditor Interviews…

I hear all the time how fierce the competition is out there in job land, but I’m still not seeing it. After more IT auditor interviews, I’m the one that is getting discouraged (and I’m the interviewER, not the interviewEE).

Continue reading

7 Comments

Filed under Audit, Employment

Bad Interviews Qs

I’m still thinking about the IT auditor interviews I did recently. Not only did I get frustrated with the interviewees, I struggled with my co-interviewers. I not only thought some of their questions were poor, but they branded me a “tough interviewer.”

Continue reading

5 Comments

Filed under Audit, Employment

Interviewing IT Auditors

A few weeks ago, I did several phone interviews and concluded that no abundance of skilled IT auditors are looking for jobs these days.

First, isn’t the purpose of the interview to determine what a person’s experience is, and whether that experience is a good match for the position? At least 3 of the interviewees provided negative information about themselves unexpectedly:

Continue reading

10 Comments

Filed under Audit, Employment, Humor/Irony