Tag Archives: interview

CISA Does NOT an IT Auditor Make

cisa study guide, tipsPassing the CISA exam does not make you a good IT auditor anymore than passing a driving test makes you a good driver.
Passing either exam says that you know the basics, but you still have a lot to learn.

Most likely, you still don’t know how and when to use what you know and apply it to the current situation. That’s why experience is necessary. Lots of it.

I’m going on a rant here, so reader beware. If you read on, make sure you hang in there until I make my main point in the end.

You just won’t feel the love right away…

Continue reading

Advertisements

6 Comments

Filed under Audit, Certification, Employment, How to..., Technology, Written by Skyyler

10+ Signs Mgmt Doesn’t Really Support Analytics

mgmt doesn't support analyticsYour management says it wants more analytics, but does it really support analytics? Here’s 10+ signs that indicate that your mgmt:

  • Does NOT knows what it takes to get analytics off the ground
  • Believes that analytics multiply like rabbits, naturally
  • Is NOT willing to make the adjustments required to deliver and sustain real value.

Continue reading

5 Comments

Filed under Audit, Data Analytics, How to..., Technology, Top 10, Written by Skyyler

Hiring Auditors Who Can Think

Nthinkorman Marks, of the Institute of Internal Auditors, likes to hire auditors who can think.

You should too.

How does he do it?

Continue reading

5 Comments

Filed under Audit, Employment, How to...

Bruce Schneier Useless Fun Facts

If you have any idea of who Bruce Schneier is, you have to check out http://www.schneierfacts.com/. It is useless funny facts about Bruce a la Chuck Norris. Try not to LOL.

Continue reading

2 Comments

Filed under Humor/Irony, Security

Can U Do This Job?

While reading a job description for an IT security analyst recently, I noticed that the details were somewhat vague. The position required so many years of the usual security requirements and experience with routers, firewalls, IPS, but it didn’t mention which ones.

Then I saw this statement, which explained the vagueness:

Continue reading

4 Comments

Filed under Employment, Security

IIA Basics for Auditors

The  Institute of Internal Auditors (IIA) has back-to-basics articles for new auditors (and like Dummies books, the topics can be a reference for the rest of us). Even security pros might want to read a few of these to better understand their auditors, or how those auditors should be doing their jobs.

The topics are as follows (no special order):

Continue reading

4 Comments

Filed under Audit, How to...

More Pain, No IT Auditors Hired

I don’t make this stuff up…

In a recent phone interview where I was trying to hire a IT SOX auditor for a short-term project, I had asked most of my interviewing questions. So I asked the candidate, “Do you have any questions for me?”

“You said that this project consists solely of testing IT SOX controls. SOX is now 5 to 6 years old. What is driving this project?”

I swallowed my surprise, and answered, “SOX compliance – annual testing requirements.”

“Oh,” said the consultant, “That makes sense.”

[You know what that means, don’t you? More interviews. Help!]

Related Posts:

Interviewing IT Auditors

Bad Interviews Qs

More IT Auditor Interviews…

Pain of Letting (Auditors) Go

4 Comments

Filed under Audit, Employment