General discussion

  • Creator
  • #2292495

    Ground Level Position in IT Auditing


    by eddie_is_okay ·

    Hi, I have over 6 years work experience as a IT Network System Admin/Support. I have been looking very closely at steering my career into more of a CISA/CISSP/IT Security Auditing direction.

    Recently the internal auditing department where I work have an opening for an auditor/assistant working for the auditors there. To be very honest I don’t know much about them. They all seem to be CA’s and CGA’s. They work on policies and procedures for my workplace.

    I am considering applying for the position even though it might be a big step down and pay cut. But it sounds like a job that might be worth much more as far as relevant experience for pursuing my career goals.

    Do you think I am right in my assumption or incorrect? Is IT Auditing very different than “tradiitonal” auditing?

All Comments

  • Author
    • #3322994

      Reply To: Ground Level Position in IT Auditing

      by uofm ·

      In reply to Ground Level Position in IT Auditing

      You say CISA/CISSP… but what exactly do you want to do in term of security? IT Auditing can be very broad. I work for a mgmt consulting firm that caters to the Federal government, and I perform technical audits. Basically look throught router/firewall logs and interview network/sys admins to make sure their operations/controls/policies are compliant with federal regulations. So for this, you really need to have a technical background (RACF, Cisco, IP etc..). However, my counter part actually is a PMP and he performs audits on policies and procedures (like you mentioned) to ensure business owners have the proper plans in place to conform to Federal/agency level regulations (i.e. FISMA).

      I’m not sure what you mean by “traditional” audits.. unless you’re refering to financial/legal audits that most corporations go through.

      • #3324226

        Reply To: Ground Level Position in IT Auditing

        by eddie_is_okay ·

        In reply to Reply To: Ground Level Position in IT Auditing

        Thanks for that reply. I was worried no one knew what I was talking about. I was hoping to do something similar to what you do once I get more experience under my belt. Thats why I was looking at the CISA and CISSP. I have 6 years, but I still feel I need more. Every additional year of experience makes me much better at what I do.

        I guess by “traditional” I mean financial and legal audits. I can’t see this department doing anything else.

        Basically, I have a technical background but not much else. I haven’t done much as far as IT audits other than security scans. I also did a couple of policies up for my work area.

        This position looks like a heavy administrative position providing support for the Auditing Director and his staff. I thought it might expose me to how auditing works. The systems and procedures of what is involved.

      • #3324073

        Appreciate your kind help

        by sdhanraj ·

        In reply to Reply To: Ground Level Position in IT Auditing

        Hi uofM,

        I am really trying to find an area in information technology that would endure
        as a career. Your expertise is tied to the federal government and involves

        Two necessary and well funded areas as of today.

        Would you be kind enough to suggest how I should go about started in this area.
        (eg. recourses to study books, courses etc.)

        What areas would you think would find most useful for this.

        I have my mcse NT and BS in biochemistry, healthcare experience, could buckle
        down and finish my CCNA. I just got cruelly laid off from my hospital job
        pending investigation. I’m sure that I will get my job back but this was a
        tremendous wake up call and I don’t to be at people’s unscrupulous mercy.

        Thank you kindly and I am located in NY Long Island.

        Thanks kindly 🙂

Viewing 0 reply threads