The growing complexity of information systems requires an extremely comprehensive and detailed audit programme. IT Audit has become much more a consultancy function and is sometimes housed within the consultancy practice.
What will I be doing?
The IT Auditor can expect to become involved in a wide variety of assignments. Apart from the audit itself, these include:
- Design of interrogation programme;
- Troubleshooting and providing expert advice to audit teams;
- Systems – Security Reviews – Establishing the existence of computer based controls;
- Systems Strategy – Analysing and specifying clients’ systems requirements;
- Technical and Training – As experts, computer auditors are often involved with both clients and staff;
- Systems implementation.
What will I gain?
Within such a department, you will be exposed to the largest and most technically advanced systems and languages and will thus develop a high degree of technical knowledge. Systems being at the very heart of a company, you can expect to gain a good insight into the workings of some of the largest and most successful organisations. Experience of working within a large firm will help to build your team spirit and working closely with clients will improve personal and communications skills. As you become more experienced in this area, you can also expect to command a considerable premium over salaries in other departments.
Where will it lead me?
IT auditors are always in tremendous demand by the accounting firms and, with the reliance placed in systems in other organisations, the same is very much true in commerce and industry. There is also a reasonably open career path across to mainstream consultancy where you could expect either to specialise in a particular computer related field such as strategy or security or perhaps move towards industrial sector specialisation.
What do they want from me?
ITĀ Audit has always been understaffed and, realising this, firms are starting to drop their previous demands that everyone be experience prior to their recruitment. Generally speaking, they are now looking for people with experience of larger audits and either experience with or an interest in systems. They are prepared to take such people, not only at newly qualified level but also several years post qualification, such is the current demand. There is also an increasing tendency for these departments to be staffed by non-chartered people; many come from internal computer audit departments of large organisation and may well be qualified under CACA, CIMA or possible be unqualified. Others, particularly those on systems strategy, may have trained in consultancies or come through as systems Engineers or Programmers.