A Career in IT Audit
When you opt for a particular career, it can often feel as though you must become dogmatic with regards your own potential, without acknowledging the opportunities any one role offers. It’s true that in light of technical expertise and qualifications, many career paths appear rigid but the reality can yield quite a more varied professional journey. Thus it’s worth exploring your role of choice to understand its often multifaceted nature and breadth of possibility.
A career in IT Audit, for example, typically begins with the procurement of a technical degree and a CISA certification (Certified Information Systems Auditor) or CISM (Certified Information Security Manager) qualification. Both give a candidate an advantage in the field of IT Audit, but may also be applicable to other related areas.
The IT Audit career path itself will unfold in one of two ways; a number of aspiring IT Auditors will accept a graduate position within one of the Big Four accounting firms (PwC, KPMG, Deloitte or EY), while others may opt for a position working for a company in-house. If you choose to venture down the Big Four route, you would expect to start as an Associate before moving on in time to Senior IT Auditor, Assistant IT Audit Manager, Senior Manager, and higher along the managerial chain with the eventual view to holding the position of Director and then Partner. It is worth bearing in mind however that job titles at the Big Four and the subsequent experience they denote do not necessarily match up exactly with roles outside of those firms. Therefore, it is worth putting in a number of years at the Big Four before moving on. A large majority of IT Auditors tend to move to commercial companies following their Big Four experience.
Alternatively, you could take a position in-house within your preferred industry, by-passing the Big Four entirely. In this instance, the timeline for your professional progression would likely begin with a role as systems engineer or analyst, then IT Auditor, IT Audit Manager, Senior IT Audit Manager or AVP, VP, SVP and finally Head of IT Audit.
As for whether you decide to work in the public or private sector, each undoubtedly has its pro’s and con’s. Recruiters, however, will advise that taking the public route would be advantageous for a number of reasons. For example, launching your IT Audit career with the Big Four exposes you to a wide variety of industries across the financial services sector as well as manufacturing. As an Associate you’ll be working on projects and tasks for different companies across those industries, thus giving you an insight into which sector suits you and your skillset best. However, if you begin your career within the private sector, it poses a greater challenge to making a move into a totally new industry.
Having qualified as an IT Auditor, via either of the paths aforementioned, there are still other options of career you can pursue. The technical and soft skills and experience you derive from working within IT Audit can be transferred to roles within Information Security, Cyber Security, Technology Risk and Assurance. Given the tough regulatory climate and ever-evolving IT security landscape, you will find your expertise for these roles very much in demand.