1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Auditor training

Discussion in 'Training & Development' started by aestudiar, Dec 22, 2013.

  1. aestudiar

    aestudiar Byte Poster

    103
    0
    9
    Hello,
    does anyone know of a certification in IT audit that requires no experience? I've seen the CISA, but it does require experience.
    Thanks!
     
  2. SimonD

    SimonD Terabyte Poster Moderator

    3,463
    397
    199
    I have to ask, why do you think you can be an auditor without any experience? After all you're supposed to actually know what you're talking about and that generally comes from experience.

    I for one wouldn't want an auditor with no experience coming in and telling me I was doing it wrong, first of all I would just bloody laugh at him and then I would throw him off site and tell the auditor to get someone with some experience in.

    Sorry to be harsh but would you trust someone who is supposed to be coming in advising you on something if they didn't have the relevant experience?
     
    Certifications: CNA | CNE | CCNA | MCP | MCP+I | MCSE NT4 | MCSA 2003 | Security+ | MCSA:S 2003 | MCSE:S 2003 | MCTS:SCCM 2007 | MCTS:Win 7 | MCITP:EDA7 | MCITP:SA | MCITP:EA | MCTS:Hyper-V | VCP 4 | ITIL v3 Foundation | VCP 5 DCV | VCP 5 Cloud | VCP6 NV | VCP6 DCV | VCAP 5.5 DCA
    WIP: VCP6-CMA, VCAP-DCD and Linux + (and possibly VCIX-NV).
    Sparky likes this.
  3. aestudiar

    aestudiar Byte Poster

    103
    0
    9
    So, which are the pathways to enter the audit profession? And we come back to the eternal question:
    1. If a certificate by itself is no warrant of knowledge (I agree with this to some extent), then you don't get the job.
    2. If you have no experience, then you don't get the job.

    So how do you get the required experience?
     
  4. SimonD

    SimonD Terabyte Poster Moderator

    3,463
    397
    199
    You work around the field, not directly in it.

    If you want to be doing security work for instance you don't just walk in to a security role, you tend to come in to it from a sys admin type role or something similar, the security guys I work with and I work with a lot as I work in an industry that requires a lot of active security (financial related) all have back grounds in systems work, whether that's as a Systems Admin, Help Desk (one of the guys worked EUC before moving into a junior Security role) to get some experience.

    I would expect the same approach with an auditor, he needs to have an understanding of the technologies that he is supposed to be advising against, what's possible or not possible, obviously he isn't the font of all knowledge when specific technologies are concerned but he needs to be the kind of person that knows that something is possible or not.

    And I am sorry for this to sound harsh but certification isn't used as a means of getting a role, it should be there as a means of proving your experience.
     
    Certifications: CNA | CNE | CCNA | MCP | MCP+I | MCSE NT4 | MCSA 2003 | Security+ | MCSA:S 2003 | MCSE:S 2003 | MCTS:SCCM 2007 | MCTS:Win 7 | MCITP:EDA7 | MCITP:SA | MCITP:EA | MCTS:Hyper-V | VCP 4 | ITIL v3 Foundation | VCP 5 DCV | VCP 5 Cloud | VCP6 NV | VCP6 DCV | VCAP 5.5 DCA
    WIP: VCP6-CMA, VCAP-DCD and Linux + (and possibly VCIX-NV).
  5. aestudiar

    aestudiar Byte Poster

    103
    0
    9
    Thanks, that's very informative.
    I don't currently work in the field, though, but I'm studying 2 Masters:
    * MSc in Information Security. The Royal Holloway, University of London.
    * Advanced Computer Security and Digital Forensics MSc. Edinburgh Napier University.
    Plus preparing some certifications on my own (Security+, ITIL foundation, etc.).
    Ideally, I'd like to move into the industry next year, once I finish one of the dissertations.
     

Share This Page

Loading...