The path to becoming an information systems auditor

Looking for IT career advice? Post your question here, and we'll get our experts to answer. We regret, however, that some questions may not be answered due to insufficient information.

Q. I want to build my career in information systems auditing. Since a requirement of the Certified Information Systems Auditor (CISA) certification used to be two years of hands-on experience, I began working at a systems admin job.

But now I understand the ISACA board has since changed its criterion to five years of auditing experience.

How can I get to become an information systems auditor?

Career advice from Tay Kok Choon, country manager of JobStreet Singapore:
An information systems auditor compliments the effort of auditors by carrying out a systematic and independent review of a company’s accounting records and financial statements.

One can be engaged in either external or internal information systems auditing.

External audit work includes statutory audit, management of audit activities and consultancy. Internal audit is primarily responsible for checking a company's accounting and business support system for compliance, accuracy and efficiency.

One can enroll into the profession by taking the appropriate examinations or developing a specialization after pursuing an auditor's career.

Personally, I am not sure if a systems admin job will position you well for the profession. However, it is without doubt that the job will enable an individual to have a better understanding of systems supporting business operations, but the skills and knowledge are best acquired through formal studies and professional assessment coupled with some years of hands-on experience.

May I recommend that you start pursuing some professional studies or join the profession at entry-level and grow your relevant experience along the way.