Certification - June 2008 - (Page 12) DEAR TECHIE Switch to Auditing Will Pay Off in Long Term Dear Techie, I am looking for some sound advice regarding CISA and the IT auditor. I am considering moving into IT auditor as a career option. I have been working in IT for the last eight years, but mostly in network support. I would like your opinion on whether IT audit would be a wise career move; and furthermore, judging from my work experience, would I be able to apply for CISA certification? Thanks for your time. Regards, Donald Chodeva Ken Wagner: To become a certified IT auditor, I would recommend an auditing certification such as the CISA. However, there are more general audit qualifications such as the Certified Internal Auditor offered by the Institute of Internal Auditors. Or there’s a more specialized qualification program offered by (ISC)2 that includes the CAP, the SSCP or the higher CISSP certification. Combine any of the above certification programs with other IT professional certifications and this will only enhance your chances of entering the field. The CISA is internationally recognized, and it’s reinforced by the fact that you can’t just sit for the exam at a normal testing center, but at set ISACA-named centers only at set periods. Getting CISA status is not as easy as just passing an exam. ISACA says: “A minimum of five years of professional information systems auditing, control or security work experience (as described in the job practice areas) is required for certification. Substitutions and waivers of such experience may be obtained if certain education and general IS or audit experience requirements are met.” I must point out that you are moving from one area of IT where you have eight years experience to another field of IT: Do not expect an easy or smooth transition. You’ll be moving from a hands-on job to one where you’ll be assessing systems and then handing over your findings. Plus, your salary may drop as you’ll be entering the field at an entry-level position. While the IT auditing field isn’t everyone’s cup of tea, it is still a good field to get into, especially since it is one that is rapidly growing due to companies’ increasing awareness of security and the need for legal compliance. Wayne Anderson: No matter your level of experience with information security, I would encourage you to start preparing in this area. One of the key things about a certification is that part of the credential is to certify your experience in the subject matter. I would advise starting with a lower level certification (or two, depending on your budget and time available) and working up to the CISA. My recommendation for your first credential in this space would either be the CompTIA Security+ or the GSEC from GIAC. Security+ is one of the worst-written exams I have sat for in terms of the lack of polish; however, it has a more comprehensive set of material than many credentials that have a more senior placement in the industry. You are building a solid footing to make sure this is something you have a basic understanding of and something you will be interested in long term. The CISA has a cost both in terms of sitting for the exam and the extensive study required. At the same time, the rewards of the CISA credential also could be significant, depending on your expectations. Certification Magazine’s 2007 Salary Survey indicated that individuals with the CISA earned, on average, $98,740. CISA-certified folks are in demand, too. At the time of this writing, a search on the keyword “CISA” on each of the major search engines turned up voluminous results, including 1,277 listings on one first-tier employment site. I would caution you to temper your enthusiasm with the knowledge that using the CISA to get a job will only help you go after one of these positions in combination with experience. Until then, expect your CISA to be a key to entry-level positions that will pay off in the long run with increased salary and desirability as an experienced employee. 8 Wayne Anderson is a highly certified instructional consultant and the certification lead for Avanade, a global Microsoft consultancy. Ken Wagner is an IT network manager and parttime IT lecturer in the United Kingdom. He has lived in the United States, Asia and Europe. To pose a question to Ken and Wayne, send an e-mail to DearTechie@certmag.com. 12 CERTIFICATION MAGAZINE June 2008
Table of Contents Feed for the Digital Edition of Certification - June 2008 Certification - June 2008 Editor's Letter Contents Data Stream Tech Careers Academic Connection Dear Techie Virtual Village Online Degrees: Are They Right for You? Inside Certification New Opportunities and Challenges: Are Application Developers Ready? Interface Where Have All the Help Desks Gone? Ad Index Endtag Certification - June 2008 Certification - June 2008 - (Page Intro) Certification - June 2008 - Certification - June 2008 (Page Cover1) Certification - June 2008 - Certification - June 2008 (Page Cover2) Certification - June 2008 - Editor's Letter (Page 3) Certification - June 2008 - Contents (Page 4) Certification - June 2008 - Contents (Page 5) Certification - June 2008 - Data Stream (Page 6) Certification - June 2008 - Data Stream (Page 7) Certification - June 2008 - Tech Careers (Page 8) Certification - June 2008 - Tech Careers (Page 9) Certification - June 2008 - Academic Connection (Page 10) Certification - June 2008 - Academic Connection (Page 11) Certification - June 2008 - Dear Techie (Page 12) Certification - June 2008 - Dear Techie (Page 13) Certification - June 2008 - Virtual Village (Page 16) Certification - June 2008 - Virtual Village (Page 17) Certification - June 2008 - Online Degrees: Are They Right for You? (Page 18) Certification - June 2008 - Online Degrees: Are They Right for You? (Page 19) Certification - June 2008 - Online Degrees: Are They Right for You? (Page 20) Certification - June 2008 - Online Degrees: Are They Right for You? (Page 21) Certification - June 2008 - Online Degrees: Are They Right for You? (Page 22) Certification - June 2008 - Online Degrees: Are They Right for You? (Page 23) Certification - June 2008 - Inside Certification (Page 24) Certification - June 2008 - Inside Certification (Page 25) Certification - June 2008 - New Opportunities and Challenges: Are Application Developers Ready? (Page 26) Certification - June 2008 - New Opportunities and Challenges: Are Application Developers Ready? (Page 27) Certification - June 2008 - New Opportunities and Challenges: Are Application Developers Ready? (Page 28) Certification - June 2008 - New Opportunities and Challenges: Are Application Developers Ready? (Page 29) Certification - June 2008 - Interface (Page 30) Certification - June 2008 - Interface (Page 33) Certification - June 2008 - Where Have All the Help Desks Gone? (Page 34) Certification - June 2008 - Where Have All the Help Desks Gone? (Page 35) Certification - June 2008 - Where Have All the Help Desks Gone? (Page 36) Certification - June 2008 - Where Have All the Help Desks Gone? (Page 37) Certification - June 2008 - Where Have All the Help Desks Gone? (Page 38) Certification - June 2008 - Where Have All the Help Desks Gone? (Page 39) Certification - June 2008 - Where Have All the Help Desks Gone? (Page 40) Certification - June 2008 - Ad Index (Page 41) Certification - June 2008 - Endtag (Page 42) Certification - June 2008 - Endtag (Page Cover3) Certification - June 2008 - Endtag (Page Cover4)
For optimal viewing of this digital publication, please enable JavaScript and then refresh the page. If you would like to try to load the digital publication without using Flash Player detection, please click here.