1 / 33

Slide Heading

Slide Heading. A Discussion: From Auditor to CIO . Tim Van Ryzin W. Edward Young March 12, 2014. The Dilemma. Utter the word auditor, and many CIOs cringe. After all, IT auditors are professional nitpickers who identify problems and get CIOs to fix them. . (Tim). Overview.

jalen
Télécharger la présentation

Slide Heading

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Slide Heading A Discussion: From Auditor to CIO Tim Van Ryzin W. Edward Young March 12, 2014

  2. The Dilemma Utter the word auditor, and many CIOs cringe. After all, IT auditors are professional nitpickers who identify problems and get CIOs to fix them. (Tim)

  3. Overview • 1How to audit without alienating • 2Building technical skills • 3Building soft skills • 4 Our career paths • 5Career options to make the jump • 6How to Jump (Tim)

  4. Discussion Leader Introductions • Jennifer Kovacich, IT HR Manager, Regal • Tim Van Ryzin, Dir. Security & IT Risk, Regal • Cameron Yazdani, Assoc. Director, Schenck SC • Ed Young, VP Infrastructure, Regal (Tim)

  5. Audience Poll • Who is an internal or external audit role? • Who is in a IT compliance role? • Who has been in an IT department? • Who has an MIS or Computer Science degree? What do you want to get out of this presentation? (Ed)

  6. It’s Shocking!What is the Tone? Certainly, auditors can find shocking shortcomings. Ross Wescott, now chief auditor for the Oregon utility Portland General Electric Co., has discovered a few unsavory surprises for CIOs, including a massive security hole when he was at another company. In that case, the IT department "didn't bother turning on the security at the core level," says Wescott, who helps develop the auditor certification test at the Information Systems Audit and Control Association. "They were rolling this out to core applications. The apps people thought the core people were setting security, so they didn't do it. There was no security anywhere." Fortunately, Wescott discovered the problem before anyone took advantage. (Ed)

  7. Who is the Customer? • You do you see as the Customer? • Audit Committee • CEO • CFO • CIO • Person you are Auditing (Ed)

  8. Tri-fecta to Anger the Auditee • Change scope in Mid-Audit or December • Make a huge deal out of something your are just speculating about • Raise up an issue without discussing Communicate & Validate (Ed)

  9. Audience Question When was a time you drove an auditee nuts? What could you have done differently? (Ed)

  10. How to Build a Partnership • Maintain team consistency • Spend time learning • Follow an issue through to the root cause • Ask how you can help • Make recommendations – NOT Requirements • Solution focused and practical • High impact and low effort (Ed)

  11. Audience Question What do you do to partner? (Ed)

  12. How Do You Build on Partnership • IT is lean • What skills are you bringing to partnership • What are you trying to take from partnership (Ed)

  13. Audience Questions Who has a CISA, CISM, or CISSP? Who is Six Sigma certified? Who is PMP certified? Who is Microsoft, Cisco, etc. certified? Guess which ones matter to IT? (Tim)

  14. IT Skill Requirements Changing • Dead are the days of the generalist • IT is lean • Everyone needs to know controls • Require Business Acumen • IT requiring more technical skills • Companies can’t afford to develop • Buying experienced staff (Tim)

  15. Hot Skills in Demand • Programming / application development • Networking • Mobile development • ERP configuration – Oracle & SAP • Project management • Database admin • Cloud architecture • IT security • Analytics (Tim)

  16. Audience Question Who audits an ERP system? Who has attended configuration or technical training? (Tim)

  17. How to Build your Skills • Don’t take audit class - instead take: • Configuration • Implementation • Take advantage of company training • Talk to IT about when they bring trainers in • See if you can use training credits • Attend IT conferences (Tim)

  18. Key Certifications • MBA • Six Sigma • 40-80 hours of training • Mentor under Black Belt • Complete project • Show real savings • Project Management Professional (PMP) • 40 hours minimum training • 2+ years project leadership experience • Pass rigorous exam (Tim)

  19. Audience Question What does the audience recommend? (Ed)

  20. Soft Skill Development The Basics • Listening and Communicating: Understanding your Audience • Emotional Intelligence • Conflict Resolution, Partnership • Negotiation, Trust Building Resources • In-House & External Training: Balance your Resources • HR Department • Mentoring & Coaching *You Are Responsible for Your Career Development* (Jennifer)

  21. Our Career Paths • Tim Van Ryzin, Dir. Security & IT Risk, Regal • Cameron Yazdani, Assoc. Director, Schenck • Ed Young, VP Infrastructure, Regal (Ed)

  22. Audience Question Who has moved from Audit to IT? Share your story (Ed)

  23. Roles for Transition • IT Risk Management • Information Security • Business Continuity Planning • Disaster Recovery Planning • Information Privacy • Information Assurance Compliance Auditing • Business Role (Tim)

  24. IT Skills / Career Tracks (Tim)

  25. Proactive Career Management -Step 1: Define Your Brand • What are your skills? • What makes you different? • How can you make a difference? (Jennifer)

  26. Step 2: Define your Market • ƒWhat do you want to do? • Where do you want to work? • What industries do you want to work in? • Who do you want to work for? (Jennifer)

  27. Step 3: Develop your Marketing Materials • ƒPrepare now even if not looking • LinkedIn of course • Develop 15 second elevator pitch (Jennifer)

  28. Step 4: Build your Pipeline • Let people know you are looking • Meet with hiring managers of companies your are interested in • Network • Speak at events • Breakfast / lunch / drinks (Jennifer)

  29. Critical Points • Networking provides the leads • Like sales, a job search is often a numbers game. (Jennifer)

  30. Audience Question What else? Recommendations? (Jennifer)

  31. Lastly - The Resume • ƒUse a chronological resume • ƒMost detail on last two jobs • ƒGrowth trajectory with metrics (staff, budget, savings) • ƒFormatting is important: crisp font, white space, bullets, display type • Don’t exaggerate • Include a one-line description of each company you list • Emphasize your impact • Don’t list common technologies – Word/ MS Excel/ Access • Mention accomplishments in team building and leadership development. • 2 pages is more than enough (Ed)

  32. That’s it…. Open discussion. (Tim)

More Related