Related Posts
Best books on leadership and self development?
More Posts
Hi Fishers, I have accepted Walmart offer and my BGV has started 3 weeks ago. How do I check my BGV status? I will be joining in mid May. Also, I have been hiding one of the company where I had worked for 45 days and then absconded due to personal issues. Would it create any trouble? They had created my PF account though. Any help would be highly appreciated
Additional Posts in Risk Assurance
New to Fishbowl?
unlock all discussions on Fishbowl.




Why would you do that to yourself?
Compliance has always been a side that I enjoyed. I enjoy for validation, remediation, consulting side more than what I'm currently doing which is mainly a mix between engineering, support and implementation my entire career. I want to be doing risk assessments and ensuring compliance.
I’m the opposite (in IT Audit trying to do Cyber) . I am curious as well what made you switch ?
So if that's your goal, IT Audit is not your solution, unless you know the position is about cyber related Audit. Sox Audit is about copy and paste, you are not invol6in risk analysis or anything.
You should move to GRC and Cyber Risk Management
I'd recommend GRC if you like compliance. IT Audit is a grind. I finally got out and moved to Security. Know that in IT Audit, you will always be second class to the financial auditors when it comes to getting involved with the business and executive leadership. IT is the odd one out.
@KPMG3 Networking. Years of doing good work, being involved in EBGs and professional orgs. I was asked to move over by security leadership.
So I am not an IT Auditor but I have many year in various internal auditing with experience in Operational audits, financial audits, compliance audits and oversight for IT audits. From what I have seen, it has been a very difficult transition for an IT person to become an IT auditor. It’s mainly trying to streamline reports for the audience because you definitely know your stuff but IT persons tend to go too deep or too wide that you blow the budget and can’t put together a report in a format for the end user to easily understand. This is totally my opinion of what I have seen from persons transitioning to IT audit from mainstream IT.
Why do you want to do such a move?
Just let you know, you will NOT touch any system. You will just see everything by looking at the SCREENSHOTS!
Ok this is a gross over simplification. Yes, documentation is tracked in screenshots in workpapers, sure, but I spend a lot of my days going into systems, error escalation, designing workflows, etc. so I guess YMMV
I did something similar, switched from cloud security engineering to technical grc.