Related Posts
More Posts
Is today Friday or Monday? F*^%
How do I pivot from a broker to any job in tech?
Additional Posts in Risk Assurance
What makes more money IT Audit or IT GRC?
Hello - hope everyone is having a great weekend. I'm looking into risk assurance opportunities at Meta, especially Application Manager, Controls (min 5 YOE) and Manager, Compliance (min 12 YOE). I am a Senior Manager with 9 years of IT risks assurance experience. Does anyone have any thought on which position I should apply? If anyone currently at Meta could share your experience, that would also help. If anyone is open to providing referrals, I could provide my background. Facebook (Meta)
New to Fishbowl?
unlock all discussions on Fishbowl.




It takes like 8 weeks to study and pass the CISA. Just do it.
I know people who have failed it due to under preparing, so I would NOT use 5 days as a realistic timeframe to set yourself up for success.
If you are in public accounting, you would need a CISA (or even CPA) to make manager. You don’t necessarily need it in industry but it is typically a preferred credential.
Can you switch to 1st or 2nd line without a CISA?
CISA is easy. CPA was much tougher. Just invest the time to study and take it. It really isn't very hard, especially for someone that is already in the industry.
EY requires a certification for Manager promo but it doesn't have to be a CISA. CPA, CISM, CISSP, CRISC etc are acceptable too
Many industry jobs dont require a certification for manager or up. But many might want SOME sort of certification. Nobody is requiring you to take a test. You are the maker of your own career.
It’s easy to pivot without having a certification if you have the relevant experience. Our field is chronically low on people who know how to do the work, so being a manager at a big 4 means you have at least 5 years or more of relevant experience.
In my view, other technical certifications or knowledge are way more valuable than a CISA, unless the company you are going to treats IA as a SOX shop. Even then, a CISA isn’t necessary if you have years of experience
I left PwC as a Manager in Cyber Risk in Finance. My new company is not public, and pays 45% more than what I made at Pwc. I work on all internal audits (IT, Financial, compliance and ad hoc). My weekly hours are between 35-45 and I have never, not once, worked past 6pm or on weekends. I have never had any certifications (CPA, CIA, CISA...) and do not plan on getting one.
If your goal is to become a CFO, Partner, or an Executive within a public company, then certifications might be necessary. However, if you're not aiming for those roles, don't stress over them. They can be a waste of time and money. I recommend getting more knowedegaboe on a variety of topics, digital, project planning, AI, data analytics and be exposed to all variety of audits to make yourself more marketable. Focus on what truly matters to you, your family, and your career.
How did you make it past Senior Associate w/out a certification at PwC? Maybe the policy changed? 🤔