Editor’s note: The ISACA Now blog occasionally highlights the impact ISACA certifications have in the evolving business landscape, as well as how certifications have impacted individual members of the ISACA professional community. Today, we profile Marco Schulz, CISM, CISA, CGEIT, CEO at marconcert GmbH (Germany). For more information on ISACA certifications, visit www.isaca.org/certification.
ISACA Now: What motivated you to pursue your CISA certification?
As a CISO, I was subject to internal and external reviews for many years and impressed by the instincts of some natural-born auditors. When I took a new supervisory role, I had to conduct on-site audits of subsidiaries around the globe and I suspected I needed to learn some basics before comfortably leading bigger audit engagements. Oh, and there was still some space left next to the CISM on my business card.
ISACA Now: What was your biggest key to success in passing the exam?
Undoubtedly it was my professional experience. When I took the CISA exam in 2008, I had already worked in information security for 12-plus years. From the CISM exam the year before, I was already familiar with the line of questioning and – I should probably not confess – went to the exam with only very little preparation.
ISACA Now: How does the knowledge you gained through CISA fit in with the current technology landscape?
In my view the general IT audit principles have not changed much over the decades. In the meantime, the complexity of technology and its business relevance have gone through the roof. More than ever, a risk-based approach and continuous compliance monitoring are needed to manage IT compliance in a cost-effective manner. The CISA knowledge domains support these objectives and are regularly updated to incorporate major business changes.
ISACA Now: How has the CISA helped advance your professional development and career objectives?
The CISA designation helped me to demonstrate IT audit competencies. It was also a formal prerequisite for some client engagements.
ISACA Now: What does it mean to be part of a global network of ISACA-certified professionals?
Even though I enjoyed speaking at ISACA conferences at times, I had been a rather passive member for many years. But in November 2018 I decided to engage in the German chapter and started to manage our social media accounts on Twitter, LinkedIn and a closed member group on XING. Today I am working from the German chapter office in Berlin, where recently I was dining with the president and the CEO of our Kenyan chapter. I like the professional and personal exchanges in our community and call some ISACA member my friends.