Editor’s note: This is the final part of a three-part series from Patrick Trierweiler on the ISACA Now blog focused on what early-career professionals and newcomers to IT audit can do until they have the required experience to obtain the CISA certification. See part one of the series here and part two here.
Let’s say you are now six months in to your IT audit/compliance career and have set up your support system, have found a rhythm to your work, and thanks to ISACA and your local chapter, you know your options for study resources and what cram courses are being provided. Now we move onto the next steps and set them in motion.
Build Out Skills and Learn Your Limits
Once you have hit an equilibrium, especially after acclimating to a new department or job, it is important to take into account your progress and shortcomings. Have you become comfortable with new skills that make your job easier? Are there skills you have identified that would make your job easier in the near future or a year or two down the road? Can you now do tasks that used to take you an hour in 30 minutes?
Figuring this out and taking stock of your abilities and progress is important to being able to know your boundaries and properly set yourself up for success, particularly if pursuing a certification or certificate is the next step. Time management is what makes or breaks a plan in most cases – not the difficulty of an exam’s content.
Make a Plan
Now it’s time to make a plan and answer the important questions:
- How long do you want to study?
- How long do you intend to cram in each session?
- What resources/study materials will you need?
- Will you study with a friend from your support system or alone?
- Should you take a day or two of PTO to prep?
- What is the date you want it done by?
These questions are important to gather the required intel to figure out your plan. These are not questions you just ask yourself, but also your support network and the greater community. For the CISA and other popular industry credentials, there are thriving communities on Fishbowl, Reddit and ISACA’s own Engage Platform that are willing to review and answer your questions. Once you answer these questions and understand when you can be certified, it is time for a very important next step.
Communicate the Plan
For the plan to work, it needs to be communicated, and you need to have someone to help you stay accountable. This can be someone outside your professional life such as a partner, roommate or family member. However, with the rise of talent development tools and more detailed goal tracking for individual contributors over the past decade, I would recommend having this accountability partner be someone within the company or, even better, putting this in as a formal goal in whatever talent development tracking tool or software your company uses. The extra visibility this provides can assist you in being approved to be reimbursed with extra resources provided by your company as well as give you extra support in your day-to-day duties.
Rinse, Reset, Repeat
Hopefully, you have now made the plan, communicated the plan and executed (or will soon execute) the plan. If you passed, then it’s time to celebrate, reset, and enjoy having a few letters behind your name! After that, review your CPE requirements, leverage your support system, ISACA, and your mentor for potential low-cost or free CPE opportunities, and figure out your plan to knock out those requirements and maintain your certification.
Finally, it is time to set up a plan for your next certification and repeat the process. Today’s enterprise landscape is one of ongoing learning and the technologies needed to run businesses are ever-changing, meaning we need to continuously learn and prove our merit. The good news for early-career audit professionals, as this blog series reinforced, is that you don’t have to wait five years to earn your CISA to jump-start your career in audit, assurance and compliance.