As ISACA celebrates the 35th anniversary of the CISA certification this year, we congratulate each and every professional who has achieved this distinction. And as ISACA recently certified the 100,000th CISA since the designation’s inception in 1978, we take this moment to profile one of the newest to achieve the CISA certification—Frank Giebel.
Frank began his career 25 years ago, holding IT audit and business development positions with Dell, SGI and StorageTek. In 2009, he founded an indepenedent consulting firm, 3rd Mind Business Consulting, near the German financial district in Frankfurt.
“I am proud to be part of such an elite international community,” says Frank, a GRC consultant based in Germany, who earned his CISA certification in January. “Many organizations, especially large international companies, specify in their requests for proposal that auditors must hold a CISA certification from ISACA, so this credential will give me access to a wider base of potential clients.”
ISACA:Why did you pursue the CISA certification?
Frank: My job as a GRC-consultant entails the introduction and management of information security and compliance as well as auditing my customers’ current level of information security and data privacy. During auditing and consulting projects, I am helping customers improve their information security and data privacy management. From a compliance perspective, I help them in planning and introducing regulatory compliance archives (i.e., email archives, document-management systems, etc.) While I already held the CISM certification, it is important to me to have CISA to "prove" my skills and get access to more customers.
ISACA: What is the value of CISA certification for you?
Frank: Definitely the access to more customers and high-risk areas like credit card transactions, banks and health insurance. Large and/or international customers include in their requests-for-proposals an ISACA certificate like CISA or CISM. And with the CISA certification, I am eligible to have the title "IT-revisor (IT-auditor).” To achieve that, you need a "bulletproof" certification like CISA.
ISACA: As someone who recently passed the CISA exam, what advice can you offer those sitting for an exam in the near future?
Frank: Have practical experience in information security, compliance and data privacy from a non-technical perspective. Have knowledge regarding the business objectives of the customer and related branches. I believe that specializing to a small number of branches is more valuable than many branches with little knowledge of them all. For me, my technical background and my CISM education were very helpful. You need practical experience.
ISACA: CISA has been earned by more than 100,000 professionals since its inception 35 years ago. How does it feel to be part of those milestones?
Frank: I feel very confident to be part of such a community, particularly since this is an international community. This is an elite circle of high-quality professionals.
To learn more about the 35th anniversary of CISA and the 100,000-certified milestone, go here.