Gan Subramaniam, CISA, CISM, CCNA, CCSA, CIA, CISSP, SSCP, ISO 27001 LA
We invite you to send your information systems audit, control and security questions to:
HelpSource Q&AISACA Journal3701 Algonquin Road, Suite 1010Rolling Meadows, IL 60008 USAEmail: firstname.lastname@example.org
I read your previous column with a question based on the book 8 Things We Hate About IT: How to Move Beyond the Frustrations to Form a New Partnership with IT. In your response, you discussed ‘things we hate about information security’; it made a lot of sense and was interesting reading, too. Continuing the discussion along the same lines, can you please list out the things that people ‘hate’ about information systems auditors? Auditors do not necessarily, on all occasions, remain best friends with the people in the business/IT. Please also add what auditors must do to win friends.
I do not disagree with you—auditors who do a clinical, dispassionate job may win the wrath and displeasure of those in the field and, on some odd occasions, even from leadership of the operational area that gets audited. But that does not mean they are ‘hated’. Hatred can exist when auditors disappoint and fail to do their job. Not being popular can be misconstrued for hatred, but in the long run, good auditors are not necessarily popular per se. The truth of the matter is that by being clinical and dispassionate, with no personal agenda, auditors serve the best interests of their employers and their profession. Here are some areas that can result in auditors being ‘hated’:
Thus, there are a number of reasons why auditors can be hated. Sounds like a good subject for yet another book, right?
Enjoying this article? To read the most current ISACA® Journal articles, become a member or subscribe to the Journal.
The ISACA Journal is published by ISACA. Membership in the association, a voluntary organization serving IT governance professionals, entitles one to receive an annual subscription to the ISACA Journal.
Opinions expressed in the ISACA Journal represent the views of the authors and advertisers. They may differ from policies and official statements of ISACA and/or the IT Governance Institute® and their committees, and from opinions endorsed by authors’ employers, or the editors of this Journal. ISACA Journal does not attest to the originality of authors’ content.
© 2010 ISACA. All rights reserved.
Instructors are permitted to photocopy isolated articles for noncommercial classroom use without fee. For other copying, reprint or republication, permission must be obtained in writing from the association. Where necessary, permission is granted by the copyright owners for those registered with the Copyright Clearance Center (CCC), 27 Congress St., Salem, MA 01970, to photocopy articles owned by ISACA, for a flat fee of US $2.50 per article plus 25¢ per page. Send payment to the CCC stating the ISSN (1526-7407), date, volume, and first and last page number of each article. Copying for other than personal use or internal reference, or of articles or columns not owned by the association without express permission of the association or the copyright owner is expressly prohibited.