Editor’s note: ISACA’s Career Catalyst Stories showcase how members have been supported by ISACA throughout all stages of their careers. Today, we profile Jas Gill, CISA, CISM, Senior Internal Audit Manager at RELX. Find out more about ISACA membership here.
Jas Gill started her career at a Big 4 firm in London, supporting clients’ strategic initiatives while working in the consulting division.
It was enjoyable work, but something was missing.
“As I moved from one consulting client to the next, I realized that I never saw the end benefits of my work and its impact, which is why I moved into internal audit,” Jas said. “Working within internal audit, I have been able to support organizations in the same way, but now I am able to see the real, direct impact of my work.”
For Jas, that pivot to audit eventually meant a pivot to ISACA – and further career growth.
Jas and ISACA: early career
Jas has worked in a range of audit disciplines, working her way up from junior-level tasks such as completing and documenting process walkthroughs.
While she possessed the skills to make a successful transition to audit, she did not hold a related certification and was hesitant to pursue one, as she perceived them to be overly technical.
That changed a few years ago, when through the encouragement and advice of mentors, Jas became a CISA and CISM holder.
“They helped me understand the value of certifications, especially in building credibility with audit stakeholders and talking in the same language,” Jas said. “Additionally, certifications helped me to have a deeper understanding of key cybersecurity frameworks, models and best practices, such as NIST, ISO27001/02, CMMC, and FAIR risk model, which I leveraged and brought into my audit delivery.”
What’s happening now?
Today, Jas leverages her technical knowledge gained throughout her certifications and other ISACA learning resources to support her organization in managing its risks and threats.
Jas is a regularly reader of the ISACA Journal to stay informed about industry developments and also attends ISACA in-person London workshops and online webinars. Given the constant technological advancements impacting the profession, Jas believes it’s imperative to keep pace with risks, emerging techniques and frameworks. She is particularly interested in the risks related to generative AI and the ongoing evolution of the cyber threat landscape.
“My learning never really stops, and ISACA remains my trusted resource to stay ahead of risks,” she said.
Since becoming an ISACA member in 2022, Jas has progressed to lead audits in emerging technologies. She also has leveraged her technical learning gained through ISACA resources to yield great audit results and identify control gaps within emerging technologies with greater confidence, as well as communicate findings in a way that resonated with stakeholders.
In addition to the knowledge she has gained through ISACA, Jas also has grown to deeply value the personal relationships she has built through the ISACA network.
“Learning from others who hold different perspectives have helped grow and further develop my own thinking as well as challenge my own assumptions,” Jas said. “Additionally, the personal connections I have built through ISACA have created opportunities for collaboration. I have recently connected with others whilst recording an audit podcast, writing a short piece on women in cybersecurity and the need for increased female representation within technology. These connections have been invaluable and have provided me with a support network of peers.”
What’s next for Jas?
Going forward, Jas aims to help cultivate the next generation of tech leaders, particularly women through the ISACA Mentorship Program.
“By sharing my experiences and insights, I hope to inspire others to pursue careers in technology,” Jas said. “Having seen first-hand how powerful the ISACA community is professionally, I am eager for others to have similar positive experiences.”
Jas knows that keeping ahead of emerging technology trends will require ongoing vigilance, and she is committed to growing her own IT assurance leadership capabilities. She sees promising opportunities for auditors in the years to come.
“I believe that embracing technology will lead to more effective audits, better risk management, greater value for organizations as well as saving time for auditors, so we can spend more time on value-add activities,” Jas said.
That upbeat vision will only come about if auditors are proactive about positioning themselves for success in a new era, she said.
“There is a real risk that the audit profession, as a whole, is slow to adapt, so I encourage audit professionals to ‘test and learn’ when it comes to new technologies,” Jas said. “Using company approved technologies, conduct pilot programs, be ambitious in your big-picture thinking and don’t be afraid to fail forwards when learning.”
