Support why IT audit is considered a profession.
The term, IT auditor, certainly can strike fear in even the most knowledgeable and confident members in the IT profession, as well as in many other departments. An IT auditor is tasked with ensuring that systems, processes, rules, and regulations all meet state, local, and government requirements; while the ongoing maintenance of these areas tends to fall on separate professionals, an auditor’s job is to facilitate the deliverance of tasks that need to be completed, problems that are found, possible methods of improving systems, and ensuring that the organization keeps their head above any political or governmental lawsuits or fines.
Due to the always-expanding growth of technology, including the IoT and cloud computing’s significant impact on how businesses operate, IT auditors are a necessary profession that often does not get enough praise or recognition. Instead, IT auditors and similar professions, such as QA (quality assurance) in the Air Force, are often met with intense negative remarks and beliefs. While I was in the Air Force, having QA pull up to an explosive ordinance building operation was always stressful; however, their actions often resulted in the continued safety and even the improvement of our standards of practice. In the world of IT and all of its subcategories, auditing is a field that can yield significant gains for fields such as cybersecurity governance due to the issues involved with relying on those without an auditor’s knowledge and skills in complying with confusing privacy laws and other always-changing documents.
I wear a wide variety of hats in my current role, including help desk management, cybersecurity, inventory management, cloud management, among others. IT auditing is a hat that is hard to share priority with and, instead, should be focused primarily with one role-focused department/team. IT auditors’ jobs rely on their ability to carefully and thoroughly comb through an organization’s systems and policies in a methodological, precise, and scientific manner. In an auditor’s off-time, they are expected to stay current with evolving rules, regulations, and technologies, which by itself, is a never-ending task. IT auditors are a profession due to the vast amount of skill and work involved with the science of exploring an organization’s assets and policies and being able to create reports based on their findings; this is a skill that not many departments in technology-related fields are comfortable with, nor have the time to hone their skills and commit to the continued education of their knowledge of the vast world of data privacy laws and security regulations.
Otero, A. R. (2019). Information Technology Environment and IT Audit. In Information technology control and audit (Fifth ed., pp. 3-30). Boca Raton, Florida: CRS Press.