Slide heading
1 / 33

Slide Heading - PowerPoint PPT Presentation

  • Uploaded on

Slide Heading. A Discussion: From Auditor to CIO . Tim Van Ryzin W. Edward Young March 12, 2014. The Dilemma. Utter the word auditor, and many CIOs cringe. After all, IT auditors are professional nitpickers who identify problems and get CIOs to fix them. . (Tim). Overview.

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about ' Slide Heading' - jalen

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Slide heading
Slide Heading

A Discussion:

From Auditor to CIO

Tim Van Ryzin

W. Edward Young

March 12, 2014

The dilemma
The Dilemma

Utter the word auditor, and many CIOs cringe. After all, IT auditors are professional nitpickers who identify problems and get CIOs to fix them.



  • 1How to audit without alienating

  • 2Building technical skills

  • 3Building soft skills

  • 4 Our career paths

  • 5Career options to make the jump

  • 6How to Jump


Discussion leader introductions
Discussion Leader Introductions

  • Jennifer Kovacich, IT HR Manager, Regal

  • Tim Van Ryzin, Dir. Security & IT Risk, Regal

  • Cameron Yazdani, Assoc. Director, Schenck SC

  • Ed Young, VP Infrastructure, Regal


Audience poll
Audience Poll

  • Who is an internal or external audit role?

  • Who is in a IT compliance role?

  • Who has been in an IT department?

  • Who has an MIS or Computer Science degree?

What do you want to get out of this presentation?


It s shocking what is the tone
It’s Shocking!What is the Tone?

Certainly, auditors can find shocking shortcomings. Ross Wescott, now chief auditor for the Oregon utility Portland General Electric Co., has discovered a few unsavory surprises for CIOs, including a massive security hole when he was at another company. In that case, the IT department "didn't bother turning on the security at the core level," says Wescott, who helps develop the auditor certification test at the Information Systems Audit and Control Association. "They were rolling this out to core applications. The apps people thought the core people were setting security, so they didn't do it. There was no security anywhere." Fortunately, Wescott discovered the problem before anyone took advantage.


Who is the customer
Who is the Customer?

  • You do you see as the Customer?

    • Audit Committee

    • CEO

    • CFO

    • CIO

    • Person you are Auditing


Tri fecta to anger the auditee
Tri-fecta to Anger the Auditee

  • Change scope in Mid-Audit or December

  • Make a huge deal out of something your are just speculating about

  • Raise up an issue without discussing

Communicate & Validate


Audience question
Audience Question

When was a time you drove an auditee nuts?

What could you have done differently?


How to build a partnership
How to Build a Partnership

  • Maintain team consistency

  • Spend time learning

  • Follow an issue through to the root cause

  • Ask how you can help

  • Make recommendations – NOT Requirements

    • Solution focused and practical

    • High impact and low effort


Audience question1
Audience Question

What do you do to partner?


How do you build on partnership
How Do You Build on Partnership

  • IT is lean

  • What skills are you bringing to partnership

  • What are you trying to take from partnership


Audience questions
Audience Questions

Who has a CISA, CISM, or CISSP?

Who is Six Sigma certified?

Who is PMP certified?

Who is Microsoft, Cisco, etc. certified?

Guess which ones matter to IT?


It skill requirements changing
IT Skill Requirements Changing

  • Dead are the days of the generalist

  • IT is lean

  • Everyone needs to know controls

  • Require Business Acumen

  • IT requiring more technical skills

    • Companies can’t afford to develop

    • Buying experienced staff


Hot skills in demand
Hot Skills in Demand

  • Programming / application development

  • Networking

  • Mobile development

  • ERP configuration – Oracle & SAP

  • Project management

  • Database admin

  • Cloud architecture

  • IT security

  • Analytics


Audience question2
Audience Question

Who audits an ERP system?

Who has attended configuration or technical training?


How to build your skills
How to Build your Skills

  • Don’t take audit class - instead take:

    • Configuration

    • Implementation

  • Take advantage of company training

    • Talk to IT about when they bring trainers in

    • See if you can use training credits

  • Attend IT conferences


Key certifications
Key Certifications

  • MBA

  • Six Sigma

    • 40-80 hours of training

    • Mentor under Black Belt

    • Complete project

    • Show real savings

  • Project Management Professional (PMP)

    • 40 hours minimum training

    • 2+ years project leadership experience

    • Pass rigorous exam


Audience question3
Audience Question

What does the audience recommend?


Soft skill development
Soft Skill Development

The Basics

  • Listening and Communicating: Understanding your Audience

  • Emotional Intelligence

  • Conflict Resolution, Partnership

  • Negotiation, Trust Building


  • In-House & External Training: Balance your Resources

  • HR Department

  • Mentoring & Coaching

    *You Are Responsible for Your Career Development*


Our career paths
Our Career Paths

  • Tim Van Ryzin, Dir. Security & IT Risk, Regal

  • Cameron Yazdani, Assoc. Director, Schenck

  • Ed Young, VP Infrastructure, Regal


Audience question4
Audience Question

Who has moved from Audit to IT?

Share your story


Roles for transition
Roles for Transition

  • IT Risk Management

  • Information Security

  • Business Continuity Planning

  • Disaster Recovery Planning

  • Information Privacy

  • Information Assurance Compliance Auditing

  • Business Role


Proactive career management step 1 define your brand
Proactive Career Management -Step 1: Define Your Brand

  • What are your skills?

  • What makes you different?

  • How can you make a difference?


Step 2 define your market
Step 2: Define your Market

  • ƒWhat do you want to do?

  • Where do you want to work?

  • What industries do you want to work in?

  • Who do you want to work for?


Step 3 develop your marketing materials
Step 3: Develop your Marketing Materials

  • ƒPrepare now even if not looking

  • LinkedIn of course

  • Develop 15 second elevator pitch


Step 4 build your pipeline
Step 4: Build your Pipeline

  • Let people know you are looking

  • Meet with hiring managers of companies your are interested in

  • Network

  • Speak at events

  • Breakfast / lunch / drinks


Critical points
Critical Points

  • Networking provides the leads

  • Like sales, a job search is often a numbers game.


Audience question5
Audience Question

What else? Recommendations?


Lastly the resume
Lastly - The Resume

  • ƒUse a chronological resume

  • ƒMost detail on last two jobs

  • ƒGrowth trajectory with metrics (staff, budget, savings)

  • ƒFormatting is important: crisp font, white space, bullets, display type

  • Don’t exaggerate

  • Include a one-line description of each company you list

  • Emphasize your impact

  • Don’t list common technologies – Word/ MS Excel/ Access

  • Mention accomplishments in team building and leadership development.

  • 2 pages is more than enough


That’s it….

Open discussion.