Information technology (IT) auditors, also called information systems (IS) auditors, investigate the effectiveness and security of a company's IT systems. The goals of an IT audit are to determine if the company's IT system is operating in a manner that advances the company's objectives and goals, maintains the integrity of stored data, and safeguards assets.
Information technology auditing certificate programs are usually offered as complements to degree programs at the undergraduate level; graduate programs are also available. Students are trained to develop their skills in planning and executing an IT audit. Applicants must have a background in accounting and information technology. Multiple professional certifications are available to qualified individuals, including the CISA (Certified Information Systems Auditor).
Certificate Programs in IT Auditing
Courses in these programs discuss topics like regulation compliance. Other topics include:
- Information systems management
- IT systems and security
- Sarbanes-Oxley Act: compliance
- IT auditing principles
- Auditing new technology implementations
- IT auditing for acquisition analysis
Employment and Career Information
The U.S. Bureau of Labor Statistics (BLS) categorizes accountants and auditors together and estimates that these workers will have 6% job growth for the years 2018 through 2028. The BLS also reported in 2018 that accountants and auditors earned $78,820 as a mean annual wage.
Certification and Continuing Education Information
Information technology auditors may earn various certifications. Two popular certifications are CISA (Certified Information Systems Auditor) administered by ISACA (Information Systems Audit and Control Association) and GIAC (Global Information Assurance Certification) Certified System and Network Auditor. GIAC certification is aimed towards technical personnel who want to certify their technical knowledge of the various systems they audit.
Other certifications that may be beneficial include CIA (Certified Internal Auditor), CISSP (Certified Information Systems Security Professional) and CPA (Certified Public Accountant). (ISC)2 (International Information Systems Security Certification Consortium, Inc.) administers the CAP (Certified Authorization Professional) credential, which is geared towards personnel who maintain and authorize information systems (www.isc2.org/default.aspx).
Aspiring IT auditors should earn at least a baccalaureate degree before seeking employment in the field. Possible degree choices include a bachelor's degree in accounting or information technology, a master's degree in accounting or a MBA in accounting. It is dependent upon the employer and the position whether a degree in information systems versus a degree in accounting is the preferred requirement.
Information technology auditing certificate programs are designed to be supplementary to degree programs and for professionals. Graduates may go on to seek other certifications or degrees in related fields.