Evolving From Accountant to IT Auditor With a CISA Certification

As a professional who started his career as a chartered accountant, Sreekrishna Rao has encountered some resistance from stakeholders because he is not an IT engineer. His credibility changes quickly, however, when they discover that he holds the Certified Information Systems Auditor (CISA) certification. Rao says, “The moment my stakeholders across the table note that I am a CISA, I instantly sense their acknowledgement that I know what I am talking about.” While the CISA certification has allowed him to understand technology risk, it has done much more—giving him access to the other professional growth resources ISACA has to offer. Since becoming a CISA in 2003, Rao has witnessed organizations evolve and change in both size and scale. His passion for social service makes him wonder how he can use technology to lessen the world’s inequality.

Rao first turned to CISA in the late 1990s when he saw that technology was increasingly enabling business. He noted that “getting a better handle on identifying, understanding and evaluating information technology risk and relevant controls would be indispensable if I have to help business enterprises by providing technology risk assurance and consulting services.” In hindsight, Rao was not wrong in his thinking. Today, he helps enterprises leverage value from technology while ensuring that growth is sustainable. As a CISA, he feels it is his responsibility to find pragmatic solutions for enterprises to create value while managing relevant risk.

Outside of his work as a senior risk manager, Rao likes to explore using technology to help those less privileged. He has helped to offer technology enabled knowledge initiatives to school children in Bangalore (Karnataka, India) and helped UK charities manage technology risk. When he led the CISA preparatory sessions at the ISACA Bangalore Chapter, he was able to “ignite the spark of passion to do the right thing with the double edged tool that is technology, in [many] students who came to those sessions,” and it is for those experiences that Rao really is passionate. He believes in bettering the world at large and strives to impart that same sentiment to his 3 children.

Overall, Rao believes the CISA certification can benefit professionals in part because it is always being refreshed, reminding professionals that their skills must also keep up with IT’s transforming landscape. He thinks earning the CISA certification is a great way to jump start efforts to help organizations identify technology risk and start a new auditing journey on the right foot.

To learn more about ISACA certifications, visit the Certification page of the ISACA website.

Written by By Sreekrishna Rao, CISA, CIA, CIPM, CISSP; excerpted from @ISACA Volume 10 2019