Hiring and retaining top IT audit talent has never been harder, but hiring mistakes can only complicate the issue

That means it's more important than ever to have a robust recruiting and retention program for IT audit to keep star performers from leaving for other jobs. It's also important to hire the right candidates and communicate with them well so that the organization and the IT auditors they hire are both on the same page. Johnathan Ngah, a principle at Synergy EnterPrize LLC, a staffing company that specializes in IT auditor recruitment says that a poor recruiting process can leads to problems later on. "If you miss on the front end of the hiring process, you need a lot of luck to make it up on the back end."

At MISTI's IT Audit and Controls conference, Ngah detailed six IT audit errors for companies to avoid.
jonathan-ngah

  1. Recruiting, selection, and training strategy is not clearly defined.
  2. Existing strategy is not clearly understood or consistently applied.
  3. Procedures not in place to quantify or monitor progress
  4. HR recruiting, selection, and retention policies are misguided or dated
  5. Head-hunters and recruiting firms are not used effectively
  6. Frequent turnover of qualified IT audit when talent is not managed effectively


"It audit is a very difficult job," says Ngah. "When nothing happens no one even realizes we exist. But when there is an incident, the question is always, 'Where was the IT audit team?" He says companies need to do more to recognize the accomplishments of high performers.

Ngah also says you need to keep them challenged in their jobs to keep quality IT auditors engaged. "The last thing you want is someone that is completely comfortable in their job. They are not growing or challenging themselves."