The Network: Debbie Newman

The Network
Author: ISACA
Date Published: 1 July 2016
español

Debbie Newman

What is the biggest security challenge that is being faced in 2016?

Identity and access management. We struggle with managing our own identities on a personal level with usernames, passwords and security questions to dozens of web sites. Organizations feel the same struggle when users have access to dozens of applications.


What are your three goals for 2016?

  • Spend time with my family and friends
  • Travel to at least six new countries
  • Pass the CSX Cybersecurity Fundamental Exam


What is your favorite blog?

The Art of Advice by Justin Greis, http://theartofadvice.com/


What is on your desk right now?

Cup of coffee, pictures of my family and a calendar of “1,000 Places to See Before You Die”


Who are you following on Twitter?

I cannnot name all 631 of them. To name a few:

  • @andylassner
  • @oatmeal
  • @sbellelauren
  • @adam_newman
  • @meritmusic

How has social media impacted you professionally?

It allows me to stay in touch with people I have met all over the world. I have been able to meet up with people who I have not seen in years because we connect and share our future travel plans via social media.


What is your number-one piece of advice for other IS audit professionals?

Keep in touch with everyone you meet! You never know when they will be part of your next project or team. The audit community is very small.


What is your favorite benefit of your ISACA membership?

Access to publications and training materials through the online bookstore.


What do you do when you are not at work?

  • Try out new recipes and cooking techniques
  • Travel to see family and friends


Question How do you think the role of the IS auditor is changing or has changed? What would be your best piece of advice for IS auditors as they plan their career path and look at the future of IS auditing?

Answer The fundamental role of the IS auditor has not changed for many years with regard to the type of risk we try to address. IS auditors will be challenged in the future to address new areas of risk and move away from general computer controls that have long been effective in organizations. As risk is transferred to third-party vendors, IS auditors will be challenged to show how controls are effective when they are no longer being performed in-house.


Question How do you see the roles of IS audit, governance and compliance changing in the long term?

Answer In the next few years, IS audit, governance and compliance will move toward continuous auditing through the use of data analytics. Once a transaction hits an enterprise resource planning (ERP) system, users will be informed if it hits a certain threshold and causes suspicion. Instead of waiting until the next year when the population is reviewed by an auditor, key flags will already notify the system owners with potential areas of concern.


Question How have the certifications you have attained advanced or enhanced your career? What certifications do you look for when recruiting new members of your team?

Answer I obtained the Certified Information Systems Auditor (CISA) certification within my first year of working in public accounting. After obtaining the certification, I was able to show internal and external stakeholders that I knew the industry standard for IS audit.

I do not have certifications that I look for specifically when recruiting new members to my team; however, a technical certification shows me that an individual has taken the time to learn the industry’s guidelines for best practices. It shows me they are dedicated to the profession outside of their normal business activities.


Question What would be your best piece of advice for IS auditors planning their career paths and looking at the future of IS auditing?

Answer Take lots of notes! I am constantly referring back to notes I wrote months and years ago. Sometimes they are technical items and other times it is a piece of advice from a colleague. You never know when you are going to need to refer to something from the past.


Question What has been your biggest workplace or career challenge and how did you face it?

Answer Learning to “work where your feet are.” Audit professionals are constantly challenged by new work environments. I had to learn very quickly how to block out any outside distractions when working on trains, planes and in various conference rooms. Often, the places where we do our jobs may not be the most comfortable or conducive for being productive. I have found the best way to overcome the challenge of working in multiple locations is to set tasks based on where you will be working next. Sometimes, administrative tasks such as reporting travel expenses are best performed on a train, whereas documenting audit procedures is best performed on my couch.