“I.T. Auditors don’t know anything about I.T.” – Anonymous Client

On the first day of almost every project I have ever been involved with I have had to overcome the perception that as an “Auditor” (I prefer Consultant because I’m usually there to do a lot more than just audit) I lack any understanding of technology. From a client’s perspective I think the assumption that I’m ignorant to I.T. is a fair one based on their previous experiences.

I.T. professionals I’ve spoken with have shared the same story: Constant turnover of fresh-out-of-college  IT Auditors from various accounting firms – all without the slightest understanding of how even the largest and most common I.T. platforms, say Active Directory, function. Throw in a custom application or two and the inexperienced IT Auditor is lost forever – and so is their credibility with the client.

Competency Test: Want to find out how much your I.T. Auditor knows? Ask them to explain group policy in Active Directory. This is a basic concept and if they can’t explain, then you have a noob on your hands!

The Dirty Little Secret

The reality is that in most Public Accounting firms, everyone with experience is so overworked that sometimes there is almost no choice but to send the unexperienced employee to the client’s site to “figure it out” – especially when it comes to IT. That explains the blank stares and lack of client service many industry professionals complain about. As result, this has created an industry-wide perception (or reality?) that most I.T. Auditors are pretty worthless. So the question becomes: How does the I.T. Auditor establish credibility?

Establishing Credibility

Establishing credibility to the client isn’t about “faking it”. The key is showcasing your existing skills and knowledge to the client in an effective way that builds trust and rapport, while learning how to ask for explanations and clarifications when you need them. Here’s a quick list of things that have worked for me along the way.

1. Dress like a Professional – Even if this is your first day on the job and you don’t know the first thing about I.T. you can always look the part. First impressions and a little effort go a long way.

2. Be Current – Never underestimate the value of being able to talk about current trends, recent security breaches, and events with I.T. professions. This goes a long way toward proving that you are “plugged-in” to the I.T. community. Check out the sidebar to the right for other blogs and websites to stay current on I.T. Audit and I.T. Security topics.

3. Share Experiences – The true value of a consultant is their ability to bring their knowledge of the industry and “what’s worked at other clients” to the table in the form of real life examples and solutions. Relaying anecdotes, previous solutions, and suggestions (and building on those previous experiences) give the client a reason to trust you. It also adds real value and experience to the client they would otherwise not have.

4. Give a little extra –  You were paid to do a certain job, but that doesn’t mean you can’t do a little extra. One thing that has taken me a long way with I.T. professionals is understanding what is important to them and finding a solution. Sometimes it is as easy as communicating their concerns to management – other times it might be creating a long list of process improvements “for their eyes only”. Either way, by showing you are there to help (and listening!) you build trust and credibility.

5. Don’t be afraid to be a geek – If you are in fact a former IT professional or love working on networking and computers in your spare time, don’t be afraid to share those experiences. The quickest path to building meaningful relationships with anyone is to find common interests. And there is no better way to learn from the real experts in the field than to give them a reason to open up to you and share about their passions and interest!

Most of this stuff is pretty basic, but I think it is worth reinforcing from time to time. We welcome further suggestions and stories in the comments.