I doubt that there has ever been a job considered as dull, boring, or monotonous as that of the auditor. There is no mystery, excitement, or wonder in auditing. Most of all, there is no smiling in audit. …or is there…Under the subtle blue suit and understated tie, the stodgy fellow in the corner fervently clicks away on his keyboard. Barely looking up as he sips his lukewarm coffee, this auditor, we’ll call him Oliver, appears to be as much fun as a root canal. As far as we know, Oliver has sold his soul to the gods of Excel, and is buried 600 rows deep in some sort of spreadsheet. As far as we know…Just like Clark Kent and Bruce Wayne, Oliver has a secret. No, Oliver doesn’t wear tights and a cape. Or at least if he does, we really don’t want to know about it. I don’t proclaim that Oliver has some super power. I mean seriously what would it be, able to memorize the NIST 800 series in a single reading? Imagine the motto, “Accurate to 5 decimal places, creates a pivot table in one click. It’s a nerd, it’s a plane, it’s Audit Man!” No, Oliver has a different kind of secret. He loves his job. He doesn’t love it in that creepy, brown nosing, Lumberg sort of way. Oliver likes his job in that Keanu Reeves – Matrix – super geek kind of way. You see Oliver is a very …special… kind of auditor. He doesn’t care if your balance sheet has more holes than OJ’s alibi. Oliver is an information system auditor, he cares about encrypted protocols, access controls, and …dare I say it… hacking. Yes Oliver, is a hacker, a white hat hacker, but a hacker none the less. I realize that there is a stigma associated with the word, “hacker”, so in polite circles we use the term, “penetration tester”.In Oliver’s mind, auditing is like a game of chess. It’s him against you. Who has the best skills? Oliver or the guy securing the system. For Oliver, there are two critical questions; questions that drive his every keystroke. First, what do you have that I (as a bad guy) would want? Second, how can I get it from you? Granted, Oliver’s process is standards based, but after you boil away the bureaucracy, the various standards, and other clutter, these questions are at the heart of what drives Oliver. There’s no smiling in audit? I guess that really depends if you are Oliver or the guy or gal on the other side of the table. Related content opinion Security - It’s Just a Job Putting it all in perspective... By Chad McDonald Feb 26, 2012 4 mins Technology Industry IT Jobs Careers opinion John Strand Slapped Me In the Face By Chad McDonald Aug 30, 2011 4 mins Data and Information Security IT Leadership opinion Shiny New Security Shoes By Chad McDonald Mar 29, 2010 4 mins Careers IT Leadership opinion Insecure but Safe - The Mayberry Paradox By Chad McDonald Mar 27, 2009 4 mins Data and Information Security Physical Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe