Over 10 years we helping companies reach their financial and branding goals. Onum is a values-driven SEO agency dedicated.

CONTACTS
IT audit

IT Audit Buzzwords That Have Become Buzzkills

Every profession has its own jargon or buzzwords that makes it unique but, sometimes, some of the buzzwords turn out to be buzzkills to audit stakeholders. These include audit clients, management, board members, process owners, regulators, and more.

Well, there are technical words in IT audit that have no synonyms but, before you use any jargon, put yourself in the shoes of the other person who may not have an idea of what you are saying or writing.

Gone are the days when audit clients were referred to as auditees and, yes, the perception of any type of audit is still in question. We still have to do the work to change it by how we as IT auditors conduct ourselves. I believe next-gen IT auditors are up for this.

So, going forward as a way of creating great rapport with our clients, we can dump some buzzwords and adopt more constructive terminology. See below for several examples:

  • Replace “issues” with “observations”
  • Replace “findings” with “observations”
  • Replace “proof” with “results of an analysis”
  • Replace “recommendations” with “mitigation strategies”
  • Replace “it appears” with “identified/tested/analyzed/reviewed”
  • Replace “process owner’s name” in the report with their job title
  • Replace “issue” with “gap identified” in a specific process

Four additional tips to note as you are navigating these conversations are:

  • Nobody wants to feel guilty before an analysis/investigation is done or proven. So, replace “evidence” with “supporting documentation.”
  • When performing walkthroughs, speak like a human being and not a corporate drone. You may think speaking in corporate buzzwords, jargon, and clichés makes you sound important and knowledgeable but for the person listening to you, it’s painful. It is mind-numbing to hear someone endlessly pontificate about how important they are. It is worse when they sound like a corporate robot instead of an actual human being.
  • When writing your report, use simplified English that even a child can understand. Regardless of which level of leadership or authority the report will be addressed to, you have to elaborate briefly on what you mean in layman’s language. It is quite rude to use buzzwords in a report because, in this day and era, writing is the new listening.
  • Process owners usually have a greater understanding of the business process. So, when being asked to provide “evidence” on their own work, it might not be taken the right way. Instead, schedule a review meeting or ask for supporting documentation.

With a relatively light lift of being more mindful and intentional about the way that you frame conversations, your audit engagements are likely to go much more smoothly.

Originally published here https://www.isaca.org/resources/news-and-trends/newsletters/atisaca/2023/volume-11/it-audit-buzzwords-that-have-become-buzzkills-to-client-and-process-owners

Watch here https://youtu.be/wAtcTcGZhAE

Author

Veronica

Published Author | Director, One In Tech, Foundation | Director, ISACA Board of Directors | IT Audit Professional | Speaker | Member of National Association for Corporate Directors | Vlogger | CISO | Global Mentor | Data Privacy Solutions Engineer | Award Winner in the Cybersecurity industry

Leave a comment

Your email address will not be published. Required fields are marked *