Adapt and Thrive

Grow Your Career by Earning an IT Credential

By Harsh Jadhav, CPA

Among the upcoming sweeping changes to the CPA Exam, to be implemented in 2024, is one focused on ensuring CPA candidates understand how clients adopt technology in their business models (i.e., business analytics, SAAS, ERP). Another change is preparing new CPAs to efficiently service clients using technology-based tools to assess risk, perform testing and perform data analysis. 

Universities are revamping curriculums to teach students about these cutting-edge software applications (i.e., Tableau, RPA, Power B.I.), as many accounting firms and businesses expect students to be familiar with these tools upon graduation.

Vlad Genin, a professor of management and engineering and former plenipotentiary representative of the Higher Education Academy of Sciences at the United Nations, agrees with the AICPA’s approach. He thinks all modern CPAs must understand the newest tools acquired from the university/college educational programs. He also believes the new generation of accounting students must be educated in cloud computing, machine learning, artificial intelligence (AI) and augmented reality (AR) to give them a comprehensive view of the client’s deliverables, along with visualization and interpretation of data in real-time.

Whether you are a tech-savvy new or experienced CPA, investing in formal education to pursue an IT credential could open doors to new career opportunities and reaffirm your expertise with your clients. 

Doug Barbin, national managing principal and chief growth officer for Schellman (a specialty CPA firm that offers compliance assessments in SOC, ISO 27001 and HITRUST), says, “In a professional services business, IT audit and security credentials provide credibility and baseline knowledge to your clients. Internally, a certification like a CISSP or CISA shows dedication to your craft among your peers. This is why we incentivize professionals to gain as many as they can and require at least two certifications for a promotion to manager.”

SynerComm Inc.’s Senior Information Assurance Consultant Jeff Lemmermann started his career with a public accounting firm as a financial auditor, but was tasked with installing a client-server network for his office and identifying and training other CPAs in the firm who could assess IT controls in financial audits. His credentials as CPA, CITP, CISA and CEH built his credibility with the partners and allowed his firm to position him as the technical expert within the firm and to their clients.

In fairness, not all employers view IT credentials as a must-have. Russ Walsh, a Silicon Valley cybersecurity compliance leader for Auto-Grid, feels that “for roles in technology risk and compliance, it’s certainly important to have an appropriate educational background and base of knowledge, but having solid work experience and outstanding references are most important. Too many IT certifications, combined with a job history of many short stints, can indicate someone solid in theory, but who might struggle to be effective at delivering the results their employers need.”

Understanding that earning an IT credential requires an investment in time, selecting the right one to pursue is important. There are three certifications I recommend you start your search with and review the domain of knowledge that is covered, as well as the exam rigor and experience requirements that may be required. 

ISACA offers several IT designations, depending on the type of services you perform and the audience you plan to serve. 

The Certified Information Systems Auditor (CISA) is the most popular, covering topics like data governance, business continuity, backup/recovery and data encryption. Other credentials offered by ISACA include CRISC, CGEIT, CDPSE and CISM. 

The Certified Information Systems Security Professional (CISSP) is another popular IT designation, and is offered through the (ISC)2 organization. One thing to note is that in addition to passing the CISSP exam, there’s a five-year experience requirement to qualify for this credential.

The Certified Information Technology Professional (CITP) credential, offered by the AICPA, is only available to CPAs, offering exclusivity to those who earn it. The CITP body of knowledge includes information security, cyber risks, business intelligence, business analytics, IT governance, risks and internal controls.

CITP candidates must be an AICPA member in good standing, have a valid state CPA license and a minimum of 1,000 hours of experience in the CITP body of knowledge. To help candidates prepare for the four-hour exam, which is offered year-round, the AICPA offers a self-study CITP Exam Review Course and complimentary access to a CITP Exam Study Group.

Kevin Martin, director of TCW2a, LLC and founder of Martin & Associates, says, “The CPA and CITP gave me the confidence and credibility to talk with accountants and then focus on the technology implementations that my firm does. In addition, the ability to work with CPA firms was greatly enhanced if referrals were in the mix.”

Understanding that a technology credential isn’t for everyone if you are a partner or leader in your organization, I highly encourage you to provide opportunities for your staff to earn IT certifications. The investment in staff education pays dividends in many ways, including improved staff retention, better efficiency, data security and of course, higher client satisfaction.

Harsh Jadhav, CPA is the chief audit executive at ACERA.