Establishing Credibility with More Experienced Clients and Business Partners

Establishing Credibility with More Experienced Clients and Business Partners
Author: Alicja Foksinska, CISA, CFE, Lead IT Auditor, Protective Life
Date Published: 16 October 2019

I graduated college with all the confidence in the world. However, I then entered Corporate America, and I had a rude awakening. My college studies equipped me with knowledge and skills to achieve tasks thrown at me, but what I had to do next is establish my credibility.

PuppyI felt like the puppy in this picture. I was handed an oversized K-9 Unit vest that I had to grow into as I was again starting from the bottom. In the audit profession, building rapport is key. When I entered meetings, I knew people were probably thinking, “She looks like a student, what does she know?” They were correct – I looked like any recent graduate, and I didn’t have the experience to provide feedback to well-experienced process owners who have been in their position for 25-plus years. To overcome that, I had to start building credibility.

My manager taught me an important lesson right away: it is OK to ask questions. He explained that a textbook only taught me the definitions and uses of systems, but it did not teach me the processes that my company has in place. To my surprise, process owners were very happy to explain their processes from beginning to end, provide me with flow charts, or even draw the processes out. I thought asking questions would erode my credibility – however, my questions did the opposite and allowed me to build better relationships with the process owners. My questions showed the process-owners that I am a good listener, diligent note-taker and a fast learner. By taking the time to listen to the process-owners explain their processes and ask good questions throughout, I was able to not only gain a stronger understanding of the process, but I was able to start relationships with the process owners that would be beneficial in my career.

Another lesson I found helpful was preparing for meetings ahead of time. Reading white papers and diving deeper on certain topics allowed me to pre-load myself with the information, so I could speak the same language the process-owners used during the meeting. For an IT term to exist, it must be an acronym! There were so many of those to learn that I even made myself a cheat-sheet to remember, for example, that “UPS” does not mean United Parcel Service, but rather Uninterrupted Power Supply.

Furthermore, by reading white papers, I can gain insight into the current state of the industry and/or the future predictions. This allows me to compare the current processes and systems at my company and provide the business with insights that I was able to find and potentially identify ways to create efficiencies. Curiosity has fueled my success at building credibility and rapport with the business, as I’m always trying to find a better way to perform a task or give insight into potentially maturing the current process. Reading old audit reports is always a great way to dive into the area one is about to audit again. Going through the business descriptions, the testing that occurred and findings that were discovered is always a great way to start the research and prepare for a meeting with the business.

Lastly, time – give it time. You will not be an expert in every business field, even if you are an auditor for life. The old adage, “Rome wasn’t built in a day,” is highly applicable here. You need time to create great things and you should always have questions, as you will be learning for the duration of your career.

After a few years in this profession, I’m still learning, and won’t ever stop learning. I’m lucky to work with so many talented and knowledgeable people in my company that enjoy sharing their skills with me. Every time I meet with someone who has devoted his or her career to a certain topic, I feel incredibly humbled as I get to learn from the best teacher around: the expert.

Editor’s note: For more career insights for newcomers to the IT audit, governance, risk and security fields, visit ISACA’s Membership page.