I started work at the State Audit Office (SAO) of Georgia in late 2013 as an intern. At that time, SAO had no IT audit function, but one was needed to keep up with the government due to rapid development of government electronic systems. I was tasked to learn more about IT audit and build a qualified team. As there were no audit schools in the country of Georgia, we faced many challenges.
As time passed, we decided to rely upon ISACA and pursue memberships for the team members. We acquired different manuals (including the CISA exam manual) and exam preparation subscriptions. In January 2016, SAO created its first IT audit unit and, at the end of the same year, we had two CISA exam-passers, including me. Personally, I was extremely proud of standing up this audit function. We had no qualified or experienced staff at the beginning of the project and our colleagues doubted our success. However, in three years, we managed to create a multi-skilled team. We learned from each other’s experience and believed in the greater purpose – building IT audit capability for the supreme audit institution of the country.
Recently, I received an outstanding CIO offer from one of the biggest private companies in the country, TEGETA MOTORS Holding, to lead their information systems (including SAP, e-commerce, IT operations and information security). This gives me an opportunity to learn more about CGEIT job practice areas and apply for the certification exam.
In addition to my regular job, I also deliver lectures at the Business and Technology University, one of the leading universities in Georgia. I am delivering an information security management course based on ISACA’s CISM exam manual and I encourage my students to leverage ISACA guidance in their studies. Recently, friends of mine and I decided to establish a Georgian Information Security Association (GISA) to promote information security in our country and region. I am also working on the establishment of a Tbilisi (Georgia) ISACA Chapter, and we are working toward meeting requirements for the chapter establishment.
Looking back, I deeply appreciate ISACA for helping me attain these opportunities. After becoming a CISA, my credibility doubled when working with auditee entities; after becoming CISM and Cybersecurity for Audit-certified, I have secured myself as a reputable expert capable of working on international projects; and finally, I have become a CIO of one of the biggest Georgian companies.
I look forward to establishing an ISACA Tbilisi Chapter and want to help reach all the students, young professionals and already well-established professionals to associate themselves with ISACA to help drive their career advancement, as it has driven mine.