The One Skill That Will Change Everything for You in Audit
Chinmay Kulkarni
Creating #1 Learning Hub for IT Auditors | Tech Risk Senior @ EY US | SOX, SOC 1 & 2 | CISA • CRISC • CCSK • ISO 27001 LA | I Simplify IT Audit for You
In my first year in audit, I thought speed was the game.
I was documenting six workpapers a week. I was checking off tasks. I was pushing deliverables. At first, my team was impressed. Until one day, the comments started piling up.
Every time I submitted something, it came back with red lines. Some controls went through three rounds of review. My manager had to spend hours rewriting language, rechecking logic, reformatting evidence.
I was delivering fast but not well.
That’s when one of my managers pulled me aside. She said something I’ll never forget:
“I’d rather you give me three high-quality workpapers than six rushed ones I have to fix.”
And that changed how I approached everything.
Audit Quality: The Skill That Separates You From the Crowd
You could be the smartest in the room.
You could have all the certifications. But if your work lacks quality, it shows. And in audit, your work speaks long before you do.
Quality isn’t just about avoiding typos or aligning formatting. It’s about how clearly your documentation tells the story of the control.
It’s how well you anticipate the reviewer's questions before they even ask them.
It’s in the walkthrough summary you write. It’s in the clarity of your follow-up emails to clients. It’s in the way you label screenshots, phrase audit procedures, and explain exceptions.
Every detail matters.
A Quick Example: What Audit Quality Looks Like
Let’s say you’re following up with a client for screenshots.
You could write:
“Hi, just requesting the screenshots showing the password complexity configuration.”
Or you could write:
“Hi [Client Name], we’re requesting screenshots from the production environment showing the password complexity configuration for Oracle EBS. Please navigate to [menu path] and capture the section titled ‘Security Settings.’ We’re looking to validate that the settings match the company’s password policy requiring 8+ characters and complexity enabled. Thanks.”
Which one will save back-and-forth? Which one will your manager trust you to send without review? Which one reflects your quality?
The answer is obvious.
What Changed for Me
Once I stopped chasing speed and focused on quality:
Not because I knew everything. But because I cared about the standard I was setting through my work.
Here’s the Lesson
You don’t need to be perfect. But you do need to be precise. Slow it down if you must but get it right.
Because in audit, quality isn’t a checkbox. It’s a reputation.
And long after that audit file is closed, your name stays on the workpaper.
Make sure it’s something you’re proud of.
See You Next Week
If this resonated, share it with someone new in audit.
Next Monday, I’ll be writing about one of the my favorite topics - ITACs!!
Until then, keep doing the quiet work that speaks loudly.
Chinmay
IT Auditor-Consultant at CP CAN. Consulting
3wExcellent! Thanks for sharing your insights, Chinmay
Cybersecurity Leader | Cloud & Risk Expert | Award-Winning Career Coach & Speaker | EdTech Founder | Advisory Board Member | Canada’s Top 100 Black Women to Watch
3wSo many early-career professionals confuse doing more with doing better. But audit isn't about speed it's about clarity, logic, and precision.
Cyber Security Consultant | Risk Management | TPRM | ISO27001LI | SIEM | SOC |
3wThanks for sharing, Chinmay
GRC | Policy Writing | ISO 27001 LA | Compliance | Risk | SOPs | Helping Organizations Strengthen Governance & Security
3wThank you, Chinmay! Your write-ups reframe what ‘great work’ looks like. They’ve helped me see that my careful pace isn’t slow, it’s thorough and valued.
Senior Security Analyst | Compliance Strategist | ISO 27001 Lead Auditor & Implementer | IMS Internal Auditor (ISO 9001, 45001, 14001) | PCI DSS Implementer | CRMP |
3wCompletely true! Thanks for helping me connect with this again!