The quarterly publication of the International Legal Technology Association
Issue link: https://epubs.iltanet.org/i/80353
It was at this point that I thought I might like to move into the systems auditing side. So I joined the Information Systems Audit and Control Association (ISACA) and proceeded to obtain the Certified Information Systems Auditor (CISA) certification. This has provided me the ability to understand the audit process and, again, how to answer the questions. Following all this training, I decided that the audit field might not be for me, but I'm glad to have had these opportunities. We have been asked multiple times by clients and prospective clients to complete self-assessments of our security practices. These assessments cover similar questions to those that would be asked during an audit. My background and the certifications I've worked for have allowed me to provide our clients with confident responses and the assurances they are looking for. My latest certification is as a Certified Information Security Manager (CISM). This has helped me bring together the technical aspects of the CISSP, the audit aspects of the CISA and the knowledge I obtained from being on a global team that implemented and ultimately certified in ISO 27001. These certifications have given me the expertise to thrive in my position and provide value to my organization in a time when security concerns are at an all-time high. Passion Brings New Opportunities Certifications are not for everyone. If you are passionate about something, I believe you should attempt new things and try to achieve as much as possible. My passion for information security recently brought me to become an active participant in ILTA. Holland & Knight's CIO, Dean Leung, asked if I would be interested in contributing to a new initiative — LegalSEC. I just had to say "yes." This is providing the perfect avenue for me to further explore the legal profession and help make a meaningful contribution to my peers. The initiative is just getting underway, and I am looking forward to working with all the members of this group. I will continue to pursue more knowledge and new experiences, and I recommend that everyone else do the same. Not only does this make you a more valuable part of the team and organization, it provides a more fulfilling, long-term career path. While the past two years at H&K have flown by, I have learned that I prefer the challenges of being in a new environment and a new industry where my contributions make a difference. Sherri Vollick serves as the IT Security Manager at Holland & Knight LLP. Her primary focus is the ongoing development of the information security program. Sherri has over 20 years of experience in IT, security and risk management in a top-tier, global professional services firm. She is an active member of ILTA, the International Information Systems Security Certification Consortium, ISACA and the Information Systems Security Association. Sherri can be reached at sherri.vollick@hklaw.com. Peer to Peer 33