The Network: Lilia Liu Chung

The Network
Author: ISACA
Date Published: 1 March 2015

Lilia Liu ChungLilia Liu Chung has more than 20 years of experience in information technology with emphasis on implementing of industry best practices. She has a background as an advisor in computer crime, white-collar crime and corporate fraud, and security of IT; a chief information officer; an information systems auditor; and a legal advisor.

What are your three goals for 2015?

  1. Advising boards of directors in companies
  2. Strengthening the firm’s personnel in the use of forensics tools for research
  3. Increasing networking with other unions

What’s on your desk right now?

  • Two audit reports for review
  • My computer
  • A glass of water

How has social media impacted you professionally?

Social networks allow for ease of communication. If used wisely, they can be a strong means of communication and a way to spread awareness.

What’s your number-one piece of advice for other risk professionals?

Be sure to check thoroughly before expressing an opinion in writing to avoid misunderstanding.

What's your favorite benefit of your ISACA membership?

Staying up to date on the latest issues facing audit and security professionals.

What do you do when you’re not at work?

I like gardening and working on feng shui.


Question How do you think the role of the IS auditor is changing or has changed? What would be your best piece of advice for IS auditors as they plan their career paths and look at the future of IS auditing?

Answer The role of the auditor has evolved as new technologies have emerged and become part of our daily activities. As we integrate new technologies, using them makes organizations vulnerable to new risk, not only technological, but reputational, operational, etc. As auditors, we must be prepared for any kind of associated risk. Mostly, we find organizations that upload data to the cloud or use social networks, big data, or wireless devices, such as cell phones, tablets, USB sticks and others, have fragile security procedures that are capable of being impaired by any internal or external attack. The lack of policies, periodic reviews, adequate supervision or continuous monitoring may cause problems for organizations. My best advice for auditors as they plan their futures is to discuss what they want to be, where they want to go, what scope they want in their career and what contribution they want to provide to society with their work. The advantage of auditors is that they can work in any company regardless of industry or sector. Though as a result, the auditor must document, study and tap into a broad knowledge base.

Question Your experience ranges from computer crime and corporate fraud consulting to IT security to IS audit. Please describe the adjustments you have made in your career to complete these transitions and how you have used your experiences in each role to better you for the next.

Answer I had to make adjustments throughout my career because I have seen that a technical degree in computer systems engineering, while very comprehensive, falls short. By supplementing that degree with a master’s in business administration with an emphasis in finance, I came to understand that technology goes hand in hand with business objectives, how to determine which way is the north of the organization, possible financial problems, and how the economy is moving regionally and globally.

Today, computer crime is the order of the day. Thus, I’ve drawn my attention to the study of crime and I also participate with a number of associations in the fight against fraud. As a lawyer specializing in technology issues, I have had the opportunity to review contracts on service level agreements, prepare contracts, see and prepare intellectual property issues, and participate as an expert on issues of cybercrime. It is never too late to study and train. We must be continuously learning to keep up with the always evolving technology race.

Question As an entrepreneur, what unique challenges have you encountered in beginning your own consultancy?

Answer As an entrepreneur, one of the biggest challenges I found was marketing the firm. It is quite simple when you work in a larger organization with a structure, a management body and many employees. The biggest challenge I’ve had has been to start from the ground up; even when you know and have familiarity with clients, there is much work of evangelization. One of my biggest secrets to overcome this has been volunteering and networking through associations such as ISACA and the Association of Certified Fraud Examiners (ACFE).

Question How has volunteering with a leading industry association, such as ISACA, helped and advanced your career and professional life?

Answer Volunteering has raised my professional experience—increasing my knowledge on many subjects beyond auditing, allowing me to exchange ideas with people from other countries, improving my exposure to the public, sharing with and teaching others what I have learned—and it has provided me with ongoing development.

QuestionWhat has been your biggest workplace or career challenge and how did you face it?

Answer My biggest workplace challenge was when I was appointed chief information officer at a recognized insurance company in my country. With the appointment, I moved from being an auditor to being the executor. With the support of the management body and the board of the company, I was able to successfully transition. The most important thing I learned from that experience is the importance of working together with other people to meet the goals of the organization—one person cannot do it alone.