Passing the CISA exam

Passing the CISA exam – Certified Information Systems Auditor

So I though it would be interesting to post up a blog post about my experience challenging the the CISA exam last year in 2016.

I had started this blog a bit afterwards, and never really thought about posting my experience. But, many others have always asked about my experience taking the CISA exam ,and if there were any tips I could give them to better their chances of passing the exam.  My hope is this post helps those that end up reading this and gives them a better insight on the adventure of obtaining the ISACA CISA certificate.

Preparing for the CISA exam

I would recommend you take at the minimum of 4 months to prepare for the exam.

On average I spent about 2 hours per a day on a week day.

And, 8-12 hours spent on weekends.

The best advice would be to put in the time to study. People start to slack off or procrastinate over the 4+ months as I’ve learned talking to others about their experiences.

Quiz Bank

The official ISACA CISA test/quiz bank was a huge help to me. I highly advise you purchase it. Yes, it does cost more, but it gives you a year to make use of it and will provide you the most real like test bank. The questions obviously will not be the same on the exam. However, it does provide you a sense of how questions will be addressed to you. And, the type of approach you must take to answer them. I was highly advised by other CISA exam takers to go down this route and purchase the quiz bank. The best part for me was that as long as I had internet access, and a device that had a browser. I could practice just about anywhere, on the bus, waiting for someone at a cafe etc…

Book Material

I also had purchased the book, but did not use it as much as I thought I would in the end. Other CISA exam challengers had advised me not to get the book, as they felt it was very dry and hard to read. The only time I referred back to the book was if I did not answer a question correctly on the quiz bank. Although, the quiz bank does provide a VERY good explanation of why you got it wrong. I found there were a lot of questions on the test bank that are very “it could be A or B”. They are so similar in nature and you’ll find those are the really tricky questions found on the quiz bank. Overall, the quiz bank and book should be sufficient enough to give you the knowledge needed to pass the exam. Also don’t forget that the quiz bank only seems to cover certain questions or topics. So if you don’t at least skim through the book you may miss out on some knowledge that will be needed on the exam.

Study Strategy

My strategy for the exam was to see what section was my weakest. The online quiz bank will test out various questions from different section of knowledge. I looked at the my weakest and spent a lot of time on those types of questions. I also read those sections in the book, because there isn’t a point on spending extended time on things you know or feel very comfortable with. You want to spend that extra bit of time on the things that you don’t understand that well, as there is a high likelihood of a question popping up related to it.

Additionally, what helped me out a lot is the work experience. I think anyone that has any sort of auditing or information security background is definitely going to have an advantage on this exam. You can always answer a question based off your experience and what you did during certain situations.

The Exam

So it’s the day of the exam which in my case was on a Saturday (not fun). It’s early morning and you can see the people there that have not slept at all. You can see them pumping in as much coffee as possible! Surprisingly, I did not see as many people as I thought there would be attending the exam. There is a mix of members writing the CISA, CISM, and a few other certs that ISACA offers. Since ISACA makes use of scantrons, be sure you have lot’s of pencils and erasers with you. The last thing you want is a broken pencil and having no backup option.

No electronic devices are allowed or any drinks. So be sure you have a good breakfast in the morning before the exam. It’s a multiple choice exam just like the quiz bank. So worse comes to worse and you have absolutely no idea what the correct answer might be. You have at the minimum a 25% chance of getting it correct. Overall, it was a long exam and I took my time till the end. Lot’s of people were gone early on, but I always see it as if you’re given all this time. Why not make use of it and use it to your own advantage. Overall, it’s a straight forward exam and if you do the quiz bank and your readings you should be fine.

After the exam

Now most might think studying and learning was already challenging enough to begin with. The other challenging part is once you have handed in your exam. The waiting time can be brutal for some, as it can take several weeks. I remember reading other peoples replies on online forums about what they thought of the exam. And, like many people including myself many of us felt we either passed well or failed miserably. It was one of those exams where there was no certainty as to how it went. I personally just let it go and went on as if I never even wrote an exam. It really eases things and you don’t think about it any longer. After about a month and half or so I got an email from ISACA. They let you know if you passed or failed and you can then verify your score on ISACA’s website.

Work Experience

As I stated earlier in my study strategy. Work experience helped me out on a lot of quiz questions. A lot of times I always asked myself when I was in a similar situation what did I do at work to remedy the situation or task. They may be technical questions related to encryption or more related to auditing such as change controls and user access management. I personally feel those that challenge the exam get some work experience. It will definitely give you the extra edge if you get stuck on a question you’re past experience is what will guide you to the right response. Not only that, work experience is also required for at least part of obtaining the CISA certificate. More details for part exemptions can be found on ISACA’s website.

Good Luck

Well, that’s all I really have to say about the journey to the CISA cert. I hope this guide gives you a better idea on how to approach the exam. It’s quite a challenge, but you will really appreciate it when you finally obtain the certificate. Here’s me wishing you the best of luck with it!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.