Studying CISA as a Recent Grad

1Sep1969

Hello,

I'm a recent grad with a bachelor degree in Management Information Systems (MIS). I would to write the CISA exam. I've read the comments posted on this site. I understand that reading the manual / study guide and practicing the database questions is the best way of preparing for the exam.

However, when I read the 1st domain chapter and tried to do questions for domain 1, I noticed that there were some terms and topics/tools that aren't covered in chapter 1.

For example, one of the answers for a question is "integrated test facility." When I first saw it, I didn't know what it is and we never covered it in my program. I then noticed that integrated test facility is discussed in the 3rd domain chapter. Another example, "directive control" is no where to be found in the book, which I found strange.

So basically, the manual doesn't cover everything, and for someone who wants to pass the exam with little work experience (besides Coop internships), I am faced with topics/systems/terms that I'm not familiar with: bottleneck locations, topology diagrams, service-oriented architecture, Heuristic scanning tools, etc.

Of course, I can google them and learn this way, but my question is this:

If I try to practice and fully understand all those 1200 questions, is it good enough for me to pass the exam? I read that the actual exam is different and 2% like the database questions, but is it possible that it may contain other terms or questions about certain tools that aren't covered in the manual or database?

I hope I make sense. Please don't tell me how CISA is not entry level, etc, or why I want to pursue it. I just need answers to my question!

636-555-3226

1Sep1969 wrote: »

Hello,

for someone who wants to pass the exam with little work experience (besides Coop internships)

Ah, but you answered your own question there. Very smart!

ISACA certifications require real life experience. Real life experience isn't required to take the test, but it'll help a lot since the test is supposed to measure your real life work experience. Someone, like yourself, without the real life experience is going to be challenged. The study materials aren't supposed to be a memorization tool to help you remember every single topic on the test. They're there to help get you ready for the types of questions and types of topics that will be on the test.

1Sep1969

Some people say you can pass it without real work experience, others say it's not impossible. Some say passing the exam will make you in demand (as a future IT auditor) and make you stand out. I want to know how I can pass the exam now without real work experience. My question was, if I were to practice and fully understand all those database questions, would it be good enough?

Mike7

Each domain in the CISA Reivew Manual has a section Suggested Resources for Further Study, that you can use to supplement your study.

Take note that passing CISA exam does not grant your the CISA certification; you need to demonstrate 5 years of professional auditor experience. You may be able to get some experience waiver. Do refer to How to Become CISA Certified

As for passing, it depends on the individual. Some have failed using both review manual and question bank while others have passed without even studying. So if you are taking, good luck!

TechGuru80

If you don't have the required experience to get the certification, you cannot list the certification so what's the point? Also, higher level certifications like CISA, want you to have experience to fall back on during the exam...this means out of the gate you are at a huge disadvantage.

E Double U

1Sep1969 wrote: »

Please don't tell me how CISA is not entry level, etc, or why I want to pursue it. I just need answers to my question!

Please don't tell people how to answer your question.

Do people pass exams without experience? Yes!

Can you pass without experience? We shall see.

1Sep1969

E Double U wrote: »

Please don't tell people how to answer your question.

I did not tell anyone how to answer my question. I just didn't want them to diverge from the subject and be ask why I want to do CISA as a grad, etc.

Besides what Mike7 wrote, which I'm not 100% if it would help, I didn't really get a proper answer to my question. I fully do understand that I won't instantly become certified if I pass the exam. It's not my concern at this point. From what I've been told, simply having passed the exam would show employers that I'm interested in this field, but no one explains to me how exactly I can prepare for the exam if it requires some real life experience or if I'm going to encounter questions/topics that aren't covered in the manual.

Tongy

I'm not sure you're going to get many positive responses to your very narrow question... Since most that take it are infosec professionals, not recent graduates. And of those, few would be in your shoes (no experience wanting to take CISA) you'll probably get more people telling you what you apparently don't want to hear. You can't use the designation until you fulfil the criteria form being certified so it can't go on your CV (not even as pending endorsement) so for the next 5 years get some experience and do some foundation certs... They will probably prove more useful as your career builds.

dustervoice

There will be questions on the test that isn't directly referenced in the Review manual or Database questions. This is when you draw on real world experience or have an educated guess. If you find yourself guessing a lot then your in trouble! practice questions on the DB and try to score between 80-85% without seeing repetitive questions that will be a good indication of you passing the real thing. Good luck let us know how it works out. I believe the 2016 CISA will be 150 questions not 200.

Mike7

1Sep1969 wrote: »

I'm a recent grad with a bachelor degree in Management Information Systems (MIS). I would to write the CISA exam.
...
Please don't tell me how CISA is not entry level, etc, or why I want to pursue it. I just need answers to my question!

1Sep1969 wrote: »

From what I've been told, simply having passed the exam would show employers that I'm interested in this field, but no one explains to me how exactly I can prepare for the exam if it requires some real life experience or if I'm going to encounter questions/topics that aren't covered in the manual.

So you are a recent MIS grad and want to get into IT audit field via CISA?

From what I understand, those fresh grads that get into IT audit usually have accounting or business degrees and usually through one of the big 4 accounting firms. Some of the IT auditors I met have accounting or business admin degrees. There are others with years of IT experience that later moved into IT auditing, but I guess this is not what you are interested in.

So if you want to get IT audit immediately, I suggest you check out any big 4 Graduate Scheme. Having accounting or business background will help as this is their core business.

Remedymp

Find the local ISACA chapter in your area and pay your annual fee. Take the CISA class that your local chapter offers and then study away at your Q&A.

Although I have said negative things in the past about the exam itself, the ISACA organization is top notch above others.

Dolph

I took CISM with less than 18 months relevant experience (albeit I wasn't a recent grad as I'd made a career change), but did so to show willing to my boss at the time that I was not only interested in, but could understand the concepts in the subject areas. I haven't applied for certification yet, but will probably do so next year. Anything like this that differentiates you from other grads can only be a good thing, and in some ways you will have the advantage of not knowing how the 'real world' works and therefore won't be as likely to disagree with the ISACA view of the world.