CRISC Passed. CISM, CISA, CRISC all cleared in 43 days.

JoJoCal19JoJoCal19 Mod Posts: 2,835 Mod
Took the CRISC this morning and passed. I must say, this one was the toughest of the three. The questions were nothing like the QAE DB, and I could NOT just eliminate two or three answers immediately. So many questions the answers were all similar and you're trying to determine the best. Unlike the other exams, there wasn't a clear best that stood out to me. This one was also the exact opposite of the CISA QAE DB vs exam. With CISA, I did bad in the DB but aced the exam. With the CRISC I aced the DB but the exam felt super hard.

I was stoked when ISACA moved to CBT with instant pass/fail notification and I knew I was going to knock these out this year. Never thought I would do all three in ONE testing window! After the CISM felt really easy, I decided to go for the CISA and when taking it and feeling like it was so easy decided to attempt to squeeze in the CRISC. Whew! I am DONE with ISACA! (I don't have any reason or desire to push through the CGEIT). So I passed CISM May 8, CISA June 8 and CRISC June 21.

Part of the reason I pushed to knock these out is that I am about tired of pursuing certs that I need to read and memorize information/concepts and take multi-choice exams. I'm honestly about tired of certs period, but I want to pursue more hands on pentesting stuff and also learn to code. I plan to do the CCSK next week, then the PMP in July, and the TOGAF right after and then I think I am unofficially done with certs.
Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, OCI Foundations Associate, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
Currently Working On: Python, OSCP Prep
Next Up:​ OSCP
Studying:​ Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework

Comments

  • tphan3tphan3 Member Posts: 39 ■■□□□□□□□□
    Impressive! Congratulations again. How did you manage to tackle all three while working full-time?
  • JaBaRoJaBaRo Member Posts: 5 ■□□□□□□□□□
    Congrats! You must be a genius.
  • KyrakKyrak Member Posts: 143 ■■■□□□□□□□
    Well done, those 3 are on my list as well, but I'm taking my break now after passing the CISSP.
    Up next: On Break, but then maybe CCNA DC, CCNP DC, CISM, AWS SysOps Administrator
  • JoJoCal19JoJoCal19 Mod Posts: 2,835 Mod
    tphan3 wrote: »
    Impressive! Congratulations again. How did you manage to tackle all three while working full-time?

    Thanks tphan. What I did was wake up at 5am every weekday, and occasional weekend day to practice the QAE DB. I also got in at least 1 hour mid-day. I work from home so I am able to save the time getting ready and commuting to work.

    JaBaRo wrote: »
    Congrats! You must be a genius.

    Thanks JaBaRo. No no, far from genius. I think the key is that I have experience across the domains being tested, as well as I have a good GRC mindset, so that really helped.

    Kyrak wrote: »
    Well done, those 3 are on my list as well, but I'm taking my break now after passing the CISSP.

    The good thing is with the new CBT and test windows, you can schedule and take them when convenient for you.
    Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, OCI Foundations Associate, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
    Currently Working On: Python, OSCP Prep
    Next Up:​ OSCP
    Studying:​ Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework
  • SecurityGuru23SecurityGuru23 Member Posts: 47 ■■■□□□□□□□
    JoJoCal19 wrote: »
    Took the CRISC this morning and passed. I must say, this one was the toughest of the three. The questions were nothing like the QAE DB, and I could NOT just eliminate two or three answers immediately. So many questions the answers were all similar and you're trying to determine the best. Unlike the other exams, there wasn't a clear best that stood out to me. This one was also the exact opposite of the CISA QAE DB vs exam. With CISA, I did bad in the DB but aced the exam. With the CRISC I aced the DB but the exam felt super hard.

    I was stoked when ISACA moved to CBT with instant pass/fail notification and I knew I was going to knock these out this year. Never thought I would do all three in ONE testing window! After the CISM felt really easy, I decided to go for the CISA and when taking it and feeling like it was so easy decided to attempt to squeeze in the CRISC. Whew! I am DONE with ISACA! (I don't have any reason or desire to push through the CGEIT). So I passed CISM May 8, CISA June 8 and CRISC June 21.

    Part of the reason I pushed to knock these out is that I am about tired of pursuing certs that I need to read and memorize information/concepts and take multi-choice exams. I'm honestly about tired of certs period, but I want to pursue more hands on pentesting stuff and also learn to code. I plan to do the CCSK next week, then the PMP in July, and the TOGAF right after and then I think I am unofficially done with certs.


    Congrats! BTW - I suggest you consider tackling the "CCSP" from ISC2 instead of wasting your time on the "CCSK" from CSA. I have the CCSK and felt like it wasn't much value added, it's open book, and ISC2 is a more reputable company than CSA.

    When I took on the CCSK, the CCSP wasn't out yet so that's the only reason why. Just a thought - Good luck either way.

    -SG
  • anthonxanthonx Member Posts: 109 ■■■□□□□□□□
    Wow! Amazing... congrats on the passed. What is your advise to those who will be taking the CRISC exam? Not to rely too much on the QAE DB? In your case, your experience across domains were a big help. This is the exact opposite from what I am hearing about the CISM exam, if you aced the CISM QAE DB then your chances is pretty good. Maybe, passing the CISSP, CISA, CISM & others also of great help to you. In my case, I'm watching the CRISC Cybrary videos to expand my knowledge.
    AnthonX
  • Mike7Mike7 Member Posts: 1,112 ■■■■□□□□□□
    Congrats! I agree with SecurityGuru23, you should go for CCSP instead of CCSK. Fwiw, i get some hits for CCSP and none for CCSK when I do LinkedIn job search for my country.
  • NetworkNewbNetworkNewb Member Posts: 3,298 ■■■■■■■■■□
    Very nice! Congrats. The CCSK is pretty easy though if he wants to add a cloud security cert. Agree it is not as popular though.
  • justdaveyjustdavey Member Posts: 40 ■■□□□□□□□□
    This is awesome. I couldn't agree more with trying to schedule quickly while you're in the ISACA mindset. Congrats!

    Good luck with the PMP. Not sure what your PM'ing experience is but this is the only cert I took a sitdown class for, did a whole bunch of testing questions and still only managed a 'moderately proficient' rating. It was harder than the CISSP for me at least.

    Davey
  • designated1969designated1969 Member Posts: 6 ■□□□□□□□□□
    Congratulation on Passing all these cert exams. Extremely impressed.

    i passed CISM 4 months ago - last of the non CBT icon_surprised.gif I thought CISM was hard as you metioned questions were nothing like the DB.

    I am preparing to take CRISC this Saturday. Currently getting high 90s on the DB questions but still don't feel confident.

    Any last minute advice?
  • pinksjpinksj Member Posts: 89 ■■□□□□□□□□
    Congratulations pretty impressive. All the very best for the next ones.
    Looks like while aiming at ISACA certs it is better to knock down all three with good planning like you.
  • JoJoCal19JoJoCal19 Mod Posts: 2,835 Mod
    Thanks everyone!
    anthonx wrote: »
    Wow! Amazing... congrats on the passed. What is your advise to those who will be taking the CRISC exam? Not to rely too much on the QAE DB? In your case, your experience across domains were a big help. This is the exact opposite from what I am hearing about the CISM exam, if you aced the CISM QAE DB then your chances is pretty good. Maybe, passing the CISSP, CISA, CISM & others also of great help to you. In my case, I'm watching the CRISC Cybrary videos to expand my knowledge.

    I do recommend the QAE DB. For each exam I only used the QAE DB and not the book. For the CISA and CRISC I didn't crack open the books once. Work paid for them so they will make nice references for my bookshelf.

    Congratulation on Passing all these cert exams. Extremely impressed.

    i passed CISM 4 months ago - last of the non CBT icon_surprised.gif I thought CISM was hard as you metioned questions were nothing like the DB.

    I am preparing to take CRISC this Saturday. Currently getting high 90s on the DB questions but still don't feel confident.

    Any last minute advice?

    If you're scoring high 90s then you're doing a little better than I was on the DB. I recommend knowing the WHY behind your answers. Most all of my questions were BEST, MOST, etc and it was a tough choice between some of the answers.

    Congrats! BTW - I suggest you consider tackling the "CCSP" from ISC2 instead of wasting your time on the "CCSK" from CSA. I have the CCSK and felt like it wasn't much value added, it's open book, and ISC2 is a more reputable company than CSA.

    When I took on the CCSK, the CCSP wasn't out yet so that's the only reason why. Just a thought - Good luck either way.

    -SG
    Mike7 wrote: »
    Congrats! I agree with SecurityGuru23, you should go for CCSP instead of CCSK. Fwiw, i get some hits for CCSP and none for CCSK when I do LinkedIn job search for my country.

    The reason for the CCSK is because it's a 'quick win', and as NetworkNewb mentioned, it's an easy cloud cert to add to my resume as I have none. As for the CCSP, I have wanted it since it has come out but due to a couple of reasons I don't know that I'll pursue it. For one, seeing people fail it left and right in the cloud section of the forum. People that I would have thought would pass it for sure. And two, like I mentioned, my time studying for certs like that are coming to an end. I only think I have enough drive left for one more deep study cert and I want the PMP. These certs where you have to read, read, read and take mult-choice are really grueling for me. While I look at the CCSP exam outline and it seems fairly easy, if I put in the effort to study for it and didn't pass then that would probably kill any desire to do another cert for sure. Who knows, if I see more people pass it then I may see if I can do a 1-2 week cram after the PMP. But honestly, I think PMP and TOGAF will be the last of those types of certs I go for.
    Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, OCI Foundations Associate, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
    Currently Working On: Python, OSCP Prep
    Next Up:​ OSCP
    Studying:​ Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework
  • JoJoCal19JoJoCal19 Mod Posts: 2,835 Mod
    Ah screw it, challenge accepted! Read through the outline again and looked at the ToC for the Sybex CCSP Study Guide. I think I can do this without too much trouble.
    Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, OCI Foundations Associate, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
    Currently Working On: Python, OSCP Prep
    Next Up:​ OSCP
    Studying:​ Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework
  • tphan3tphan3 Member Posts: 39 ■■□□□□□□□□
    You should go for CCSP for sure. I am half way through the CCSP study guide, and it seems very easy to read. All the stuffs I have read so far are pretty basic as they are also included during my time studying for the CISSP.
  • designated1969designated1969 Member Posts: 6 ■□□□□□□□□□
    Congratulation on Passing all these cert exams. Extremely impressed.

    i passed CISM 4 months ago - last of the non CBT icon_surprised.gif I thought CISM was hard as you metioned questions were nothing like the DB.

    I am preparing to take CRISC this Saturday. Currently getting high 90s on the DB questions but still don't feel confident.

    Any last minute advice?



    Today I passed CRISC - final result in 10 days!:D

    CBT experience was horrible, lots of technical issues, where the software just stopped responding with about 94 minutes left icon_cry.gif by the time it was resolved the proctor had to leave so was forced to submit the exam with 30 minutes still on the clock.

    I continued with DB review - logged about 60 hours scored 100% on three of the 4 modules but the DB questions were nothing like the real exam and a week off work to read the book - not the most exciting read but totally paid off.
  • [Deleted User][Deleted User] Senior Member Posts: 0 ■■□□□□□□□□
    Congrats that is a lot to accomplish in 43 days!
  • datacombossdatacomboss Member Posts: 304 ■■■□□□□□□□
    JoJoCal19 wrote: »

    Part of the reason I pushed to knock these out is that I am about tired of pursuing certs that I need to read and memorize information/concepts and take multi-choice exams. I'm honestly about tired of certs period, but I want to pursue more hands on pentesting stuff and also learn to code. I plan to do the CCSK next week, then the PMP in July, and the TOGAF right after and then I think I am unofficially done with certs.

    I took and passed the CRISC exam on 6/27 and I found some of the questions to be exactly like the online Q&A. Was fairly easy. PMP and COBIT 5 were more difficult IMO. You can pass the PMP using the PM Exam Simulator only, so don't waste time or money on books or classes. Just use a on-line source to get your 35 hours of required PM education.
    "If I were to say, 'God, why me?' about the bad things, then I should have said, 'God, why me?' about the good things that happened in my life."

    Arthur Ashe

  • asiru77asiru77 Member Posts: 65 ■■□□□□□□□□
    Congrats , what is your exp for level of difficulty for these 3 exams ?
  • TeKniquesTeKniques Member Posts: 1,262 ■■■■□□□□□□
    Congrats! Nice work, very impressive. Good luck on your next adventure!
  • JoJoCal19JoJoCal19 Mod Posts: 2,835 Mod
    I took and passed the CRISC exam on 6/27 and I found some of the questions to be exactly like the online Q&A. Was fairly easy. PMP and COBIT 5 were more difficult IMO. You can pass the PMP using the PM Exam Simulator only, so don't waste time or money on books or classes. Just use a on-line source to get your 35 hours of required PM education.

    Thanks for that! I'll take a look. I got my approval over the weekend so I've paid and have started studying.

    asiru77 wrote: »
    Congrats , what is your exp for level of difficulty for these 3 exams ?

    Thanks! I have about a decade of experience across multiple InfoSec domains. For the ISACA exams I'd say overall 6+ years across the various exams' domains.

    TeKniques wrote: »
    Congrats! Nice work, very impressive. Good luck on your next adventure!

    Thanks!
    Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, OCI Foundations Associate, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
    Currently Working On: Python, OSCP Prep
    Next Up:​ OSCP
    Studying:​ Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework
  • asiru77asiru77 Member Posts: 65 ■■□□□□□□□□
    thanks for your reply but i was asking that between CISM CISA and CRISC exams which one is most difficult and which on is the easiest and why ?
  • averageguy72averageguy72 Member Posts: 323 ■■■■□□□□□□
    Wow, congrats!
    CISSP / CCSP / CCSK / CRISC / CISM / CISA / CASP / Security+ / Network+ / A+ / CEH / eNDP / AWS Certified Advanced Networking - Specialty / AWS Certified Security - Specialty / AWS Certified DevOps Engineer - Professional / AWS Certified Solutions Architect - Professional / AWS Certified SysOps Administrator - Associate / AWS Certified Solutions Architect - Associate / AWS Certified Developer - Associate / AWS Cloud Practitioner
  • IaHawkIaHawk Member Posts: 188 ■■■□□□□□□□
    You are machine! Congrats.
  • JoJoCal19JoJoCal19 Mod Posts: 2,835 Mod
    asiru77 wrote: »
    thanks for your reply but i was asking that between CISM CISA and CRISC exams which one is most difficult and which on is the easiest and why ?

    Can only speak for myself, but the CRISC was my lowest score (504) and it felt the hardest while I was taking it (it felt the easiest while preparing for it thought). The CISM was in the middle, felt easy prepping and pretty easy during the exam (604). The CISA felt the hardest preparing for it, but the exam experience felt the easiest (654).
    Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, OCI Foundations Associate, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
    Currently Working On: Python, OSCP Prep
    Next Up:​ OSCP
    Studying:​ Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework
  • asiru77asiru77 Member Posts: 65 ■■□□□□□□□□
    JoJoCal19 wrote: »
    Can only speak for myself, but the CRISC was my lowest score (504) and it felt the hardest while I was taking it (it felt the easiest while preparing for it thought). The CISM was in the middle, felt easy prepping and pretty easy during the exam (604). The CISA felt the hardest preparing for it, but the exam experience felt the easiest (654).

    thanks for the input
  • SpanSpan Member Posts: 32 ■■□□□□□□□□
    JoJoCal19 - are you a student of full time employed? IT? Did you proof the needed on the job experience so you can be accredited or are you just writing the certs to validate your knowledge?
  • JoJoCal19JoJoCal19 Mod Posts: 2,835 Mod
    Span wrote: »
    JoJoCal19 - are you a student of full time employed? IT? Did you proof the needed on the job experience so you can be accredited or are you just writing the certs to validate your knowledge?

    I have over a decade of InfoSec experience in multiple domains and am currently a Sr Manager in Information Security Risk Management handling all of the stuff the ISACA certs cover. So I've more than met all of the requirements of the ISACA certs. That's also why the exams seemed easy for the most part. And yes, I am currently a student as well.
    Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, OCI Foundations Associate, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
    Currently Working On: Python, OSCP Prep
    Next Up:​ OSCP
    Studying:​ Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework
  • SpanSpan Member Posts: 32 ■■□□□□□□□□
    10 certs and counting. You're a machine! icon_cool.gif
  • woodworkwoodwork Member Posts: 5 ■□□□□□□□□□
    Jojo - Congrats my friend! Do you have any suggestions on the CRISC exam? I am taking it in November of this year. My plan is to read the book & go through the questions but i saw on your post that the exam was far more difficult than you had expected. Is there anything you would do differently to prepare (even though you passed)? Is there any other content you may consider going through that you did not do the 1st time around...? Any other suggestions are welcomed :)

    Thank you and a HUGE CONGRATS to you again.
  • FSF150FSF150 Member Posts: 119 ■■■□□□□□□□
    Congrats! Completed CRISC as well last weekend and agree with your assessment. Can't imagine what my actual score was, got another 5 business days until ISACA tells me.

    I think CISA/CRISC is a good combo for me for now.
    First we drink the coffee. Then we do the things. :neutral:
Sign In or Register to comment.