Attempting CISA with no IT Security or Audit background.

fallen_warriorfallen_warrior Member Posts: 5 ■□□□□□□□□□
I'm currently working as a web developer in an IT firm for the last 7 months. I am an engineering graduate(2017) in Computer Science. The thing is that I've got zero knowlege in IT Security or Audit background. I'm attempting CISA in June. I already bought the CRM and QAE(hardcopy). As I do not have any background, what precautions or steps I should take while studying?

Comments

  • TheFORCETheFORCE Member Posts: 2,297 ■■■■■■■■□□
    I'm currently working as a web developer in an IT firm for the last 7 months. I am an engineering graduate(2017) in Computer Science. The thing is that I've got zero knowlege in IT Security or Audit background. I'm attempting CISA in June. I already bought the CRM and QAE(hardcopy). As I do not have any background, what precautions or steps I should take while studying?

    You should pray more and evaluate the reasons you are taking the CISA. Do you need it for your job? Will it make you a better developer? Will it add any value to you as a person? People with aspirations to work as IT Auditors usually try the CISA.
  • talbert80talbert80 Member Posts: 29 ■■■□□□□□□□
    If you are looking to move into security try the SSCP or security+. ISC2 offers experience waivers for the SSCP if you have a 4 year degree. Again, I would concur with the previous post. Security or auditing is not necessarily the career to take "just because". However, try the lower certs to get you in the mindset of certification exams. Also do some research on information security and audit careers. Maybe request to shadow an auditor or Info sec analyst for a few hours to determine if it's something you want to do as a career.
  • E Double UE Double U Member Posts: 2,238 ■■■■■■■■■■
    The thing is that I've got zero knowledge in IT Security or Audit background. I'm attempting CISA in June. As I do not have any background, what precautions or steps I should take while studying?

    I really do not understand why you are attempting this exam.
    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
  • mattster79mattster79 Member Posts: 135 ■■□□□□□□□□
    Doesn’t make much sense to me either.
    CISSP
    CISM
  • za3bourza3bour Member Posts: 1,062 ■■■■□□□□□□
    I wouldn't take the exam, you could pass but then what? I see it as a waste of money and time in my opinion
  • PJ_SneakersPJ_Sneakers Member Posts: 884 ■■■■■■□□□□
    Cut the guy some slack, maybe he wants to get into auditing. You will need to demonstrate a certain number of years of experience before you will become fully certified though, even if you pass the CISA exam. Just keep that in mind.
  • fallen_warriorfallen_warrior Member Posts: 5 ■□□□□□□□□□
    Guys, right now I'm a web developer. But this is not what I want to be. My brother works as a cpa in one of the big fours. So he has got the connections to get me a job there. But one thing he asked me to do is to pass the CISA exam. Some inspirations please guys..hahahaicon_lol.gif
  • 1Sep19691Sep1969 Member Posts: 30 ■■□□□□□□□□
    Guys, right now I'm a web developer. But this is not what I want to be. My brother works as a cpa in one of the big fours. So he has got the connections to get me a job there. But one thing he asked me to do is to pass the CISA exam. Some inspirations please guys..hahahaicon_lol.gif

    I graduated from an MIS program and was able to pass the CISA with a few months of study. If I was able to pass the exam, so can you! Just go over the CISA manual and research the topics you aren't familiar with. Do the database questions until you hit the 90s for each domain and get into the ISACA mindset. You'll do fine. You are lucky to have connections in a firm. I looked for an entry level IT audit position for a very long term. Very hard get in. icon_sad.gif
  • fallen_warriorfallen_warrior Member Posts: 5 ■□□□□□□□□□
    Yeah.. That's what. I'm trying to take my career forward as an IS Auditor. If not, why would I waste this much money and time on this. Web Development is an area where you can make money if you are really good at it. Guess what, I suck at programmingicon_redface.gif. Lmao... And my brother can land me a job pretty easily after passing CISA. Atleast, that's what he says....hahaha....So how early should I start and how many hours a day should I study. Preparation tips are much appreciatedicon_lol.gif..
  • TheFORCETheFORCE Member Posts: 2,297 ■■■■■■■■□□
    Yeah.. That's what. I'm trying to take my career forward as an IS Auditor. If not, why would I waste this much money and time on this. Web Development is an area where you can make money if you are really good at it. Guess what, I suck at programmingicon_redface.gif. Lmao... And my brother can land me a job pretty easily after passing CISA. Atleast, that's what he says....hahaha....So how early should I start and how many hours a day should I study. Preparation tips are much appreciatedicon_lol.gif..

    If you are not passionate about something it doesn't matter if someone can help you find an IS Audit job.

    IS Audit jobs are extremely boring, lots of write ups and reports. Read the manual and come back to tell us if the material excited you.

    The point is you gotta find something YOU like not go into a role because your brother can find you a job.
  • fallen_warriorfallen_warrior Member Posts: 5 ■□□□□□□□□□
    I'm really into Computer Networks and Security. I was working with a team in setting a parallel computing environment in college. Yeah, when I went through the manual, the first two domains were not that appealing to me. But I really dig the domains dealing with security,firewall,protection etc. And yeah, he had mentioned that documentation and report making takes up 80% of the audit process and its really boring. Real auditing happens only for 2 weeks in a 2 month audit he said. So yeah, I've thought about it and I've decided to take up IS Auditing as a career. Now I hope everybody will stop criticizing me about my choice and will provide some useful informationicon_sad.gificon_sad.gif.
  • talbert80talbert80 Member Posts: 29 ■■■□□□□□□□
    My older brother told me I couldn't do IT because I am a girl. I was a manicurist at the time. I created a custom multiple user database with client profiles to manage my spa at the time. I found a new love. I decided to take the network+, A+, server+, Linux+, security+ and passed. I began my IT career as a developer. Then a compliance analyst. Then went into security operations. Laterally governance, risk management, and audit. I began my career on a dare from my older brother. The best way to get me to something is tell me I can't. I absolutely love what I do, but not without struggles. I do have some friends who see the money I make and jumped on the bandwagon instead of wanting the career as a desire.

    However, gather materials on ISACA website, like ITAF, audit and assurance programs, COBIT 4 and 5 manuals (free if you're a member). I took the COBIT 5 foundation and implementation exams. The CISM was much easier. But I also had a SSCP, HCISPP, and CISSP. The CISSP materials may help. I found ISACA CISM and CISA material dry. But it may work for you. Join a study group.
  • TheFORCETheFORCE Member Posts: 2,297 ■■■■■■■■□□
    I'm really into Computer Networks and Security. I was working with a team in setting a parallel computing environment in college. Yeah, when I went through the manual, the first two domains were not that appealing to me. But I really dig the domains dealing with security,firewall,protection etc. And yeah, he had mentioned that documentation and report making takes up 80% of the audit process and its really boring. Real auditing happens only for 2 weeks in a 2 month audit he said. So yeah, I've thought about it and I've decided to take up IS Auditing as a career. Now I hope everybody will stop criticizing me about my choice and will provide some useful informationicon_sad.gificon_sad.gif.

    No one is criticizing you about your choice. We are just giving our opinions of which you asked by posting here.
    Learn to accept both positive criticism and negative if any and make your own decisions based on your research and due diligence. A very valuable skill to have as an IS Auditor.
  • E Double UE Double U Member Posts: 2,238 ■■■■■■■■■■
    talbert80 wrote: »
    My older brother told me I couldn't do IT because I am a girl.

    Gotta love big brothers lol
    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
  • roxerroxer Member Posts: 130 ■■■□□□□□□□
    The.ISACA.question.bank - gets you in the mindset to understand the way ISACA words their questions. Wording in everything. I am studying for CISM right now and must tell you that I had to switch gears after the CISA. Know how EDI works--all of it and realize what a bastion host is and how it works.
Sign In or Register to comment.