ISACA CISA - a few questions

veritas_libertasveritas_libertas Member Posts: 5,746 ■■■■■■■■■■
in CISA
Hey everyone, I am thinking about doing the ISACA CISA exam. It might sound odd, but I actually enjoyed studying for the CISSP. I gained a more well rounded perspective of INFOSEC that included Risk, Management, and Auditing. What books did those of you who took the exams recently using?

Also, I don't do auditing, although I've supported the effort by gathering data as needed. I'm an INFOSEC generalist. Do I qualify? According to ISACA's website:
A minimum of 5 years of professional information systems auditing, control or security work experience (as described in the CISA job practice areas) is required for certification.

It looks like I do.
· Share on FacebookShare on Twitter

Comments

  • TechGuru80TechGuru80 Member Posts: 1,539 ■■■■■■□□□□
    I used the Official Manual, db questions and cybrary videos. Cybrary didn’t help that much but I also have had a lot of experience in the domains. Risk management for CISSP is very general, CISA is a lot more in depth...and be prepared it’s very dry material...I started and stopped studying several times over almost 3 years because it was hard to focus.

    Most infosec jobs are going to map to a lot of the tasks so as a general rule you should be fine.
    Security Certification Roadmap
    · Share on FacebookShare on Twitter
  • veritas_libertasveritas_libertas Member Posts: 5,746 ■■■■■■■■■■
    Thank you for taking the time to reply. I guess I need to just pick a book (or books) for the CISA.
    · Share on FacebookShare on Twitter
  • K-9K-9 Member Posts: 82 ■■■□□□□□□□
    It seems like most people here recommend using just the official textbook and database of questions. Seems like a pretty inexpensive way to prepare compared to buying extra books. That is the strategy I am going to use this year.
    · Share on FacebookShare on Twitter
  • JoJoCal19JoJoCal19 Mod Posts: 2,835 Mod
    Can be done without the books if you're tight for money. I used just the online QAE DB. I did get the book as work covered it all, but only had it to reference a few areas I was weak on or needed deeper knowledge. Just pound the DB for a few weeks. Get in the mid to upper 80s and you should be good.
    Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, OCI Foundations Associate, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
    Currently Working On: Python, OSCP Prep
    Next Up:​ OSCP
    Studying:​ Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework
    · Share on FacebookShare on Twitter
  • veritas_libertasveritas_libertas Member Posts: 5,746 ■■■■■■■■■■
    @JoJoCal19: Thank you for replying. Yeah, I was wondering what the best resources are for studying. I typically enjoy reading Sybex study guides and I saw they have one. However, I'm seeing based on replies that the official ISACA book and DB are the way to go.
    · Share on FacebookShare on Twitter
  • veritas_libertasveritas_libertas Member Posts: 5,746 ■■■■■■■■■■
    Is this the official text everyone else used?

    https://www.isaca.org/bookstore/Pages/Product-Detail.aspx?Product_code=CRM26ED
    · Share on FacebookShare on Twitter
  • TechGuru80TechGuru80 Member Posts: 1,539 ■■■■■■□□□□
    Yes...there is only one official manual directly from ISACA, the other is a hard copy of the db practice questions.
    Security Certification Roadmap
    · Share on FacebookShare on Twitter
  • veritas_libertasveritas_libertas Member Posts: 5,746 ■■■■■■■■■■
    Thank you. I'm use to seeing "Certification Guide", not "Review Manual" :)
    · Share on FacebookShare on Twitter
Sign In or Register to comment.