CISA 2018- general thoughts
Hi guys- i've read through lots of the posts on here over the last few weeks and really helpful. I'm planning on taking CISA mid September. I'm at a Big4 in London and have a few years here (plus a couple from previous roles). So far, I read the manual cover to cover and did some of the hardcopy question bank questions. Now, my plan is to just try and stay topped up and take a week off work beforehand to smash through the online bank (will need to buy this as my company only pay for the book- know it's the same questions, but think it will be more useful).
Just had a few queries about the general theme from people who've taken the exam over the last couple of years. There seems to be a mixed view on whether the exam questions are similar to the question bank questions- harder/easier etc. Also, conflicting opinions on whether the exam is really 90% governance & 10% technical IT perspective vs. more equally split. So far, the questions in the question book seem to make sense, although a lot of people say the exam questions are badly worded deliberately etc. Plus this whole 'ISACA mindset'- so far, i'm not 100% what this means- if it means e.g. things like business always over IT, general audit ethics as per ISACA, sequencing of activities etc.- then I think I get it.
Sorry for the ramble, and any discussion on this would be most appreciated.
Chris
Just had a few queries about the general theme from people who've taken the exam over the last couple of years. There seems to be a mixed view on whether the exam questions are similar to the question bank questions- harder/easier etc. Also, conflicting opinions on whether the exam is really 90% governance & 10% technical IT perspective vs. more equally split. So far, the questions in the question book seem to make sense, although a lot of people say the exam questions are badly worded deliberately etc. Plus this whole 'ISACA mindset'- so far, i'm not 100% what this means- if it means e.g. things like business always over IT, general audit ethics as per ISACA, sequencing of activities etc.- then I think I get it.
Sorry for the ramble, and any discussion on this would be most appreciated.
Chris
Comments
-
krucial85 Member Posts: 84 ■■■□□□□□□□I think you do get it. I passed the CISA exam a couple of years ago and will submit my application for certification in November. I might not have a popular opinion about the certification processes (CISSP, CISA, etc.) but I believe that the certifications that are not technical (i.e. more from a management perspective) do lend themselves to thinking like the authors of the certifications. If you understand the concepts presented in the materials I believe you will do fine on the exam because the questions on the exam become "common sense" (after you've been indoctrinated into the way that the certification authors think)."The way to succeed is never quit. That's it. But be really humble about it."
-
lucky0977 Member Posts: 218 ■■■■□□□□□□[QUOTE=Plus this whole 'ISACA mindset'- so far, i'm not 100% what this means- if it means e.g. things like business always over IT, general audit ethics as per ISACA, sequencing of activities etc.- then I think I get it.
Chris[/QUOTE]
You have to drink the "Kool-aid". What gets a lot of people in trouble when taking these exams is that they'll use their working experience to answer the questions. The "kool-aid" is ISACAs version of how they want you to answer the question. The Q&A database is probably the best set of practice questions for the exam and you'll be able to tell which ones are "kool-aid" type questions when you try and answer their scenarios with how you would do it at your job and quickly become frustrated when you find out the way you do it at your job differs from what ISACA is looking for.Bachelor of Science: Computer Science | Hawaii Pacific University
CISSP | CISM | CISA | CASP | SSCP | Sec+ | Net+ | A+ -
Info_Sec_Wannabe Member Posts: 428 ■■■■□□□□□□You have to drink the "Kool-aid". What gets a lot of people in trouble when taking these exams is that they'll use their working experience to answer the questions. The "kool-aid" is ISACAs version of how they want you to answer the question. The Q&A database is probably the best set of practice questions for the exam and you'll be able to tell which ones are "kool-aid" type questions when you try and answer their scenarios with how you would do it at your job and quickly become frustrated when you find out the way you do it at your job differs from what ISACA is looking for.
+1 for lucky0977!
While working experience does help, it is not always the case. I used to work for one of the Big 4 firms as well and found out that the methodologies we use or follow isn't necessary consistent with that of ISACA's, not because it is wrong, but rather, ISACA tests us on "what should be" or the "ideal" way of doing things, at least IMHO.X year plan: (20XX) OSCP [ ], CCSP [ ] -
KPMG1000 Member Posts: 9 ■■□□□□□□□□Thanks guys- appreciate the input. So far, i've actually found the manual to be interesting. A lot of work here is high-level almost tick box external audit type work and the manual is much more expansive- Domain 3 in particular is of interest to me as I do a lot of project risk/programme assurance.
Chris