My experience with CISA (old job practice)

SljderSljder Member Posts: 1 ■■□□□□□□□□
Hi all!

So I've passed CISA few weeks ago (Overall score of 663)

I've been reading this forum, find it helpful (and inspiring I guess :)  ) so wanted to contribute by sharing my experience. Quick disclaimer - I've studied and took exam with old (prior 2019 May) job practice, however I don't thing it changed fundamentally.
Little bit about myself: I have CS degree with slightly more than 1.5 years of hands-on IT audit experience. I took exam in english which is not my native language.

Some of my thoughts
I've used official CISA manual and QAE.
Reading official CISA manual helped, but only a bit (basically to cover glossary as well as some opaque concepts). Then again - I haven't read it cover-to-cover so maybe that's why....
I can agree with everyone here who says that QAE db is essential and I highly recommend using it. 
If you become ISACA member before exam (considering discounts I don't see why not) they will give you demo of QAE book (~150 questions from domain 1) - at least use this one,if you're not considering using full QAE.

My study involved mostly going through QAE db (~1.5 times). If I find a question that I cannot answer (even if I can guess it right) first I'll read QAE explanation and then turn to Manual to read just a little bit more while trying to figure out what other things can they ask from the same topic.

I can also confirm that all questions in exam are different from QAE, however they are usually related to same concepts (e.g. if in QAE you'll get a question about residual risk, during exam you'll be asked about inherent risk in same manner and so on)

I've studied ~3 weeks (up to 4 hours every business day + ~6-8 during weekends) with a break or two in between. Before exam, I didn't felt too confident, but I doubt whether few days back or forth would have drastically changed anything. While I do not recommend studying for few weeks only - it's definitely doable given you're willing to put your life on hold and have some experience.
Time limit during exam is pretty generous, it took me ~2 hours to finish with plenty of time left, so don't worry too much about that.
Finally, I didn't find language to be too difficult. There were few phrases that I found odd, but those were few and far in between so definitely nothing too extreme here.

Bottom line (basically just confirming what other posted so far):
-Use ISACA's QAE if you can! Or at least see as many sample questions as possible. I higly discourage attempting exam without checking sample questions.
-Don't expect same questions in exam as you see in QAE. There will be none, however style and general concepts are very simillar. It also goes without saying that memorizing questions from QAE is not a good idea :)
-Get to know basic terms and definitions (e.g. risk types, job titles and responsibilities, audit vocabulary, etc.)


Sign In or Register to comment.