Is ISACA's 'IT Risk Fundamentals' something I should attempt before CRISC? + free online resources?
Hi everyone,
So I'm new to the platform, came across it while doing my research on the CRISC exam and the best way to prepare for it through a blog post on InfoSec.
I am coming from a 2 year stint in a big 4 firm though I was placed mostly in Internal Audit assignments for external clients and found myself on track to start getting ready to study my CIA. However after leaving that environment and reassessing my personal career desires, I would like to attempt the CRISC exam because prior to this work experience, most of my career has been drenched in IT support, DB admin and some programming work (I have a BSc in CompSci). This really doesn't have me feeling like I have the right foundational risk-related knowledge to hop right into CRISC study and ace on first attempt without acquiring ISACA's 'IT Risk Fundamentals Certificate' at least so that I jump into it from there.
For those that have passed the CRISC exam and/or the IT Risk Certification, would it be something you'd recommend I go through first, before attempting CRISC? (Aside from the fact that it'd also look great on my CV). Funds are really tight right now, and I honestly see myself being able to sit for either Q1-Q2 next year barring study time and available resources, are there any free resources that could help me prep in the mean time as I get the funds together to access official study material as well as process exam registration?
So I'm new to the platform, came across it while doing my research on the CRISC exam and the best way to prepare for it through a blog post on InfoSec.
I am coming from a 2 year stint in a big 4 firm though I was placed mostly in Internal Audit assignments for external clients and found myself on track to start getting ready to study my CIA. However after leaving that environment and reassessing my personal career desires, I would like to attempt the CRISC exam because prior to this work experience, most of my career has been drenched in IT support, DB admin and some programming work (I have a BSc in CompSci). This really doesn't have me feeling like I have the right foundational risk-related knowledge to hop right into CRISC study and ace on first attempt without acquiring ISACA's 'IT Risk Fundamentals Certificate' at least so that I jump into it from there.
For those that have passed the CRISC exam and/or the IT Risk Certification, would it be something you'd recommend I go through first, before attempting CRISC? (Aside from the fact that it'd also look great on my CV). Funds are really tight right now, and I honestly see myself being able to sit for either Q1-Q2 next year barring study time and available resources, are there any free resources that could help me prep in the mean time as I get the funds together to access official study material as well as process exam registration?
Answers
-
UnixGuy
Mod Posts: 4,557 Mod
I'm not familiar with IT Risk cert, and it really depends on your backgroundDo you feel that CRISC contents are too hard? are you familiar with some of them?Having internal audit experience you're already ahead of the game for CRISC. Use the ISACA Q&A DB and see how you go, only you can know if you have enough background for it or not.Alternatively, some people do CISA before CRISC/CISMCerts: GSTRT, GPEN, GCFA, CISM, CRISC, RHCECheck out my YouTube channel: https://youtu.be/DRJic8vCodE -
dphiri002
Member Posts: 3 ■■□□□□□□□□
It's just a Fundamentals cert that ISACA offers sort of to get your feet wet before diving into CRISC I guess. The CRISC content I'm definitely getting understanding of the more I browse through and like you mentioned, having had the experience, I definitely get most concepts and how they apply, I just feel with IT background, the Risk space takes a whole lot more getting used to in a way. Once I have the funds to, will definitely access ISACA Q&A DB and see how well I do. I'm not keen on CISA, mostly because I really feel CRISC really aligns with where I want my career to go (Risk/Compliance rather than audit), though for now I'm interested in free resources online that would give me a feel of what CRISC is like or at least have me cycling through practice questions/tests to get my mind oiled. Still looking to get into my next role as far as employment goes, so not much mind-oiling currently. Any leads? -
UnixGuy
Mod Posts: 4,557 Mod
The Q&A reflect the difficulty of the exam itself so this will really help you know if it's a good idea. Do the Q&A over and over, and go over the weak areas, this way you will know when you're ready
Certs: GSTRT, GPEN, GCFA, CISM, CRISC, RHCECheck out my YouTube channel: https://youtu.be/DRJic8vCodE -
E Double U
Member Posts: 2,223 ■■■■■■■■■■
As someone that likes to just shoot for the moon, I completely disregard "gateway" or stepping stone certifications. I would rather just go for the one that I really want which is usually the one higher in demand. My vote is to skip getting your feet wet and just dive right in.
I am not aware of any free resources for any ISACA offerings. I am currently studying for CRISC the same way I did for CISM and CISA which is reading the latest ISACA review manual and then jumping into the QAE database.Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS -
lib0517
Member Posts: 5 ■■□□□□□□□□
Are you still continuing to study for the CRISC exam? I am currently studying for the CRISC exam as well.
-
lib0517
Member Posts: 5 ■■□□□□□□□□
Yes, I am using the ISACA manual and Q&A database. They say study use multiple study resources not just ISACA. I just want to be fully prepared.
-
E Double U
Member Posts: 2,223 ■■■■■■■■■■
Not sure who "they" are, but most people (myself included) that have experience with ISACA credentials state the ISACA material is enough. On the job experience is what should supplement the ISACA study material. If one does have the required minimum work experience then that is enough.lib0517 said:They say study use multiple study resources not just ISACA. I just want to be fully prepared.
Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS -
lib0517
Member Posts: 5 ■■□□□□□□□□
Right. Trainers, as well as the ISACA manual indicate the manual or q&a database is not a single source of preparation. Bottom line, I want to be more than equipped and prepared
-
E Double U
Member Posts: 2,223 ■■■■■■■■■■
To each his own. Overkill for some might not be enough for others. Good luck!Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
