Provisionally passed CRISC on 5-Feb
E Double U
Member Posts: 2,239 ■■■■■■■■■■
Began studying in November with only the ISACA review manual and QAE database.
Gave the manual one good read and reviewed the major points two more times. I continued going through all 599 questions in the database until I was consistently scoring a minimum of 80%. I took a break for a few weeks in January, but for the past two weeks I started hammering through the database again.
I completed the exam in two hours. I skipped a lot of questions in the beginnng of the exam because my technique is to always skip questions I cannot answer immediately. Whenever I take exams I like to keep count of the ones I feel I know for sure. If I feel confident the amount I have scored correctly is enough to pass then I do not stress hard when I go back over the questions I skipped. I flagged quite a few questions, but did not go back to review them because I don't think it is a good idea to change my answers.
I might do CGEIT next, but undecided.
Gave the manual one good read and reviewed the major points two more times. I continued going through all 599 questions in the database until I was consistently scoring a minimum of 80%. I took a break for a few weeks in January, but for the past two weeks I started hammering through the database again.
I completed the exam in two hours. I skipped a lot of questions in the beginnng of the exam because my technique is to always skip questions I cannot answer immediately. Whenever I take exams I like to keep count of the ones I feel I know for sure. If I feel confident the amount I have scored correctly is enough to pass then I do not stress hard when I go back over the questions I skipped. I flagged quite a few questions, but did not go back to review them because I don't think it is a good idea to change my answers.
I might do CGEIT next, but undecided.
Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
Comments
-
E Double U Member Posts: 2,239 ■■■■■■■■■■My QAE database stats as of last night before taking the exam this morning.
Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS -
E Double U Member Posts: 2,239 ■■■■■■■■■■UnixGuy said:Congrats!Why do you want to pursue CGEIT ?
I don't actually need it, but based on the outline there is overlap with my other credentials from ISACA, ISC2, and even ITIL. Seems like an easy win plus I have more than enough budget for it. I think I am just taking exams for fun at this point in combination with taking advantage of every dollar my employer is willing to spend.Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS -
UnixGuy Mod Posts: 4,570 Mod
-
Info_Sec_Wannabe Member Posts: 428 ■■■■□□□□□□E Double U said:UnixGuy said:Congrats!Why do you want to pursue CGEIT ?
I don't actually need it, but based on the outline there is overlap with my other credentials from ISACA, ISC2, and even ITIL. Seems like an easy win plus I have more than enough budget for it. I think I am just taking exams for fun at this point in combination with taking advantage of every dollar my employer is willing to spend.
UnixGuy said:X year plan: (20XX) OSCP [ ], CCSP [ ] -
E Double U Member Posts: 2,239 ■■■■■■■■■■Having employers that pay for trainings, exams, study materials, and annual maintenance fees is why I have been on this big certification run over the years. Earlier in my career I was an external contractor paying for these things out of pocket. I know the pain of money down the drain for failing exams multiple times. Once I obtained employment with organizations that would cover all expenses I have taken full advantage and plan to continue doing so until the well runs dry.
Having 10+ credentials that require fees to keep them active gets quite expensive so I will definitely let some go if I end up with a company that does not have the budget to cover the costs. But until then...Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS -
UnixGuy Mod Posts: 4,570 ModI mean I can't complain, I claim them on tax, I just don't understand why ISACA need fees, it annoys me because I get zero value from themAt least SANS update their material and they send you the updated material...ISACA? I only get marketing emails from them about "chapter meetings" that I will never ever attend (attended them twice, no thanks)
-
E Double U Member Posts: 2,239 ■■■■■■■■■■ISACA even has an application processing fee of $50 lol. I do like that SANS provides updated material which I guess is their justification for their high renewal fee, but I honestly do not need the new material. GIAC credentials are valid for four years so by that time I am already in a different role than at the time of taking the exam which is when I would have needed the material.
If I reach the point where I have to fund all of this myself, I think I would only maintain CISSP and CISM as they are the most consistently mentioned in the vacancies that catch my eye.Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS -
E Double U Member Posts: 2,239 ■■■■■■■■■■Received an official scaled score of 621
I score higher with each ISACA go-round. 536 for CISM (2017) and 572 for CISA (2018).Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS -
E Double U Member Posts: 2,239 ■■■■■■■■■■My certification process is taking a while since I had my employer pay the application fee and apparently ISACA had so many requests to process at the same time. Received an email from ISACA yesterday stating that I do meet the qualifications and will be certified within ten business days.Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
-
SteveLavoie Member Posts: 1,133 ■■■■■■■■■□Yeah, ISACA is probably having a lot of request based on the end of the current CISM exam at the end of the month. I am in this race with @JDMurray I just hope to pass.. and get a better score than him.. (Just teasing!)
-
JDMurray Admin Posts: 13,099 AdminI'm hoping just to pass. This is a lot of material to digest in such a short time...
-
E Double U Member Posts: 2,239 ■■■■■■■■■■Good luck gentlemen!Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
-
E Double U Member Posts: 2,239 ■■■■■■■■■■Officially certitied as of 12-MayAlphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
-
SteveLavoie Member Posts: 1,133 ■■■■■■■■■□Exam succeeded ! I felt somewhat confident, but as the exam started, it was not as sure. It was also one of the first time, I didnt get totally OCD on the exam preparation and mostly used my experience and the 3 UofT class as preparation. I used the ISACA Q&A book and did half the question only. Many questions of this exam come from directly from the book, so it is definitely a good ressources.
-
JDMurray Admin Posts: 13,099 AdminHey congratz! It's great to get past that cert.I decided to take more time and go for the CISM 2022 later this year. I noticed new Pluralsight content being released this month for the new CISM exam and the material looks more interesting. I'm al;so guessing that a lot of the CISM 2018 material was carried forward and topics like Cloud and Incident Response will be expanded.
-
SteveLavoie Member Posts: 1,133 ■■■■■■■■■□From what I heard, the changes are very cosmetic. They shuffled some subject from domain to domain. Also they shifted the focus more on incident management and other operationnal concern rather than governance.
But in my case I am happy it is done. Next one CISA, GCIH or OSCP. -
E Double U Member Posts: 2,239 ■■■■■■■■■■SteveLavoie said:From what I heard, the changes are very cosmetic. They shuffled some subject from domain to domain. Also they shifted the focus more on incident management and other operationnal concern rather than governance.
But in my case I am happy it is done. Next one CISA, GCIH or OSCP.
opinion because of the material overlap across ISACA credentials.Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS -
JDMurray Admin Posts: 13,099 AdminCISA, CISM, and CISSP is the "triple crown" of InfoSec and is certainly more respected than my intended choice of the CISSP-ISSMP after the CISM. I think this will be an easier sell to my employer than building a business case for a SOC manger having a GCIH.
-
SteveLavoie Member Posts: 1,133 ■■■■■■■■■□IMO, a SOC manager having a GCIH make sense. Well more sense than having CISSP-ISSMP. ISC2 are neglecting their advanced CISSP certification, I think.
-
JDMurray Admin Posts: 13,099 AdminSteveLavoie said:IMO, a SOC manager having a GCIH make sense. Well more sense than having CISSP-ISSMP.
-
UnixGuy Mod Posts: 4,570 ModI don't know about CISA, we usually recommend it for people new to IT or completely new to audit, for experience folks I don't see how it can add any value
-
E Double U Member Posts: 2,239 ■■■■■■■■■■@UnixGuy - Would people that are new to IT meet the minimum requirements for ISACA credentials?Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
-
UnixGuy Mod Posts: 4,570 ModE Double U said:@UnixGuy - Would people that are new to IT meet the minimum requirements for ISACA credentials?Wow I just looked that up, 5 years experience for CISA? It's the cert that we recommend for consultants at the beginning of their audit career as far as content is concerned as it touches on the basics of auditing really.Looks like to be CISA certified you need 5 yrs of experience. Only scenario where I see CISA valuable is if someone wants to be a career auditors, but I'd question why would they do CISA to begin with if they already have 5 yrs of experience in audit...
-
JDMurray Admin Posts: 13,099 AdminUnixGuy said:Only scenario where I see CISA valuable is if someone wants to be a career auditorsYep, I completely agree with this. I don't want to do IT auditing so I don't need CISA, but if I had to come to some deep understanding about IT auditing I would look at the CISA material first.UnixGuy said:...but I'd question why would they do CISA to begin with if they already have 5 yrs of experience in audit...That's similar to what project managers say about the PMP cert, which requires 25K hours of project management experience. (e.g., "Why would I want the PMP cert if I already have that kind of PM experience?") The reason is to have CISA on your resume to impress some future hiring manager or satisfy a job recruiter's checklist.
-
E Double U Member Posts: 2,239 ■■■■■■■■■■@UnixGuy - Then you could question the value of any ISACA, ISC2, or other credentials with those type of requirements. I believe doing certain certs after years of experience is logical as the learning compliments (but not always mimics) what one has learned on the job.Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
-
SteveLavoie Member Posts: 1,133 ■■■■■■■■■□JDMurray said:SteveLavoie said:IMO, a SOC manager having a GCIH make sense. Well more sense than having CISSP-ISSMP.