CISA "Important Domains" to Focus?

natestreetnatestreet Member Posts: 14 ■□□□□□□□□□
Hello Everyone,

With the CISSP exam, there were 4-5 domains that arguably could be said if you did not know forwards and backwards, you would not pass the exam. I'm scheduled to take the CISA examination this September and really want to focus on the domains not covered in preparation for the CISSP. My current plan is to really focus my energy towards the important domains that present "new" material and then lightly review the remaining domains.

Question, what domains should I focus my attention? I was pretty surprised when preparing for the CISSP that the most challenging material wasn't technical, but learning the different policies/domains/laws. Most people seemed to be most concerned with the Cryptography domain but that was a very small portion of the entire exam. I am guessing that CISA has an equivalent.

For the CISA, what area seems to give people the most difficulty?

Any help/advice would be greatly appreciated. I'm currently involved on an Audit project and see many of these terms/words daily. I think having this certification under my belt will help with my understanding.

Thanks in advance!


  • Options
    andhowandhow Member Posts: 151
    I completed my CISA after the CISSP as well. I used the CISA Study Guide, by Cannon. I already have a background in IT operations and information security, so I focused on the more traditional "audit" components. These were chapters 1-3 out of 8.
    Chapters -
    1 Secrets of a Successful IS Auditor.

    2 IT Governance.
    3 Audit Program.
    4 Networking Technology.
    5 Life Cycle Management.
    6 IT Service Delivery.
    7 Information Asset Protection.
    8 Disaster Recovery and Business Continuity.

    For what it's worth, I thought that the CISA was much easier than the CISSP.
  • Options
    natestreetnatestreet Member Posts: 14 ■□□□□□□□□□

    THANK YOU. Looks like that book was last printed a few years ago but I will pick it up as well. Simply thumbing through the material many of the topics I studied for with the CISSP seem to be covered in the CISA. Not to mention, I have direct experience with many of these aspects. One trap I want to avoid is in the study of these different frameworks and standards such as COBIT and ISO. I see people pulling the relevant ones down and reading through them in preparation for the CISA and I'm thinking that it will be a relatively small part of the exam as it was in the CISSP. I suppose I will know after I take the exam. Did you find any topics particularly challenging?
  • Options
    Vik210Vik210 Member Posts: 197
    I think the exam was very well divided between domains. I had almost no experience with Software life cycle thing and found it tough to understand and remember. Good luck to you!!
Sign In or Register to comment.