fam20854fam20854 CEH, Sec+, CISM(pending)Posts: 3Member ■■□□□□□□□□
I am so thankful that I passed the cism exam today after failing it the first time. I have been following this thread for some few months now and all the advice I found here were very helpful. I am here to also provide advice for the next person prepping for the exam. If you have failed before, don't worry and don't give up. You will pass. The most important part you need to understand is that failure of any exam is only there to highlight what you may have missed or did not pay attention to while studying. It is not there to measure your level of intelligence. Now that you have understand that, here are my background and things I did to prep for the exam:

1. Background: Been in the security field for close to 6 years. Currently working as an ISSM. 
2. Certifications: CEH, Security+, CISM (pending as of writing this thread). I plan on taking the CISSP before the end of the year. Although, I really do not need the CISSP, just want to boost my certification lists.

How I tackled the exam the first time. 
I took the exam last year by reading the AIO by Peter Gregory and purchasing the CISM review questions and answer booklet by ISACA. I found the AIO  text book very informative, detailed and helpful. However, when it came to practice questions, I relied heavily on the ISACA review questions and answers textbook. The issue I had with the booklet was that the answers and questions were written on the same page. Before finishing reading a question for example, my eyes would be wandering on the answer. This really hindered me in identifying my weak areas. I did this for 2 months and sat for the exam. Just to cut the long story short, I did not do well. 

Then I came back to this thread and what I found helpful was purchasing the QAE database. I mean kudos to ISACA, it is a well written engine that highlights your weakness and strength. I was averaging around 66% when I first started. I would study the AIO for reference and watched Youtube videos on topics I needed help on. I also purchased the review manual and found it very helpful. 

If you are taking the exam for the first time or have failed numerous times, please purchase the review manual, QAE database, and the AIO by Peter Gregory if you have not. When using the QAE database, and you get a question wrong, understand why you got the question wrong and highlight the topic in your ISACA review manual/AIO. Everyone has their own method of studying, but I find writing notes/highlighting effective. Please before taking the exam, make sure you have an average score of at least 85% on the QAE. Do not memorize practice questions. Memorizing will fail you come exam day. Understand ISACA's way of thinking. You will find how they think in the review manual, I promise. On exam day, make sure you eat a light breakfast and go knock out the test! And pass your advice to the next person. Good luck!


  • Skyliinez92Skyliinez92 Level 99 Wizard Posts: 811Mod Mod
    Congrats on the pass!
    Train people well enough so they can leave, treat them well enough so they don't want to. - Richard Branson
  • fam20854fam20854 CEH, Sec+, CISM(pending) Posts: 3Member ■■□□□□□□□□
    Thank you.
  • DZA_DZA_ Untitled. Posts: 372Member ■■■■■□□□□□
    +1 on the advice as those are pretty much the resources you need to pass the exam. You could supplement to add in the Cybrary videos but it isnt really necessary. Congrats!
  • kaijukaiju Posts: 398Member ■■■■■■□□□□
    Congrats on the pass! Prepare your application now so you can submit it after you receive the official pass email.
    Work smarter NOT harder! Semper Gumby!
  • sumeetgandhisumeetgandhi CISA, CISM, PMP, AWS SA, AWS SysOps, CISM, ITIL, PRINCE2, MCTS - SharePoint / Office365 SingaporePosts: 58Member ■■■□□□□□□□
    With Regards
    Sumeet Gandhi
    CISA, CISM, PMP, PMI-ACP, AWS Certified Solutions Architect, Office 365, SharePoint Online, SharePoint (2016 / 2013 / 2010 / 2007), MCTS, CSM, ITIL, PRINCE2
  • Info_Sec_WannabeInfo_Sec_Wannabe Senior Member Posts: 384Member ■■■□□□□□□□
    Nice job! Already planning what's next?
    Three year plan: (2018) CISSP [X] and eJPT [ ]; (2019) eCPPT [ ]; (2020) OSCP [ ]
  • Info_Sec_WannabeInfo_Sec_Wannabe Senior Member Posts: 384Member ■■■□□□□□□□
    Congrats on the pass!

    Don't forget to include in your advice having a good night's sleep the day before the exam.
    Three year plan: (2018) CISSP [X] and eJPT [ ]; (2019) eCPPT [ ]; (2020) OSCP [ ]
  • lucky0977lucky0977 Posts: 178Member ■■■□□□□□□□
    Congrats and thanks for providing your experience to future test takes. Cannot stress enough about the Q&A database.
    Bachelor of Science: Computer Science | Hawaii Pacific University
  • Swift6Swift6 RHCSA, LPIC-1, SCA, LINUX+, NETWORK+, CWTS, VCA5-DCV, ZCNP, MCSA, ITIL-F ScotlandPosts: 252Member ■■■■□□□□□□
    Good work. Remarkable achievement.
Sign In or Register to comment.