CISA exam difficulty

How difficult is this exam? From my research I found that the exam is scaled so it is kinda tough for me to judge. 200 questions does not seem that bad, i am not saying i am ready to take this exam but was just wondering how others see the exam. I am sure it overlaps with CISSP but how close is the overlap?

Find more posts tagged with

Comments

kukku

In the center where I have taken the exam, CISA exam takers were almost double of CISM. I dont think CISA would overlap with CISSP. If you are an auditor or if you wanted to pursue career in auditing field, then CISA will be a good cert for you and having CISSP will be an added advantage.

ilikeshells

There is some minimal overlap between CISA and CISSP. That being said, the exam is not that difficult with proper preparation. If you have no auditing experience, I'd prep 3 months out. Read the manual (if you can, snore fest) or read an unofficial guide to get familiar with concepts. Then focus heavily on the QA databases. Understand the correct answer and why the wrong answers are wrong. CISA has more "understand ISACAisms," opposed to the more straightforward ISC2 CISSP.

TheFORCE

ilikeshells wrote: »

There is some minimal overlap between CISA and CISSP. That being said, the exam is not that difficult with proper preparation. If you have no auditing experience, I'd prep 3 months out. Read the manual (if you can, snore fest) or read an unofficial guide to get familiar with concepts. Then focus heavily on the QA databases. Understand the correct answer and why the wrong answers are wrong. CISA has more "understand ISACAisms," opposed to the more straightforward ISC2 CISSP.

Thanks! Will try and get study materials for this. I'm currently doing some compliance and auditing work so I'd like to be able to talk with some authority lol throwing some isaca acronyms or processes hoping to make some things better.

soccarplayer29

The difficulty depends on your experience. I was in an IT auditor role for about 1-1.5 years when preparing and taking the CISA exam (a few years prior to taking the CISSP) and relied heavily on the ISACA CISA DB Questions and on my 1-1.5 years of professional auditing experience.

Your CISSP knowledge will overlap nicely with Domain 5 of the CISA exam which represents 30% of the scoring and indirectly for portions of domains 3 (19%) and 4 (23%).

Domains 1 (14%) and 2 (14%) is likely your biggest knowledge gap that you'll need to fill. Those are also the areas where the "ISACAisms" will become fairly evident. With a couple months of studying you should be prepared.

Why are you looking at taking the CISA exam?

TheFORCE

soccarplayer29 wrote: »

Why are you looking at taking the CISA exam?

Like previously mentioned I'd like to complement the CISSP, i think cisa would be perfect for this. Not to mention I'm gearing towards a management career and would most likely add more value to myself if i have cisa too. On top of that my current job deals directly with GRC and IT Audit. So it would be perfect to apply it on the role. I have experience with audits because of my previous jobs indirectly producing reports for auditors but my involvement ended there. I'd like to see what is the next step once the reports are produced or how to find gaps in the reports and the controls. I'm curious as a person also so looking at stuff doesn't really bore me as much. We will see, I'm not going to be taking the exam this year but probably next year but would like to prepare at my own slow pace. I approach the certificates as a marathon type activity not as a sprint.

ilikeshells

TheFORCE wrote: »

Like previously mentioned I'd like to complement the CISSP, i think cisa would be perfect for this. Not to mention I'm gearing towards a management career and would most likely add more value to myself if i have cisa too. On top of that my current job deals directly with GRC and IT Audit. So it would be perfect to apply it on the role. I have experience with audits because of my previous jobs indirectly producing reports for auditors but my involvement ended there. I'd like to see what is the next step once the reports are produced or how to find gaps in the reports and the controls. I'm curious as a person also so looking at stuff doesn't really bore me as much. We will see, I'm not going to be taking the exam this year but probably next year but would like to prepare at my own slow pace. I approach the certificates as a marathon type activity not as a sprint.

Just make sure you buy that years' exam materials. General prep can begin at anytime, though. With your experience and proper studying, I wouldn't sweat it much.