Best way to study for the CISA? I’ve been hearing about using only the database. Wanted to read as well.

likehelpful
Posting as :
works at
You are currently posting as works at

Database ISACA’s 1000 questions are all you need.

likesmart

Thank you!

likehelpful

Videos by Hemang Doshi: These were very helpful to have key concepts summarized in a short video.
http://cisaexamstudy.com/

like

One of the most important things to understand when studying is how ISACA asks questions. That's why I think the QAE database is so useful. Focus on things like, WHO is this question asking about? Are they asking about the duties of an IT Auditor, a project manager, a software engineer, etc. WHAT are they asking about? Are they asking about a preventative control, or detective control? e.g. reviewing activity logs won't work to prevent some unwanted activity from happening. Often times, there are two answers that feel they could be correct, and the big hurdle is understanding why one is more correct than the other.

like

This! Whatever else you use to prepare, this post is half of what you need to know to pass.

(for what it's worth, I wrote questions for ISACA - not CISA - thus why I think that post is so valuable)

About 1-2 hours during weekdays and 2-3 on weekends bumping up to 8 hours on weekends the last two weekends before the exam. I was working full time while studying. I bought and used the ISACA QAE and the Hemang Doshi CISA book and his Udemy videos and highly recommend them all.

likehelpful

1-2 hour weekdays, 2-3 hour weekends for me. Minimal stress and about 2-3 months of studying did it for me

ISACA QAE Database (online on ISACA). This was the key piece of exam prep I used. I would estimate 65% of my studying was using the QAE database. Each practice set takes about 30 minutes. This also comes with 2 practice exams.

likesmart

Do the data base questions daily. 50 questions daily until you hit 1000. Make sure you understand why each answer is wrong and why the correct answer is correct. Then read the 2 chapters that you constantly where you don’t do well. Then revisit the database. Watch hemang doshi videos on YouTube.

like

I used the All-In-One book and the online QAE. That should be enough if you have a cybersecurity background and other certs.

helpful

I used just the official ISACA materials (CISA Review Manual 27th Edition, and the CISA Review QAE database). Spent about an hour a day for a couple of months going through the material and getting up to ~95% proficiency with the practice exams. I passed with a 650+

like

Hey I'm getting to about 95% accuracy too. Do all the concepts show up the same as QAE?

Feel free to DM me. I could give some insights. Cleared in just 30 days of prep.

like

Following.

ISACA CISA Review Manual: I got the hard copy, however there is also an online version of the book on ISACA

Essential CISA Exam Guide Audio Book: I got this for free when I downloaded the Amazon Audible

All in One CISA Exam Guide: I purchased for $45 on Amazon.

I relied heavily on the official CISA Review manual (CRM) and the ISACA QAE online database. I referred back to the CRM when I came across a topic I wasn't confident in during my QAE reviews.

I did read Doshi's book the night before the exam, and I thought it was helpful for making concrete some of the key concepts. Don't rely on it exclusively (IMO) because it doesn't address all of the topics you'll see on the exam. good luck with everything!

I used just the official ISACA materials (CISA Review Manual 27th Edition, and the CISA Review QAE database). An hour a day familiarizing myself was enough. The exam did not repeat any practice questions verbatim, but it did a good job of staying within the realm of the concepts and material contained in the study materials. It's definitely possible to pass the exam without consulting un-official sources.

You can find some decent resources on Youtube for CISA but I do think the database is the most comprehensive source personally

There is no single "best way" to study for the CISA exam, as everyone has their own preferred method of learning. Some people may find it helpful to solely use the ISACA database, while others might prefer to combine that with reading textbooks or taking classes.

Good luck with whatever you decide!

Thank you everyone! I truly appreciate it! Just bought the database and the textbook. If anyone has any suggestions on how to go about with the studying or how to utilize both of them I will be grateful for them.

Hey, anyone have any insight on what QAE scores I should be aiming for. I’m at about 81% through first 3 domains.

This is my 2nd time going through it. Been going over weak areas.

Have the 2YOE and MS in IS.

Focus on domain 4 and 5 - that is over 50% of the exam - look at the weights each domain is on the exam online

Related Posts

I think I'm going to get fired. I'm staff 1 and in my first audit. I "found" something and brought it up for a 2nd look just in case. It escalated and now I'm in a middle of a mess. (Cont)

likehelpful

Does anyone do welcome gifts at the beginning of client engagements and/or goodbye/congratulation gifts when a matter concludes? If so, what do you give away?

like

My boss doesnt give any feedback about my work. How can I get him to give me better direction?

like

Does @oracle negotiate for money if anyone will leave early in 3 month?

like

I had the first round with a consulting firm and it takes them more than a month to arrange the final round and the recruiter is not being responsive. Is that normal?

like

Late stage analyst 1 at a mid-market heavy TMT focused M&A boutique in London. Keen to increase exit opps and realise it may be worth trying to lateral to a BB / name brand. Any opinions / advice on achievability? If low, what’s the best move here.

like
like

How much hike percent can we expect during promotion from analyst to consultant.

like

Hello Fishes
Which is better to join?
1.
Capgemini invent; Manager C2; 27.2 fixed + 10% variable
2. EY GDS; Associate manager; 26 fixed + 15% variable
YOE: 8 years

like

Has anyone had any side effects from Ovidrel? I did my shot on Wednesday night and Thursday and Friday I was SO tired and fatigued and it was impossible to focus. Did my IUI on Friday and I’ve been SO crampy and in pain and I’m soooo cranky and irritable and I can’t figure out if it’s from the injection still or what

Hi Everyone,

Could you please refer me in Infosys.
I have an experience of 2.9 years in Mindtree as Devops Engineer.
Currently serving my notice period.
Thanks in Advance.

Regards,
Sravani

If I decline one FAANG offer for another, Will I get blacklisted at the one I declined??

Had anyone gone from consulting in to diplomacy/International organization like the UN/EU or similar?

like

Hi fishes,
Just wanted to know work life culture in publicis. Got selected and I’m in a confusion on seeing glassdoor reviews.

like

Is Accenture sponsors MBA Programs like ISB,IIM,etc

like

Too few big law firms have CEOs / CFOs -- lawyers are not trained to be managers

like

I just got laid off — anyone else get hit this round? ☹️

like

What is EY’s reputation like in Charlotte and the Carolinas region? I hear they had layoffs around a year ago. Is all of this sorted out?

like

Any experience of working on third party payroll of lancesoft? Please share your views, Lancesoft

What should we be cautious of on third party payroll?
Please share your views

like

Deloitte 🐠: I’m negotiating salary with Deloitte. Joining as an experienced hire manager in consulting (formerly S&O) with a top-10 MBA in Chicago. What’s the base range and bonus %? Thanks

like

Additional Posts in Risk Assurance

I'm a Tech Risk SC, but have an accounting/finance background. I'm doing the FRM now for broader cert experience, is it worth doing CA long term in my area?

What aspects would you look at when interviewing a person for a Manager position?

like

I’m getting put up for manager a year early. I have PPMD ,SM, and M support. Pretty much support from all the key individuals on my team and in my service line. Since it is a year early if i don’t get promoted this round I know it’ll come mid year but I do expect a good salary increase still without the promo. If I don’t get the promo nor a salary increase that I’m okay with, how do I let my partner know that I will begin to entertain outside offers? some of which have offered the manager role.

like

Identifying a common process, what does this even mean 😩 please help.

like

How is IT audit at Baker Tilly? Looking to change from a big 4.

like

Are the exit opportunities better in Internal Audit/Business Process than IT Audit? All I hear is how awful IT Audit is but don’t hear as much complaining from the business side

like

Should I take this offer in a second line role with similar bad WLB as public? Current salary: 155k base, 8k annual bonus (7YOE):

Offer:
170 base
17k sign on
25,500 (15% annual bonus)
28k annual RSUs (vest quarterly)

like

Is KPMG, EY and PWC considerate about one not wanting to travel and chosing local projects in the IT Assurance practice? Please share your experiences. Thanks!

Currently in external audit but making the switch to internal audit and enterprise risk advisory in the city, how does the work compare? Any advice?

like

Does business Process Internal Audit or IT Internal Audit make more?

like

If anyone is looking for a referral as an experienced hire to the PwC DAT (Digital Assurance & Transparency - formerly Risk Assurance) practice let me know and would be happy to refer you. We are actively looking to hire.

like

Is anyone here a HITRUST CCSFP? Was the exam hard?

like

Mid year promotions, I found out you need to make your own case for it rather than the firm coming to you. If you think you’re ready make sure you speak up!

Tried to jump to a big 4 as a senior 2 in risk assurance . SF market - offered 93k base and 15k bonus. Is this worth?

Be honest, do you see yourself staying in the game to make partner?

likehelpful

Is anyone here in KPMG’s CRM Risk practice? If so do you know if they are still hiring??

like

Has an tested roles for SAP through productive test simulation within production? Is there any risk doing this as the test is in production?

like

What’s your worst experience with a senior? (As an associate)

Anyone hiring for entry level risk compliance roles?

like

New to Fishbowl?

Download the Fishbowl app to
unlock all discussions on Fishbowl.
That was just a preview…
Sign Up to see all discussions
  • Discover what it’s like to work at companies from real professionals
  • Get candid advice from people in your field in a safe space
  • Chat and network with other professionals in your field
Sign up in seconds to unlock all discussions on Fishbowl.

Already a user?
Login here

Share

Embed this post

Copy and paste embed code on your site

Preview

Download the
Fishbowl app

See what’s happening in your industry
from the palm of your hand.

A phone with Fishbowl app

Scan your QR code to download
Fishbowl app on your mobile

Download app

Sign up for free to view this conversation on Fishbowl

By continuing you agree to Terms of Use and Privacy Policy

Already have an account? Log in

Sign up for free to continue using Fishbowl

By continuing you agree to Terms of Use(New) and Privacy Policy(New)
Messaging rates may apply

Already have an account? Log in

For account settings, visit Fishbowl on Desktop Browser or

General

Legal