Every professional wants to stand out in the crowd by differentiating them with Knowledge and Expertise. Certification is one of the proofs confirming that the person really has it.
“Choose your path or others may choose it for you” – Julieanne O’Connor
When I first saw the above quote, I thought it was giving me a strong message that I have to be prepared for what I want before others prepare me for what they want.
Since then I was planning for a career than just a job giving me money. When we are looking for career, it’s always good to have some documents supporting our expertise and when we have expertise getting certifications becomes easier.
Even though we argue that experience is more valuable than the certification we hold, certification always helps us to get to the Interview table in the current competitive world.
We have ‘n’ number of certifications awarded by different Bodies but very few of those credentials add real value to your profile.
We have number of blog posts talking about the most valuable certifications around the world- what’s common among them is CISA. CISA is awarded by ISACA which is an International professional organization focused on Information security, Governance and Risk management areas.
I have done lot of research about available resources on the Internet before I started my preparation for CISA exam. I found many articles shared by aspirants like us who cleared this exam and wanted others to learn from their failures and success. Very early in my career, I realized the importance of sharing knowledge and experience and have earlier shared my experience on ITIL and PMP. Now, am ready with my 30 day CISA preparation journey.
CISA exam is one of the toughest certification exams we have in the Industry. The time to prepare depends on different aspects:
· The Technical & Process knowledge you carry
· The time you can spend in preparation
· Your preparation approach
It’s very important to evaluate all the aspects and plan accordingly. While all the 3 aspects differ from person to person, I can share my preparation approach.
I being a Freelance IT Consultant had the luxury of taking a full month off to prepare for this exam. So, I could give the exam with 30 days preparation. Folks who have full time employment with busy schedules may need more time accordingly.
We should clearly understand what it takes to hit the target.
· CISA Review Manual 26th Edition by ISACA
· CISA Review Questions. Answers & Explanation Database 11th Edition by ISACA
· CISA All-in-one Exam Guide 3rd Edition by Peter H Gregory
· Paid and Free Mobile apps like CISA Pocket Prep, CISA Flashcards, & CISA Terminology
· We have number of Blogs helping us to prepare for the exam. The ones where I spent more time are :
CISA syllabus is mix and match of Process methodology and Technology. CISA Exam tests us in the following 5 domains.
- Domain 1: The process of auditing information systems (21%)
- Domain 2: Governance and management of IT (16%)
- Domain 3: Information systems acquisition, development, and implementation (18%)
- Domain 4: Information systems operations, maintenance and support (20%)
- Domain 5: Protection of information assets (25%)
For each Domain, there are number of task statements.
Whatever your job role is – Your responsibilities surely have the tasks which are combination of one or more domain areas.
Identify and Focus on your strong areas which can get you high scores in those specific domains. That can compensate the score in your weaker domains.
Important thing to be noted is- You have to be balanced on both Process and Technology.
My preparation approach:
· I studied one domain in the ISACA’s CISA Review Manual and the same domain in the CISA All-in-one Exam Guide 3rd Edition by Peter H Gregory. This approach helped me to understand the concepts from different perspectives and also as a quick revision. I could easily relate what the 1st Book I studied was talking about.
· Once done with both the books, I moved to the individual domain quizzes in both the books and then the domain quiz in CISA Question & Answer database.
· Moved to next domain only after I got a minimum of 80% in the current domain.
· Once you are done with all the preparation, start taking the complete exams. If your score is above 80%, you can be rest assured that you can clear the main exam.
· There are many mobile apps helping us for CISA preparation. Install them and spend more time on these apps than the other mobile apps like Facebook, twitter, Games etc.
· There are many study groups available on social media platforms. Join those study groups and interact with other aspirants to learn more.
Whatever our study approach is- once done with study, the next step is to evaluate where we are in the journey.
Taking Mock exams:
It may sound simple but it is not so. When we take a lengthy test, we get so tired mentally that we usually check how many we get right and feel happy if the score is satisfying. The points to be kept in mind while taking mock exam:
· Relating to your work experience is good to an extent but we have to keep in mind that CRM talks about the ideal scenarios which are tested in the exam. So, it becomes very important for us to unlearn what you do at your work and learn what ISACA teaches us. The exam is testing
· Put yourself in the shoes of an Auditor while answering the Questions.
· Review all the answers irrespective of whether u got right or wrong. We might have got something right with a wrong logic so reviewing all the options of each question helps us enhancing our knowledge. We understand why an option is a wrong answer and the other is right.
· Identify and note down your strong and weak areas. Focus on both to make yourself stronger in those areas.
To put it simple, my short term plan was like below:
· 5 days for each Domain in which I covered both the books and mock tests for specific domain.
· The last week completely was for complete mock papers. Completing the test of 150 Questions and reviewing all the 150 would take a minimum of 5 hours. In this way, I could do about 10 papers in my time.
** The plan may look very tight but as I mentioned I being a freelance IT consultant and kept myself away from all the assignments to take up this task of clearing CISA for better prospects. So, the number of hours I spent a day was more than the normal work hours for sure.
· Keep your mind fresh with positive vibe that you’ll clear the exam.
· Think like you being an IS Auditor, are given questionnaire and are requested to give your responses for those.
· Do not come out of the Auditor’s shoes. This will reduce the exam nervousness you may have.
· Read the question a minimum of 2 times. Most of the Qs in my exam were asking me to choose the BEST option. This is actually challenging as we should have to prioritize the options to select the MOST correct answer.
· 4 hours is very good amount of time. Even if you take 3 hours to finish it, use the reminder to review before submitting the exam.
The best moment of the exam is when we see the 4 letter word PASS on the screen. All the hard work we put looks like has done its job. I still remember the moment I saw my result saying PASS.
I am glad to have shared my experience and hope this helps you to plan your preparation in obtaining one of the coveted certification CISA. This certification definitely helps you getting better career prospects keeping in mind the emerging and ever growing importance of Governance, Risk management and Compliance in the business world.
I wish the very best to all the aspirants. Kindly share your valuable comments if any.
Hari Chand CISA,PMP,COBIT,PRINCE2 and ITIL Expert