+ Reply to Thread
Results 1 to 24 of 24
  1. Member
    Join Date
    Jul 2011
    Posts
    98

    Certifications
    GCIA, GCIH, GPEN, GWAPT, GCFA, GREM, ACE
    #1

    Default How long did you study for ISACA Cert?

    Let hear is CISA/CISM..etc holders.

    How long did you study for and whats your background in the subject?
    Reply With Quote Quote  


  2. Login/register to remove this advertisement.
  3. Junior Member
    Join Date
    Jun 2011
    Posts
    25

    Certifications
    Security+, ITILv3 Foundation, CISSP, CISA, GCIA
    #2
    I studied for about three weeks but I should of studied more; I should of studied at least for 5 weeks.
    I had my CISSP and Security+ and ITIL v3 foundation certificate and 14+ years of IT experience.
    Reply With Quote Quote  

  4. Member
    Join Date
    Jul 2011
    Posts
    98

    Certifications
    GCIA, GCIH, GPEN, GWAPT, GCFA, GREM, ACE
    #3
    Removed Unnecessary Quote


    Awesome thanks for the info I think i am going to start studying end of oct. for the dec 11th test.
    Reply With Quote Quote  

  5. Brain on a schtick badrottie's Avatar
    Join Date
    Jun 2011
    Posts
    115

    Certifications
    CISSP, CISM, CISA
    #4
    For the CISM? I barely studied, as there is a lot of overlap with the CISSP.

    In case you are wondering what my study plan was for the CISSP, I did not go through the gruelling process of reading the AIO or OIG cover-to-cover either. I just read a few topics that I have not directly worked with in order to fill in a few knowledge gaps. (Honestly, if you know the material from having had to work with it extensively, studying is ancillary. As with all things, your milage may vary.)

    10+ years information security experience, spread across all 10 CISSP CBK domains.
    Reply With Quote Quote  

  6. Member
    Join Date
    Jul 2011
    Posts
    98

    Certifications
    GCIA, GCIH, GPEN, GWAPT, GCFA, GREM, ACE
    #5
    Nice, thanks for the input badrottie
    Reply With Quote Quote  

  7. Brain on a schtick badrottie's Avatar
    Join Date
    Jun 2011
    Posts
    115

    Certifications
    CISSP, CISM, CISA
    #6
    Quote Originally Posted by idr0p View Post
    Nice, thanks for the input badrottie
    idr0p,

    Please bear in mind what worked for me may not apply to you. We all bring our own experience and knowledge into the exam. I have had to work extensively doing risk analysis, information security program development/architecture/governance/management, incident response, DR/BCP, etc. As it turns out, those are the job practice areas that the CISM focuses on.

    So, when I say that I have barely studied for the exam, it does not mean that I have not had not studied those topics previously in my career. In fact, I had to do a deep-dive in all of them. Otherwise, I would have been studying like anyone else to bridge a gap in knowledge/experience.

    Gnothi Seauton ("Know thyself").
    Reply With Quote Quote  

  8. InfoSec Analyst shaqazoolu's Avatar
    Join Date
    Jan 2010
    Location
    Louisiana
    Posts
    256

    Certifications
    CCNA:Security&Voice, CISM, CISSP, SSCP, eCPPT, GCWN
    #7
    I studied for about 8 weekends for the CISM. I had been performing risk assessments as a consultant for about 8 months prior. The guy that proofed my work and trained me had the CISM already, so the study material was pretty much right in stride with what I was already doing. I would suggest at least 3 months of serious prep time if you have never touched those topics professionally.
    Reply With Quote Quote  

  9. Network Security tpatt100's Avatar
    Join Date
    Aug 2009
    Location
    Ypsilanti, MI
    Posts
    2,494

    Certifications
    CISSP, GIAC G2700, CEH, CHFI, Security+, CCENT, N+, A+
    #8
    I really need to figure out a study schedule for the Dec CISA exam. I think I am just going to spend four weeks on it.
    Reply With Quote Quote  

  10. Junior Member Registered Member
    Join Date
    Aug 2011
    Location
    Bahrain
    Posts
    8

    Certifications
    CISM (Pending Endorsement), Security+, ITIL V3 Foundation, Network+
    #9
    i went to a one week class, then studied for 3 weeks after the class leading up to the exam. I thought the test was harder than the class made it seem. How mch you need to study honestly depends on how well you get the material. If you get it you may not need to study as hard, if not, lock yourself in the basement and start studying.
    Reply With Quote Quote  

  11. Junior Member Registered Member
    Join Date
    Jul 2011
    Location
    Ottawa, ON, Canada
    Posts
    5
    #10

    Default CISA Exam Prep - 5 weeks only on practice questions

    For CISA June 2011 exam, I just answered the practice questions for about 5 weeks. Went through each question 3-4 times and read the answer explanations for those that were not quite obvious. As far as general terms (like private keys, public keys, secutity certificates, etc.) that I encounted in the questions, I looked them up on Google/Wikipedia. Not once did I open the study guide (the big fat book).

    As far as experience, I have over 15 years in CAAT and application development.

    Hope this helps. Best wishes!!
    Reply With Quote Quote  

  12. EC Council #1 fan colemic's Avatar
    Join Date
    Apr 2010
    Location
    Tejas, Baby!
    Posts
    1,038

    Certifications
    CISSP, CISA, GIAC 2700, MCSE:Security, CEH, CHFI, CCENT, Sec+, Net+, ITIL v3 Foundations
    #11
    Similar to NeriKutta here - I mainly used the practice questions (altthough for a lot longer than 5 weeks. I scraped by. I haven't convinced myself that CISM is worth the effort in December, with WGU eating up time as well...
    Reply With Quote Quote  

  13. Senior Member
    Join Date
    Jul 2008
    Location
    Los Angeles
    Posts
    112
    #12
    For the CISM barely any study time. Like Badrottie I have 15+ years of infosec experience. I read the official review guide once skipping the first section of each chapter and did a review course (3 Saturdays) with my local ISACA chapter. As a bonus the review course earned me 24 CPE's that everyone including SANS seems to accept and the course was around $100.
    Reply With Quote Quote  

  14. Certification Invigilator Forum Admin JDMurray's Avatar
    Join Date
    Jul 2003
    Location
    Surf City USA
    Posts
    10,173
    Blog Entries
    50

    Certifications
    GSEC, EnCE, CISSP, SSCP, CEH (ANSI), CASP, CCNA, CCENT, CWSP, CWNA, CWTS, Security+, Server+, Network+, A+, DHTI+, PDI+, MSIT InfoSec
    #13
    Quote Originally Posted by contentpros View Post
    ... and did a review course (3 Saturdays) with my local ISACA chapter. As a bonus the review course earned me 24 CPE's that everyone including SANS seems to accept and the course was around $100.
    That is a great deal! I must remember to check if my local ISACA chapter has a course like that if I ever do their certs.
    Moderator of the InfoSec, CWNP, IT Jobs, Virtualization, Java, and Microsoft Developers forums at www.techexams.net
    --
    Blog: www.techexams.net/blogs/jdmurray
    LinkedIn: www.linkedin.com/in/jamesdmurray
    Twitter: www.twitter.com/jdmurray
    Reply With Quote Quote  

  15. Junior Member Registered Member
    Join Date
    Apr 2013
    Posts
    4
    #14
    Hello,

    I just found this forum today. I am a financial auditor and I'm considering taking the CISA in September. Just got the review material for the ISACA website. Would you consider 4 months enough time for someone that is not really familiar with IT auditing? I have some knowledge but I've not been practicing. Also regarding certification, It is not quite clear to me from the ISACA website whether my financial audit experience would be enough to demonstrate qualification once I pass the exam. Any insights? I have 6 years of experience (2 as an external auditor and 4 as an internal auditor) and a master in accounting. I would have the opportunity to be in both the IT and financial audit teams in my current job if I pass the exam.

    Thank you for your help,
    Reply With Quote Quote  

  16. Brain on a schtick badrottie's Avatar
    Join Date
    Jun 2011
    Posts
    115

    Certifications
    CISSP, CISM, CISA
    #15
    Removed Unnecessary Quote

    Your background in accounting, both internal and external, will help considerably. That being said, the CISA is definitely more focused on IT aspects of auditing, so 4 months of dedicated study may be sufficient to understand the material.

    I would recommend purchasing a copy of the CISA question database and testing yourself to measure yourself, however.

    Cheers!
    Reply With Quote Quote  

  17. Junior Member Registered Member
    Join Date
    Apr 2013
    Posts
    4
    #16
    Removed Unnecessary Quote


    Thank you for your response that helps... I purchase CISA question database.
    Reply With Quote Quote  

  18. Brain on a schtick badrottie's Avatar
    Join Date
    Jun 2011
    Posts
    115

    Certifications
    CISSP, CISM, CISA
    #17
    Dani,

    I forgot to mention that the experience requirements for the CISA are a minimum of 5 years of professional information systems auditing, control or security work experience. You can substitute or waive up to a maximum of 3 years of such experience depending upon your education and work experience. Please see the ISACA website for more information: How to Become CISA Certified

    As you are a financial auditor, you would most likely need a minimum of 2 years of IS related experience before you could qualify.
    That being said, there is nothing to stop you from taking the CISA, and once you pass it, obtain the necessary work experience requirements to become certified.

    If you have any questions, ISACA is the authoritative source and I would recommend contacting them.

    Cheers.
    Reply With Quote Quote  

  19. Junior Member Registered Member
    Join Date
    Apr 2013
    Posts
    4
    #18
    REMOVED UNNECESSARY QUOTED REPLY FROM PREVIOUS POST


    Thank you for your response. I was given the opportunity to be in both the Financial and IT audit teams in my current job so hopefully I will meet all requirements ASAP.

    Ama
    Last edited by Plantwiz; 11-10-2013 at 07:26 PM.
    Reply With Quote Quote  

  20. Senior Member
    Join Date
    Sep 2007
    Location
    Mgr of Chessboard
    Posts
    292

    Certifications
    See profile - 19 so far
    #19
    CISA - 8 hours
    CISM - 24 hours
    CGEIT - 16 hours
    CRISC - 16 hours

    For the CISA, I took a Friday for PTO and studied all day, then took the test on Saturday. Passed by one question. I had just finished doing 160 hours for the CISSP, so I was on the ball back then. Note - this is not recommended for normal people. Normal people should study more than 8 hours to pass the CISA.

    CISM took me a bit more - I wanted to refresh my memories and have some extra insurance, but it wasn't bad. Very similar to the CISSP - I scored the highest on this exam out of the four exams.

    CRISC I took next after working in a IT audit position for a year and a half. The most amount of time it took was going through the review manual. It was a very dry read. I crushed this exam as well.

    CGEIT was the final one - I took it after working in that IT audit position for another half a year. By this point, I didn't have any worries that I would pass. I did take the time to do 16 hours of study and crank through the ISACA review manual again.
    Reply With Quote Quote  

  21. Junior Member Registered Member
    Join Date
    Sep 2013
    Posts
    1
    #20
    Quote Originally Posted by badrottie View Post
    Removed Unnecessary Quote

    Your background in accounting, both internal and external, will help considerably. That being said, the CISA is definitely more focused on IT aspects of auditing, so 4 months of dedicated study may be sufficient to understand the material.

    I would recommend purchasing a copy of the CISA question database and testing yourself to measure yourself, however.

    Cheers!
    That's very encouraging. I am thinking about a career change from audit to IT audit. Hopefully by passing the CISA exam, I can get into the door BIG Four IT Audit entry level position. What do you guys think? Right now, I am working in a small CPA firm doing audit. I have my CPA, no IT Background.
    Reply With Quote Quote  

  22. Stop,Collaborate + Listen LarryDaMan's Avatar
    Join Date
    May 2008
    Location
    DC Suburbs
    Posts
    792

    Certifications
    CISSP, CISA, PMP, FITSP-M, Security+, Network+, A+, (expired: CCNA, CCENT)
    #21
    I work as a systems auditor and have worked with financial systems in the past. I passed with about 2 or 3 days of studying. I watched the CISA CBT Nuggets videos at about 1.7x speed and took 600-700 practice questions from the ISACA CISA database. I intended to read the review manual but was very busy at work and home and since I was doing well on the practice questions, I skipped the manual altogether. Risky, but I was lucky enough to pass in the top 5 percent.

    Experience should be taken into account in how much you study and perhaps how well you are doing on the practice questions.
    Reply With Quote Quote  

  23. Junior Member
    Join Date
    Nov 2013
    Location
    Spain
    Posts
    14

    Certifications
    CISM, CISSP, CCSA, CCSE, CCNP-S, CCNP-ROUTE, CCDA
    #22
    Gents, can you help me with this question please?
    Dear All,

    I'm not hard of learning I'm CISSP plus a number of other things, a CCIE candidate, yet for the life of me I cannot work out how to use the CISM Review Manual..

    I've tried reading it like a book. It's dry and pretty awful. I've left it this late to prep for my December 14th 2013 seat as I've had other commitments.

    I'm just not sure how the Section 1 and Section 2 work? Logic tells me to read and digest Section 2 only. I have no idea how/why I would need to digest the task statements to the knowledge statements and if we will actually be tested on that portion?

    Silly question, but I'm stuck. I WILL pay it forward in the future if one of you clever people helps me. I plan on reading 12 pages per day and testing using the official 900 q-set; covering the materials twice.

    Help!
    Reply With Quote Quote  

  24. Junior Member packetlog's Avatar
    Join Date
    Feb 2013
    Posts
    22

    Certifications
    CISSP, CISA
    #23
    Hi Rolex,
    Luminox fan here.

    Agreed that ISACA Review manuals are a bit dry. I am doing CISA this year, so I have only CISA Review Manual. I read Section One: Overview as a preview to what is to come (it is appropriately titled, in my opinion). I skip the TS -> KS mappings. However, I read KS Reference Guide and note the Key Concepts and I know that there is gold in them somewhere and I should dig in those surroundings. With this high-level 30,000-foot overview, I then dive into Section Two: Content.

    So, use Section One as a pedagogical aid to digest Section Two and you will be fine. Don't get hung up!!

    Best regards and good luck to your endeavor,
    pkt
    Reply With Quote Quote  

  25. Junior Member
    Join Date
    Nov 2013
    Location
    Spain
    Posts
    14

    Certifications
    CISM, CISSP, CCSA, CCSE, CCNP-S, CCNP-ROUTE, CCDA
    #24
    Hi Pkt,
    thanks for your reply. I'm a few days in now and I still can't stand to have to read this awful review manual.. but I'm persisting. I realize if I force myself to read just 5 pages per day, TWICE, I can complete the manual in 30-odd days and still get a lot of 900q engine time.

    I know understand why so many people leave this to the last minute, it's because it's awful..

    Good luck on the CISA! I hope to take that next year, another driver to pass 1st time on the CISM

    I'll be sure to review the KS ref guide as you suggested. There has to be something there, as you say, otherwise the nice people at ISACA wouldn't have included it.. surely...
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks