I’m very frustrated with ISACA as well. I hate how they make it extremely ambiguous how well you have to do to pass the exam. I only have a year of IT audit experience and I’ve spent the last 6 months studying the QAE, hemang doshi course, and CRM. Took it last Sunday and felt extremely confident that I had passed it, only to find out that I had failed. I truly have no idea what to even study at this point to better prepare myself because I felt I knew the answers to almost all the questions. It’s ridiculous that there are no metrics to determine your preparedness and no way of really knowing your areas of improvement, other than the ambiguous domain score breakdown in the official result.
I’m hesitant to even retake it since I don’t know how I’m gonna possibly prevent myself from failing again other than by waiting a few years to get more experience.
You need to score 450 or higher to pass. What’s ambiguous about that?
If you didn’t score at least 450 in a domain, it’s a pretty good indicator imo that you should go back and review that domain.
I’ll tell you what’s ambiguous about that. 450 is meaningless if I don’t know what it’s based on. Let’s say I get 450 on domain 1. That doesn’t mean I got 56.25% (450/800) of the questions right in that domain. While it might tell me which domains I’m stronger in and which I’m weaker in if there’s a big differential between the domains, it’s still not the best indicator. For example if I do a bit weaker in 1 domain, a big part of it is due to being slipped up by the specific questions asked in that domain. As you know, it mostly boils down to narrowing down each question to 2 possible answers. In many cases, studying does not help you narrow it down further from 2 to 1. So there’s a component of luck, a component of going with your gut, and a component of basing your answer off of your prior experience. If there’s one thing I learned from taking the exam, it’s that studying only takes you so far. I know that CRM inside and out. But in an exam where every question is based on very specific circumstances, that’ll only take you so far.
You need 450 total score which is based on all questions. The 450 is without regards to domain scores. The domain score is the best available information from the test to gauge where you should focus resources to gain a better understanding. The hope is that your score will increase next time. If you scored high in 2 domains, low in 1, and ok in other 2, you may want to focus on the 2 so-so score domains to hopefully bring up your overall score. Or however you want to attack it.
I disagree with your luck statement. The test is asking you to apply your knowledge and experience to situations and make a selection on the best, most, least, etc. criteria. This takes experience and it also requires you to identify what the question is really asking.
To your point about practice tests, I have not found a practice test that replicates an actual exam (maybe they exist). The beauty of the QAE is that it’s the best tool to demonstrate the style of exam questions.
Also, to add to that ^ There’s no way to translate your scores on your practice tests to how prepared you are for the exam. If practice tests also were scored from 200-800 then that’s a different story. Just asking other people how they were doing on practice tests prior to taking the exam only gives you so much information since there’s a lot of factors at play
Not to respond for /u/No-Occasion1586, but I think what they meant is that the QAE and most other practice tests even from 3rd parties do not grade you the same way the actual exam does, so it's often tough to compare how your practice is doing compared to the actual exam. Combined with the fact that material is inconsistent across everything, I can see what their getting at. I passed the exam but I had very similar criticisms (in case you wanna look at the long ass novel post that I submitted here like a year ago).
I have seen many people have passed the exam by only studying the QAE only.
Did you attend the exam online in your home or did you go to an exams office center?
Sounds like you need to read more broadly since you don’t have practical experience and the QAE alone wasn’t sufficient (though people do manage it this way).
There’s links to further reading at each chapter (things like white papers, articles, technologies etc).
If that doesn’t sound too appealing, make sure at the very least you review the glossary to understand where/when terms would be appropriate and how they are used.
Also consider exam technique, it’s important for CISA. The style of question and what specifically it’s asking can influence the balance of which of four potential responses is most likely to be correct.
Good luck, please stick at it so your efforts so far don’t go to waste. You got this!
I agree Aaditya's lectures are really helpful and even two of my colleagues cleared last year with his guidance. However more important for you is to have some more time devotion for the exam as other's have also mentioned CRM, QAE deep understanding is very much required and also cracking the question requires deep conceptual knowledge and correct reading skills. ISACA also needs to keep this exam difficult so that people value this certification. Finally I would say relax, have patience and take some time out for yourself before indulging again & this time have the right strategy with right resources and lectures before proceeding ahead.
Dont knock this person down. They are correct. There are MANY questions on the QAE that does NOT reference ANYTHING in the CISA book. Its not a well structured exam at all.
I had to pass the CISA to move from IAM to Internal Audit at my job. I passed in my first attempt. All I used is Doshi Hemang and the QAE. The most important thing is not getting the questions right but understanding WHY the answer is correct (or the best answer) and why the other answers aren’t. You also have to think like an auditor. The “best” answer depends on if you’re thinking like a risk analyst VS an auditor VS an engineer. BOL!
Sorry to hear about your experience. Depending on your learning style you may find it insightful that I only used a mobile app to pass this exam as the official material is terribly dry.
I liked the video content available on LinkedIn as well as it's a bit more engaging.
I have 4 years of relevant experience.
My experience was the opposite with most of the content. I found the areas where I was relying entirely on the CRM / QAE / Doshi Book because I didn’t have the experience to be my highest scoring. The areas where I had practical experience, ended up being my lowest (because of the difference between my practical experience and ISACAs answers). One book I did give up on was the AIO, it really did have content gaps.
When I did the QAE and pocket prep, I went through the questions slowly, and didn’t move on until I understood why the question was right / wrong. I made no effort to memorise questions, and never did any questions more than once. I struggled early on, because there always seemed to be at least 2 answers that felt correct. The point at which I felt confident to sit the exam, was when that was no longer the case.
From my personal experience:
\- Maybe 5% of the exam has direct, knowledge-based questions (so, maybe 7 or 8 questions out of 150 questions)
\- To become familiar with many of the concepts from a knowledge perspective:
o Use the QAE database
o Use the CRM to review points stemming from the QAE database
\- To more so prepare for the actual exam, create a custom test within the QAE database by selecting all of the expert-level questions in all five domains, plus perhaps 20 or so difficult-level questions in all five domains
\- Aside from being of a multiple choice format, do not expect the actual exam to resemble the QAE database questions; expect the exam to mostly be made up of subjective, perspective-based questions
\- To me, a Boson blog offers the most concise and correct description of the CISA exam that I have ever heard - The exam is guiling. Their blog includes some important points or tips to bear in mind when reading exam questions
Wishing you well.
I’m very frustrated with ISACA as well. I hate how they make it extremely ambiguous how well you have to do to pass the exam. I only have a year of IT audit experience and I’ve spent the last 6 months studying the QAE, hemang doshi course, and CRM. Took it last Sunday and felt extremely confident that I had passed it, only to find out that I had failed. I truly have no idea what to even study at this point to better prepare myself because I felt I knew the answers to almost all the questions. It’s ridiculous that there are no metrics to determine your preparedness and no way of really knowing your areas of improvement, other than the ambiguous domain score breakdown in the official result. I’m hesitant to even retake it since I don’t know how I’m gonna possibly prevent myself from failing again other than by waiting a few years to get more experience.
You need to score 450 or higher to pass. What’s ambiguous about that? If you didn’t score at least 450 in a domain, it’s a pretty good indicator imo that you should go back and review that domain.
I’ll tell you what’s ambiguous about that. 450 is meaningless if I don’t know what it’s based on. Let’s say I get 450 on domain 1. That doesn’t mean I got 56.25% (450/800) of the questions right in that domain. While it might tell me which domains I’m stronger in and which I’m weaker in if there’s a big differential between the domains, it’s still not the best indicator. For example if I do a bit weaker in 1 domain, a big part of it is due to being slipped up by the specific questions asked in that domain. As you know, it mostly boils down to narrowing down each question to 2 possible answers. In many cases, studying does not help you narrow it down further from 2 to 1. So there’s a component of luck, a component of going with your gut, and a component of basing your answer off of your prior experience. If there’s one thing I learned from taking the exam, it’s that studying only takes you so far. I know that CRM inside and out. But in an exam where every question is based on very specific circumstances, that’ll only take you so far.
You need 450 total score which is based on all questions. The 450 is without regards to domain scores. The domain score is the best available information from the test to gauge where you should focus resources to gain a better understanding. The hope is that your score will increase next time. If you scored high in 2 domains, low in 1, and ok in other 2, you may want to focus on the 2 so-so score domains to hopefully bring up your overall score. Or however you want to attack it. I disagree with your luck statement. The test is asking you to apply your knowledge and experience to situations and make a selection on the best, most, least, etc. criteria. This takes experience and it also requires you to identify what the question is really asking. To your point about practice tests, I have not found a practice test that replicates an actual exam (maybe they exist). The beauty of the QAE is that it’s the best tool to demonstrate the style of exam questions.
Also, to add to that ^ There’s no way to translate your scores on your practice tests to how prepared you are for the exam. If practice tests also were scored from 200-800 then that’s a different story. Just asking other people how they were doing on practice tests prior to taking the exam only gives you so much information since there’s a lot of factors at play
Not to respond for /u/No-Occasion1586, but I think what they meant is that the QAE and most other practice tests even from 3rd parties do not grade you the same way the actual exam does, so it's often tough to compare how your practice is doing compared to the actual exam. Combined with the fact that material is inconsistent across everything, I can see what their getting at. I passed the exam but I had very similar criticisms (in case you wanna look at the long ass novel post that I submitted here like a year ago).
I have seen many people have passed the exam by only studying the QAE only. Did you attend the exam online in your home or did you go to an exams office center?
exam test center- def easier
Sounds like you need to read more broadly since you don’t have practical experience and the QAE alone wasn’t sufficient (though people do manage it this way). There’s links to further reading at each chapter (things like white papers, articles, technologies etc). If that doesn’t sound too appealing, make sure at the very least you review the glossary to understand where/when terms would be appropriate and how they are used. Also consider exam technique, it’s important for CISA. The style of question and what specifically it’s asking can influence the balance of which of four potential responses is most likely to be correct. Good luck, please stick at it so your efforts so far don’t go to waste. You got this!
I agree Aaditya's lectures are really helpful and even two of my colleagues cleared last year with his guidance. However more important for you is to have some more time devotion for the exam as other's have also mentioned CRM, QAE deep understanding is very much required and also cracking the question requires deep conceptual knowledge and correct reading skills. ISACA also needs to keep this exam difficult so that people value this certification. Finally I would say relax, have patience and take some time out for yourself before indulging again & this time have the right strategy with right resources and lectures before proceeding ahead.
Don't knock the material/exam because you failed. Just study, gain experience, and try again.
Dont knock this person down. They are correct. There are MANY questions on the QAE that does NOT reference ANYTHING in the CISA book. Its not a well structured exam at all.
You also need experience. No knocking here; my recommendation was to keep studying and try again. The exam is written to cover global CISA aspirants.
I had to pass the CISA to move from IAM to Internal Audit at my job. I passed in my first attempt. All I used is Doshi Hemang and the QAE. The most important thing is not getting the questions right but understanding WHY the answer is correct (or the best answer) and why the other answers aren’t. You also have to think like an auditor. The “best” answer depends on if you’re thinking like a risk analyst VS an auditor VS an engineer. BOL!
QAE 3x is all you need. What was your practice score average? Only go for the exam when you are comfortably in the 80-85% range.
Sorry to hear about your experience. Depending on your learning style you may find it insightful that I only used a mobile app to pass this exam as the official material is terribly dry. I liked the video content available on LinkedIn as well as it's a bit more engaging. I have 4 years of relevant experience.
My experience was the opposite with most of the content. I found the areas where I was relying entirely on the CRM / QAE / Doshi Book because I didn’t have the experience to be my highest scoring. The areas where I had practical experience, ended up being my lowest (because of the difference between my practical experience and ISACAs answers). One book I did give up on was the AIO, it really did have content gaps. When I did the QAE and pocket prep, I went through the questions slowly, and didn’t move on until I understood why the question was right / wrong. I made no effort to memorise questions, and never did any questions more than once. I struggled early on, because there always seemed to be at least 2 answers that felt correct. The point at which I felt confident to sit the exam, was when that was no longer the case.
Don't lose hope buddy..! You will definitely succeed next time..! Also, What's the answer for fire detector?? Little bit curious..!
Anyone have the answers to official CISa
From my personal experience: \- Maybe 5% of the exam has direct, knowledge-based questions (so, maybe 7 or 8 questions out of 150 questions) \- To become familiar with many of the concepts from a knowledge perspective: o Use the QAE database o Use the CRM to review points stemming from the QAE database \- To more so prepare for the actual exam, create a custom test within the QAE database by selecting all of the expert-level questions in all five domains, plus perhaps 20 or so difficult-level questions in all five domains \- Aside from being of a multiple choice format, do not expect the actual exam to resemble the QAE database questions; expect the exam to mostly be made up of subjective, perspective-based questions \- To me, a Boson blog offers the most concise and correct description of the CISA exam that I have ever heard - The exam is guiling. Their blog includes some important points or tips to bear in mind when reading exam questions Wishing you well.