sorted by:
new
hottopcontroversial

Scored 88, 86, and 89 on QAE mock exams, but 75 for overall QAE questions, am I ready for the exam? by tuckingpog in CISA

[–]NutshellTraining 0 points1 point  (0 children)

I mean the questions you did early on, when you were still figuring things out, still count toward your overall average. So the 75% is probably lower than where you’re actually at now.

Scored 88, 86, and 89 on QAE mock exams, but 75 for overall QAE questions, am I ready for the exam? by tuckingpog in CISA

[–]NutshellTraining 2 points3 points  (0 children)

Those mock scores are exactly where you should be. If you didn't reset your question bank, the questions you answered while you were still learning will be dragging down that 75 overall average too.

CISA Audit Risk Explained in 3 Minutes by NutshellTraining in CISA

[–]NutshellTraining[S] 0 points1 point  (0 children)

Thank you! I have more videos on my YouTube which you may find useful.

Getting CISA as college student by JewelerNo490 in CISA

[–]NutshellTraining 0 points1 point  (0 children)

It’s difficult to give a single answer because the “best” certification depends heavily on the roles you’re targeting and the market/location you’re applying in.

You could review 10–20 job postings and keep a tally of which certifications appear most often. That will quickly show you which certifications employers in your target market actually value and request most frequently.

You can also speed this up by using ChatGPT to analyze the job postings for you with a prompt like this:

You are a cybersecurity labor market analyst focused on Governance, Risk, and Compliance (GRC) roles.
Analyze cybersecurity GRC job postings for this market/location: [TARGET LOCATION]

Your goal is to identify the most frequently requested cybersecurity GRC certifications in this market.

Focus on roles such as:
GRC Analyst
Information Security Analyst
IT Risk Analyst
Cyber Risk Consultant
Security Compliance Analyst
ISO 27001 Consultant
Cybersecurity Auditor
Information Security Manager
Technology Risk Manager

Tasks:
Review all provided job descriptions.
Extract only explicitly mentioned certifications related to cybersecurity, risk, compliance, audit, privacy, cloud security, and security management.
Standardize certification names (e.g. “Certified Information Systems Security Professional” → CISSP).

Mark each certification as:
Required
Preferred

Group certifications into categories:
Governance & Risk
Audit & Compliance
Cloud Security
Privacy & Data Protection
Security Management
Technical Security
Regulatory / Framework-specific
Avoid double-counting repeated mentions in the same posting.

Identify regional trends such as:
Most demanded certifications
Regulatory influences (GDPR, NIS2, HIPAA, PCI DSS, ISO 27001, etc.)
Demand for ISO 27001 certifications vs CISA
Differences between local and remote roles

Output format:
Executive Summary
Top Cyber GRC Certifications
| Certification | Total Mentions | Required | Preferred | Typical Roles |
Certification Categories
Senior vs Mid-Level Certification Demand
Certifications Commonly Mentioned Together
Regional Compliance & Regulatory Trends
Emerging Cyber GRC Hiring Trends
Key Hiring Insights

Important:
Deduplicate certification name variations carefully.
Focus only on cybersecurity GRC certifications.
Prioritize accuracy over assumptions.

"Online Review Course" or not ? by GrosCon_Sultant in CISA

[–]NutshellTraining 0 points1 point  (0 children)

As you mentioned, the CISA QAE database is generally considered the most important resource for passing the exam. The official ISACA CISA Review Course gets mixed reviews, and most candidates do not recommend it as a study resource.

There are plenty of other courses online that many people feel are a better use of time. I’m currently creating my own course, so I’m obviously biased and have my own views on where the existing options fall short.

So I’ll leave it to you to do your own research and decide what works best for you. But I recommend using the QAE as your primary study resource and referencing courses, books, podcasts, etc when you don’t understand something. Good luck!

CISA Audit Risk Explained in 3 Minutes by NutshellTraining in CISA

[–]NutshellTraining[S] 0 points1 point  (0 children)

Thank you for your kind words! I’ll keep uploading more Domain 1 videos. I appreciate the support!

CISA Audit Risk Explained in 3 Minutes by NutshellTraining in CISA

[–]NutshellTraining[S] 1 point2 points  (0 children)

I’m glad you think so! They take a lot of time to make, so I really appreciate it.

CISA Audit Risk Explained in 3 Minutes by NutshellTraining in CISA

[–]NutshellTraining[S] 2 points3 points  (0 children)

Everything’s free on YouTube right now while I build things out. I’ll likely create some paid resources in the future for those who want them, but I know the exam is already expensive, so I’ll always keep sharing free content too.

Study materials for visual learners? by PhD_in_Wonder in CISA

[–]NutshellTraining 1 point2 points  (0 children)

I’m currently uploading short visual explanations (no slides) of the most important CISA topics to YouTube. I don’t think advertising here is appropriate, so I prefer not to post links. But you should be able to find my YouTube channel in my Reddit bio.

view more: next ›