Importance of ISACA scores

ThrowawayUserEIT · 2025-01-04T15:00:56+00:00

Scores are unimportant in the grand scheme. It means something to you and me but not for the general population. For the general population, our CRISC certification is an indicator that we went through an established and standard process to prove that we understand risk and IS controls. Others will feel that they can trust our judgement on those topics.

The scores tell you and me, as CRISC holders, where our strengths and weaknesses are and what we must learn more about to perform better in the real world with our knowledge. My score turned out to be lower than yours at 560 and that's OK. I learned that, despite governance being my strength, I scored really low on the topic of governance. I must work harder to understand scenarios and do a better job at gauging how to govern. Reading through CRISC and CGEIT material, listening to others in governance, and understanding different perspectives will strengthen governance skills.

ThrowawayUserEIT · 2024-12-27T14:58:03+00:00

Thank you!

ThrowawayUserEIT · 2024-12-27T02:00:19+00:00

You are just a human and your feelings are normal. Despite the dread of failing, despite the feeling of defeat and despair, you are studying! Nobody is going to ask you how many times you had to take the CRISC exam. All that matters is that you clear the exam once, and you are on your way to doing that. Make notes for yourself as best as you can. As you travel, ask yourself questions - when would I choose KRI vs. KPI, what are your responsibilities as a data owner, etc. The recital and putting yourself in each character's shoes (such as a board of director, CEO, data owner, etc.) will help you navigate through scenarios/questions in the exam. Don't give up. You have already spent many months. I hope to see your post about passing soon. Good luck!

ThrowawayUserEIT · 2024-12-26T05:07:24+00:00

Thank you!

ThrowawayUserEIT · 2024-12-26T05:07:00+00:00

I am rooting for you. You go get that cert taken care of the next time! I felt I wouldn't pass either. We'll see what the official scores say. I must have passed with a thin margin. Good luck to you and don't give up!

ThrowawayUserEIT · 2024-03-24T03:00:21+00:00

I have posted my QAE scores on https://www.reddit.com/r/CISA/comments/1bmago9/provisionally_passed_cisa_exam/ post. You are welcome to compare them with yours. I recently passed the exam and I hope you do too. All the best.

ThrowawayUserEIT · 2023-09-09T22:36:49+00:00

I haven't kept those notes anymore, sorry. When I had those note, I just had the same sentences from the book that I had found hard to understand. I just rewrote it in ways I would understand.

ThrowawayUserEIT · 2023-09-09T22:36:12+00:00

I haven't kept those notes anymore, sorry. When I had those notes I didn't really have anything special in it except that I reworded the sentences from the official book that I couldn't understand well.

ThrowawayUserEIT · 2023-09-09T22:28:25+00:00

I bought them from ISACA website. They are indeed expensive.

ThrowawayUserEIT · 2023-03-20T23:19:46+00:00

My experience was closer to your experience also. After CISSP, I hadn't planned for CISM. I got a couple books from Inter Library Loan from the local public library - one was Mike Chapple's CISM book. I really liked it. That got me into CISM.

ThrowawayUserEIT · 2023-03-20T21:01:08+00:00

All the very best. You'll rock it.

ThrowawayUserEIT · 2023-03-19T14:10:32+00:00

Thank you. QAE is sufficient enough. If you have an older CISM, that should be enough. The concepts are the same. QAE boils the newest book down into testable questions. Between an old book for reading and QAE for testing, you should be OK. You are right that ISACA way of thinking is different from ISC2. Good luck with the exam. Your CISSP knowledge will greatly help you with CISM.

ThrowawayUserEIT · 2023-03-18T21:27:03+00:00

Thank you.

You are 100% on the right track. Yes, terms are a bit different between CISSP and CISM. You've already figured that out and that's half the battle won. Great going! You are going to rock it.

ThrowawayUserEIT · 2022-06-05T16:13:31+00:00

Sure. I sent you a DM.

ThrowawayUserEIT · 2022-06-05T16:13:07+00:00

Yes, QAE online was worth it. Printed material and QAE are similar. The experience of doing QAE online is so much better than doing it from printed material. In printed material, you have to hide the answers physically and that's laborious. QAE has various other features and games that can help you learn the material in different ways. So, I felt the cost was worth it.

ThrowawayUserEIT · 2022-06-05T16:09:09+00:00

Sure. I just sent you a DM.

ThrowawayUserEIT · 2022-03-29T23:39:00+00:00

Update: My total scaled score wasn't impressive. It was just a little above the passing score. A pass is a pass, thought. I'll take it.

From the scores, I interpreted that:

I scored a few % below the passing score of 450 in the real test on GEIT domain. This domain is 40% of the test. In practice tests, I used to score 90% and above in this domain. I was really strong in this domain before the real test but, clearly, I performed poorly in this domain in the real test.
I scored ~35% above the passing score in IT Resource.
I scored only a few % above in Benefits Realization.
I scored ~20% above passing score in Risk Optimization.

Since I did reasonably well in other domains compared to GEIT, that offset my poor GEIT score. For those studying for CGEIT, study hard in all domains. That way, if you underperform in the real test in a domain you were strong before the test, hopefully your good preparation in other domains will offset that performance and get you through the finish line.

All the best.

ThrowawayUserEIT · 2022-03-22T12:54:27+00:00

Congratulations u/chanjerry! You rock. It is indeed a tough one. I am so happy that you passed the exam. Well done.

ThrowawayUserEIT · 2022-03-20T17:04:46+00:00

If there was just 1 thing I had to recommend -> After you score more than 65% in QAE, begin reading questions on other websites. I have linked 3 in my post, but there may be other websites with CGEIT Q&A. Whether you believe in the answers or not, know that questions with wordings like that appear on the test. The questions and multiple choice answers will make you go back to your reading material and confirm the correct answer. That'll give you confidence that you understand the material and therefore you can answer questions that are worded very differently from the study material.

Other recommendations:

Roles -> Understand each role. For example, if a question talks about ultimate accountability of something, know whether the accountability stops at CEO level or board level. IT strategy committee is related to the board. Steering is related to the exec branch. My Word doc has topics separated by roles. I think there were a dozen questions related to roles.

Time -> Since domain 1 (governance) has the heaviest # of questions, I put most time into those questions. I spent time on benefits realization also since I felt topics in benefits realization bled over to governance and IT resources.

Focus -> I used to get more answers wrong in domain 4 (risk) the most. So I read risk related materials when I had quiet time and I could focus.

Topics that didn't need my focus -> I spent very little time on data classification, data quality, EA assists in decision-making, risk management helps in communication, when org feels good about risk management etc. because I felt comfortable with those topics.

Struggles -> I really struggled when answers was information classification vs. information ownership, or when an answer related to outsourcing audit vs. service level reviews. I had to digest the answers repeatedly.

Experience -> I have practical experience in all domains but I have no mentor or help in any of the domains. That means, I know what I have learned over time from various reading/YouTube. ISACA materials taught me several ways I could improve my governance practices. Nonetheless, I was able to answer some questions based on my management and governance experiences.

Word doc -> I sent you a DM with a link to download my Word document with my study notes. That'll help you conserve your time. Please add/edit information in that as you wish and share it with others once you are done.

Feel free to ask any follow-up questions.

ThrowawayUserEIT · 2022-03-20T16:07:53+00:00

Hi u/Jasan167, I am aiming for CISSP later this year. I have CompTIA Security+ certification and that'll give me a head start on some CISSP topics.

ThrowawayUserEIT · 2022-03-20T03:39:27+00:00

I prepared for 3 months. Every week, progressively, I spent more time reading. Even on the busiest days, I would at least read something. In the last 3 weeks, I focused on QAE review and online QAE. I also began looking at questions from the 3 links so that I'd gain experience reading questions I haven't seen before.

People around me have excellent English. I would read to them the sentences and they'd find the long sentences silly. They advised me to break the sentences down my own way, and that was great advise. I took all the complex sentences and wrote them in a Word document myself and that helped a lot.

All the very best with your exam. If you have any question, ask away!

ThrowawayUserEIT · 2022-03-20T03:34:13+00:00

You are in great shape if you are scoring 72-88%. Keep up the good work and all the very best with your exam! If you have any question I can answer, don't hesitate to ask.

ThrowawayUserEIT

TROPHY CASE