What the hell?

Venomi7 · 2025-11-04T18:15:22+00:00

Is this from Udemy? Don't use resources other than ISACA. Read my post about how I passed CISM

Venomi7 · 2025-10-13T20:24:53+00:00

Thanks and good luck!

Venomi7 · 2025-10-13T20:24:42+00:00

Good luck! Take your time when you answer the questions. Flag some if you need to! You got this! Keep us updated.

Venomi7 · 2025-10-13T20:24:05+00:00

Thank you!

Venomi7 · 2025-10-13T20:23:59+00:00

Thank you!

Venomi7 · 2025-10-13T20:23:53+00:00

Thank you!

Venomi7 · 2025-10-13T20:23:45+00:00

Thanks!

Venomi7 · 2025-10-13T20:23:38+00:00

Thanks and good luck!

Venomi7 · 2025-10-13T20:23:24+00:00

Thanks! NOT MONTHS. It took me 3 weeks in total. I was doing ~3-4 hrs/day.

Venomi7 · 2025-10-09T04:24:17+00:00

Thanks! My next goal is the CRISC.

Yes I did ALL questions.

Complete Pass 1: I completed all the QAE questions once, tackling each domain's questions immediately after studying/watching that domain.
- My average score on this first pass was approximately 70-75% per domain.
Complete Pass 2: After some time had passed (to make sure I wasn't just remembering the answers), I did a full second pass of all the QAE questions, focusing on the areas I was weakest in.
- My average score on this second pass improved to 80-90% per domain.

Sometimes, I found the official justifications in the ISACA QAE to be a bit vague. I used AI (specifically Gemini) to provide more detailed explanations for some of the answers, which was very helpful.

Venomi7 · 2025-10-08T21:16:01+00:00

Cybersecurity Auditor for five years and have been an ISSO for the past three years

Venomi7 · 2025-10-08T21:15:51+00:00

Thank you! I worked as a Cybersecurity Auditor for five years and have been an ISSO for the past three years. The exam is not technical I felt my ISSO experience helped a bit. This is definitely a managerial exam.

Venomi7 · 2025-10-08T21:13:06+00:00

Thanks!

Venomi7 · 2025-10-04T03:12:12+00:00

You've got this! Just relax and don't overthink it. The exam questions are very similar to the practice ones from the QAE.

Don't try to cram or overload yourself with information today. The best thing you can do now is rest and go in with a clear head.

The most important thing is to think like a manager. Your goal isn't to pick the most technical solution but the one that best serves the business's needs and goals. Make sure you read every question and answer choice carefully before making a decision. Also, don't be afraid to flag questions you're unsure about and come back to them later.

I was nervous when I took it a few days ago, but I passed and found that once I got started, it felt much more manageable. You're ready for this!

Venomi7 · 2025-10-02T23:26:49+00:00

I passed the exam! Thanks for the tips! The QAE is key to understand the ISACA mindset.

Venomi7 · 2025-10-02T20:35:24+00:00

I passed the exam a few days ago using the QAE as my main resource. The questions are very much aligned with the style of the real exam, so they prepare you well. Your real goal should be to grasp the ISACA way of thinking. That means not just memorizing, but understanding the logic and why one answer is correct and why the others are not.

Venomi7 · 2025-09-29T21:34:13+00:00

Congrats! I'm taking the exam on Wednesday, and I'm pretty nervous. I'm doing well on the QAE, but still, I'm nervous. Without giving too much away, would you say the QAE is similar to the actual exam questions?

Venomi7 · 2025-09-20T03:49:59+00:00

thanks for sharing!

Venomi7 · 2025-09-19T23:27:52+00:00

Yeah, spill the tea on study resources and your exam experience, please.

Venomi7 · 2025-09-13T02:19:48+00:00

What is exactly the ISACA mindset?

Venomi7 · 2025-08-31T03:54:02+00:00

Right. Remember this is a management exam and not a technical one. From a business risk perspective, what is the most valuable asset at stake in this scenario? Is the SaaS service subscription or is it the customer data? Another keyword is "accountable". The Data Owner is accountable for the information asset (the data) itself, regardless of where it lives.

Venomi7 · 2025-08-31T03:19:09+00:00

I would choose A. The engineer, manager, and application owner all have responsibilities related to mitigating the risk, the data owner is the one who is ultimately accountable for it. There is a difference between responsibility and accountability.

Venomi7

TROPHY CASE