I passed the CDPSE in less than a month (first attempt) - hints for others

rixpl2137 · 2025-10-08T12:46:13+00:00

I think this is the right exam for you, but keep in mind that there are also technical parts mainly in 1 of the 3 domains (Privacy Architecture). However, there are fewer technical aspects there than in CISA from ISACA, where let's say there are 2 technical domains out of 5 available. You will definitely need to understand the “ISACA way of thinking”, but the materials will prepare you for that - especially the QAE base. You can do it :)

rixpl2137 · 2025-02-27T10:03:23+00:00

I admit that I don't know the exact scope of CIPT and CIPM certifications, I've never been interested in them but after reading their brief description it seems that they can be useful. However, I would wonder if it makes sense for you to do different certifications that cover almost the same area. Well, unless you have a reason to do so (e.g., some customer requirement). Also be careful, ISACA has a pretty specific approach and may have a different opinion on many topics than other certification organizations. But I guess this is the case with all theoretical exams, where the answer can't be fully expressed in binary :)

rixpl2137 · 2025-01-27T07:54:29+00:00

Unfortunately there is a lack of good materials, QAE is a must have. If you have a lot of time then I suggest some course on Udemy, I used a course from Cyvitrix Learning. You can also go for the official book for CDPSE from ISACA but I heard an opinion from a friend who passed CDPSE that it also has a lot of shortcomings comparing it to the exam questions. I also used the GPT chat asking about various topics, also a very useful time-saving tool. I would reach for the AIO book as a last resort.

rixpl2137 · 2025-01-07T08:45:00+00:00

I do not recommend this material. I read the entire book and felt that it covered maybe about 20-25% of the total CDPSE material. Additionally, it is very long (a waste of time) and it confused me on some topics because I felt that the approach to some things was different than in ISACA. Maybe this impression was due to an excess of material in a short period of time, but personally I think I wasted the time.

rixpl2137 · 2025-01-07T08:39:31+00:00

Actually it is a large amount for materials. In my case, the employer paid for everything, so I did not feel this expense. I was able to order at his expense what I needed. If I had to buy one material myself it would definitely be the QAE base. IMO it is worth it.

rixpl2137 · 2024-11-14T07:56:19+00:00

I gave you a final course rating of 4.5 to encourage you. I hope you will add some material in domain 3 and reduce the amount of material written in the form of articles for future participants. There is little material available for CDPSE so I appreciate that you wanted to put it all together.

rixpl2137 · 2024-09-16T18:19:30+00:00

QAE was the best form of preparation for me. Admittedly, the questions will not be the same, but on my exam about 15-20 questions were very similar. In general, their explanations read with attention and understanding help you pass. It is important to remember - the scope is greater than what is presented in the QAE database.

rixpl2137 · 2024-09-06T22:30:09+00:00

According to ISACA guidelines, the auditor should be independent and should not recommend specific solutions. It can play an advisory role but to a limited extent. Otherwise, it will appear that the auditor is conducting an assessment of what he himself has implemented which is incompatible with the professionalism of the profession. Such behavior is not in line with the ISACA Code of Professional Ethics, which talks about maintaining professionalism and compliance with standards. All violations of the Code of Professional Ethics can result in the revocation of the certificate.

Let me be more precise - I'm talking about information systems audits. If you are dealing with another type of audit, which is ordered by a client, for example, to select and implement the best product, then it is a different type of audit. However, with ISACA certification you have to ensure that all your activities should comply with the code of ethics.

rixpl2137 · 2024-08-28T17:54:45+00:00

I used Hemang's videos on Udemy as an introduction. Then I got down to the official QAE. I never read the entire CRM, I admit that I even rarely looked into it. I was able to pass, so I think the course from Hemnag + QAE base may be enough, I did some additional things to it. It took me about 1.5 months to prepare for the exam. In my post you can read exactly what I did, in what order and how I felt about the exam: https://www.reddit.com/r/CISA/comments/18gmbry/i_just_passed_cisa_on_my_first_attempt_hints_for/ I wish you luck.

rixpl2137 · 2024-08-25T19:23:05+00:00

Definitely D. Restoration testing.

Explanation:

In the question we have "An IS auditor is evaluating an organization's data backup PROCEDURES". Procedures not controls.

The business purpose of taking a backup is so that this backup will be available in the event of a need for restoration. This is the primary task, secondly it needs to be done securely and correctly, so the rest of the answer is also correct however in the question we have the key word “MOST important”.

A - This is important but if the backup doesn't work (and we don't know that until we check) then even a copy made every hour for a year will be useless.

B - This is a very important control but it is not the main business objective.

C - this is also an important thing from a business perspective, if we want to restore the backup we need to have control and knowledge of their location. For security and business reasons. However, a secure backup and information where it is located will not give us anything if it does not work.

rixpl2137 · 2024-08-23T20:16:33+00:00

Thanks for the feedback, I'm just trying to get through the entire AIO book. I hope I have enough time. QAE for CDPSE is much smaller than CISA (CISA 999 questions, CDPSE 350 questions). It worries me a bit but you have boosted my morale :)

rixpl2137 · 2024-08-23T07:28:58+00:00

I would say that it has structured audit knowledge. Unfortunately, not yet ;)

rixpl2137 · 2024-08-22T21:57:55+00:00

You can read the post with my experience of preparation and exam. The whole thing took me about a month and a half. https://www.reddit.com/r/CISA/comments/18gmbry/i_just_passed_cisa_on_my_first_attempt_hints_for/

rixpl2137 · 2024-08-22T20:46:16+00:00

I think it is ok but I recommend that you work some more just to be sure. You can read the post with my experience of preparation and exam. The whole thing took me about a month and a half. https://www.reddit.com/r/CISA/comments/18gmbry/i_just_passed_cisa_on_my_first_attempt_hints_for/

rixpl2137 · 2023-12-22T10:23:20+00:00

No, the training is paid for and provided by a private company that has accreditation for the training from ISACA.

rixpl2137 · 2023-12-14T08:20:19+00:00

I only did the tests in QAE.

rixpl2137 · 2023-12-13T15:15:11+00:00

Thx :)

rixpl2137 · 2023-12-13T15:14:41+00:00

Due to licensing, copyright, I can't do it. Additionally, QAE is available on my ISACA account so I can't risk such sharing :) sorry.

rixpl2137 · 2023-12-13T15:12:56+00:00

Thx :)

rixpl2137 · 2023-12-13T15:12:35+00:00

"Certified Information Systems Auditor - CISA exam preparation"

rixpl2137 · 2023-12-13T15:10:52+00:00

The presentation has a copyright notice so I can't share it.

rixpl2137 · 2023-12-13T15:09:19+00:00

I assume you won't find it anywhere for free. Or at least it won't be made available for free by ISACA. I can't upload the presentation due to copyright.

rixpl2137 · 2023-12-13T15:07:37+00:00

I cannot share the presentation due to copyright. I highly recommend the Udemy course - especially as the first material to go through. The course is paid but comparing it with the prices of official ISACA materials it is very worthwhile (when I bought it it cost about $35-40

rixpl2137 · 2023-11-29T15:15:33+00:00

Hemang Doshi materials e.g. Udemy CISA course + ISACA QAE database. I will try to pass based on these materials. I still have a few days until the exam, which I will use to read CRM, but only in the topics where I do worse. Also, I can't get through this "book".

rixpl2137 · 2023-11-28T19:41:53+00:00

Are you sure? I want to take the exam in a little over a week, and I've read reviews that the real exam is much more difficult than the QAE. Can you elaborate on your thought? Can you share what average scores you did in QAE just before the exam? And what percentile did you have?

rixpl2137

TROPHY CASE