Hello, everyone. It’s finally 2021 and I hope this will be a year where we could manage our health (physically and mentally) and achieve our dreams as well! To open this year, I’m pleased to share that starting today, I’m officially a certified information system auditor. I wrote down some tips for CISA aspirants out there in the hope that their journey will be less tough. So here is my version of how to pass the CISA exam:

1. Have a strong determination

Becoming a CISA has been my dream since 2015. I kept that thing in my heart even though at first I knew it was impossible. If I keep on walking towards that dream, maybe I will arrive there someday, right? That strong determination assisted me through the long and tiring preparation. It's safe to say that determination is fundamental to achieve something as it provides us the power to go through hardships.

2. Attend CISA review training

Before attempting the CISA exam, I had the opportunity to attend the preparation training at Pusilkom UI (you can find similar training held by other training providers too). For those who want to strengthen their preparation and have the opportunity, please consider attending the CISA review training. But don’t worry even if you can't sit in on the training, you can still have sufficient preparation.

3. Obtain (technical and managerial) knowledge and experience in the IT and auditing field

Having technical and managerial knowledge of IT and auditing is certainly substantial in solving CISA exam questions. Regarding acquiring the needed knowledge, my advice is to read lots of references related to IT and IT auditing, discuss them with others, or join a community (or anything. Pick your favorite way of absorbing knowledge). Meanwhile, to answer some CISA exam questions, require the candidate to be equipped with not only knowledge but also experience so real-life exposure will surely be beneficial. Experience shapes our logic, perspective, and wisdom that will make it easier for us to figure the answers out.

Besides, in my opinion, it's important to increase your exposure to IT terms and English (especially when IT isn't your major and English is not your first language). Familiarity with IT terms and English is advantageous! And also, if you aren't exposed to auditing that much (or even at all), please keep in your mind: governance-risk-control (GRC) are the things the auditor cares about the most.

4. Learn the CISA Review Manual and the CISA Review Questions, Answers & Explanations Manual (QAE)

Believe me that these two books published by ISACA are the sacred reference for every CISA candidate. Take the time to read both of them especially QAE. Understand the explanation of the answers suggested by the book to get the logic, perspective, and wisdom that ISACA sets out. FYI, I took 2 weeks to finish both. (If you don't mind spending some additional money, you can also study Hemang Doshi or any other exam preparation book. I heard they are easier to be understood)

Also, make sure to study the latest version of these books. For now, the latest Review Manual is the 27th edition and the QAE Review 12th edition. 

5. Say hello to cisaexamstudy.com

Two days before the exam, I was lucky to find cisaexamstudy.com. Everyone, please study each material (which is neatly presented as key points. Don't we love that?) and the practice questions that are displayed on that page. I get a fairly comprehensive understanding in just 1.5 days of studying it.  

6. Let's practice through the mock exams

Having a mock exam is essential so that we get used to sitting and thinking without interruption and distraction for hours. Work on the questions until you get at least 80 (the higher the better. So please set a personal goal for example 100 *joking). I tried to complete each mock exam in 2 hours to exercise my quick thinking and ability to finish the exam under pressure. 

7. Mind our physical and mental state

Maintaining health and fitness for an exam is vital. Make sure you get enough sleep so that the next morning we are fit to do 150 questions in 4 hours. Also make sure we take our breakfast, arrive at the test center early, and last but not least manage our emotional and mental state. Be calm. You have prepared enough and are ready to face this test. 

8. Pray

I will always repeat this in every exam tips I write because it is that salient. Pray that we will be at ease in working on those questions. Pray that the questions will favor our knowledge and preparation. After all, it's Allah's decision. It will always happen as Allah's will so beg Him :)

9. Tips During the Exam:

1. If you take the exam at the test center, pay attention to the temperature of the test room. If it is too cold to stay inside for 4 hours, wear a jacket. Also, sit as comfortable as possible. Four hours is not a short time, sweetie. 😊

2. Do it serenely. We have a relatively long time to do it. If we are calm, we’ll be more careful. On exams where there are many tricky questions and answers (and accuracy becomes the key), manage our tranquillity is a must.

3. Be careful with the “almost correct” answers. In general, CISA questions leave us with 2 alternative answers that both seem true. Hehe. Make sure you choose the right one, not one which looks like it. For example, during the exam, I was asked which one should get more attention: discrepancy with the applicable regulations or the absence of stakeholders (or senior management, I forget the exact wording) in the IT strategic plan-making. Yes, stakeholders do not participate in the IT strategic planning discussion is a significant problem. However, it’s going to be harder if there is a major lawsuit against our organization, right?

4. The duration of the exam allows us to review the answers. Review the answers as if we do it again from the beginning. Don't get bored just yet even though your stamina and concentration have decreased. Use the 4 hours fully.

5. Maybe because currently there is a global pandemic, there are quite a lot of questions related to business resilience. Anyone who wants to take the exam in the near future may take domain 4 more seriously.

6. If you take the option of a proctored exam (like what a friend of mine chose), you have toilet breaks twice (10 minutes each). These breaks are also provided if you take the test in the test center. My friend suggested using the break to regain your balance after working on the questions. (But for me, I could stay still for 4 hours. Hihi.)

7. Don't forget to fill out the post-test questionnaire.

Those are the tips I can share with everyone who wants to take the CISA exam. Good luck, everyone. If you have anything to ask, feel free to reach out. It's my pleasure to help you. Cheers!

----

Bahasa version: Tips Ujian CISA