CISA exam passed, now the required experience
Update: I published a new post with the most frequently asked questions on this post.
Back in the summer 2013, I was interested to pass the CISA exam even if could not obtain the certification without experience. This was a way for me to demonstrate my interest in IT audit to future potential employers. I thought that I could have done the exam in December 2013, but I wasn’t enough sure that I was ready to pass the exam and considering the cost, I preferred to wait until the next date. Furthermore, it is possible to sit for this exam only three times per year in June, September and December; this is the same exam everywhere in the world at the same time. On June 14 2014, this was finally the date and I sat for the CISA exam here in Montreal. I’m not sure how to explain yet this experience. I read a lot on Internet about other experiences and how I could prepare myself to this day. People have normally read many books to study for this exam. For me, I really tried to read the official manual from ISACA and to be honest, I was sleeping on it after only the first few pages. However, I have practiced many hours with the CISA Review Questions, Answers & Explanations Database which, in my opinion, is the best resource that someone could use to study for this exam. Even if I didn’t have any experience in IT audit nor have read a book related to the CISA, my past technical experience in IT was really useful, but also knowledge of my different degrees. This is certainly an exam that requests a really broad set of general IT knowledge. The true challenge with this exam is to learn how to think like ISACA and their kind of questions. Of course, an exam with answer choices seems really simple to pass, but the right answer is always the best answer according to ISACA. It is easily possible to eliminate two on four choices, but the last two choices are always confusing because some choices could be the right one from a technical point of view and not an IT audit perspective. This is not the hardest exam, but stupid mistakes could rapidly occur during a four hour exam with 200 questions.
Now that I have passed the exam, I have to fulfill the experience requirements to officially obtain the CISA certification. Five years are normally required with tasks related to the five CISA domains, but some waivers are possible as much as three years when a candidate has done prior educations, experiences or other certifications. In my case, my bachelor and graduate degrees with IT general work experiences will waive up to three years.