Michael L. Boyd, CISA
CISA. Certified Information Systems Auditor. One of my greatest accomplishments was receiving these letters behind my name and I have a kool-aid smile each time I see it in my email signature. This certification opened doors for my career. This blog post is a response to everyone who has asked me what steps I used to pass the exam and I want to help open doors for others’ careers. Please remember to do what works for you.
The CISA is an ISACA (Information Systems Audit and Control Association) certification is used to validate one’s expertise in the following domains: Information System Auditing Process, Governance and Management of IT, Information Systems Acquisition, Development and Implementation, Information Systems Operations and Business Resilience, and Protection of Information Assets. It is renowned as the standard of achievement for those who audit, control, monitor and assess an organization’s information technology and business systems. The CISA certification is foundational to a successful IT career. One gains instant credibility with internal stakeholders, regulators, external auditors, and customers. The CISA certification is an IAT Level III and CSSP Auditor certification on the DoD Approved DoDD 8570 Baseline Certifications list.
A Couple Key Facts
- 151,000 CISA Certification Holders
- $110,000+ Average US Salary of CISA Holders
A Moment of Transparency
I took this examination twice: once after I graduated from graduate school (2015) and again the following year after starting my career full-time (2016). Yes, I failed the first time I took it while many of my classmates passed. It was a blow to my confidence at first. Over time, I realized I only have a few colleagues that passed on their first attempt including former managers too. So don’t be upset if you don’t pass on your first try. The second (third) time’s the charm.
My graduate degree is in Information Systems Audit and Control. Our courses were structured around the ISACA. Our dean pushed us to pursue the CISA. Also, I worked on numerous external IT audits and internal IT audit engagements prior to passing the examination. These engagements aligned the exam. I did not study as consistently as I should have. I also took the examination when it was on Scantron (it was 200 questions in 2015 and 150 questions in 2016). Lastly, I sat through two CISA boot camps through my graduate program and during an IT audit training in Chicago which helped me.
What Do I Suggest?
- Obtain an ISACA membership. The membership gives your discount pricing for study materials and the examination. Check with your employer. Most employers pay dues to professional memberships. My employers have paid for my ISACA (and NABA) dues each year.
- Order “CISA Certified Information Systems Auditor All-In-One” by Peter Gregory. This manual was recommended to me by someone who used to write CISA questions for the examination! It’s easier to read compared to the official manual.
- Subscribe to the 12-month subscription to the Question, Answers & Explanations Database. The subscription is good for 365 days and costs $399 ($299 with the discount). Check with your employer as they may pay for your study materials. My former employer reimbursed us for the amount we spent on study materials.
- Don’t stress yourself trying to read the manual (unless you study best by reading). Streamline your readings to topics you are not competent in. This manual is much easier to read compared to the official ISACA CISA manual. I remember skipping through the book and seeing the data classification section. I stopped and read the section. I had so many data classification questions on the examination!
- Answer questions and read the explanations in the database daily. The database is interactive and customizable with 1000+ questions. You can view results by domain and gain an understanding of where you should focus your study efforts. I set aside an hour each night to work through questions. This will also allow you to understand how ISACA questions are structured. All answers will be correct. Your job is to determine which answer is the best answer!
Now go out there and get them letters behind your name!