r/CISA

I have been practicing for CISA for the past 5 months on and off and seriously for the past 1month.

I have practiced more than 3500 questions.

With QAE I am averaging around 65% to 70% and planning to grind in the last one week before the exam.

I write down my wrong questions along with the right answer, reason for the answer and the wrong and why I chose it and why it is not right and this is more than 100 pages of written mistakes journal.
Since it contains the right and wrong I am studying with this only and referring to CRM and internet for few concepts which I fail to understand.

For this last one week, I am planning to stick with the same plan and additionally to watch Peter Zerger youtube course.

Please let me know if this is enough for the last week, if not, please let me know what else can I do to improve my chances of passing, as this is very important for me as I am jobless for more than a year.

Thanks in advance

#cisa #isaca

Hello people! I am going into my senior year of college and will graduate with 3 years of intern experience as a vendor risk analyst at my university. I am curious if it would be too early to try and take my CISA exam sometime soon, or if there are other certs I should look at. I saw that I could use college as 2 years of experience, so it would hit the 5 years that you need to take the exam. I'm not sure if this is a stupid question, but any insight on this would be great!

Hi everyone,

I’m planning to start studying for the CISA exam and wanted to get advice from people who already passed it or are currently preparing.

A little background: I have 10 years internal audit background.

I’d really appreciate recommendations about:
Best study resources
Official ISACA materials vs. third-party resources
Question banks
Video courses
Study plans / timelines
How difficult the exam actually is
Biggest mistakes to avoid
Whether technical IT knowledge is heavily required
How many hours you studied before passing
Also:
Is the official QAE database enough?
Are Hemang Doshi materials still recommended?
Any good dYouTube channels or Reddit posts I should read?
My goal is to study efficiently and pass on the first attempt.
Thanks a lot everyone 🙏

Any last day tips and tricks ? What all should I carry to exam center ? Does anyone really feel confident a day before exam and while writing the exam ?

Hey everyone,

I come from a non-IT background (degree in Accounting, currently working as an AML Analyst)

I recently passed the CFE and I want to get CISA to get into IT IA.

What would be the best way to study for it?

Would it be the CISA Online Review Course 2024, CISA Questions, Answers & Explanations Database 2024 or something else entirely

As I want to pass it on my first attempt

Thank you everyone for helping me.

Hi, I'm a third-year Management student at UPF and I'd like to work in the auditing sector. I'm considering getting the CISA to work in IT audit. Would it be a good idea to do it before graduating so I could do an IT audit internship? Or should I do it after graduating? And how do I prepare for it? Any tips? I'm a bit lost 🥹

My exam is in just 15 days and I’m looking for honest last-minute advice.

Resources:
• Official ISACA QAE database
• Hemang Doshi videos & MCQ

Questions for you:

1. Is QAE + Doshi enough at this stage, or do I need anything else urgently?
2. What target QAE score should I aim for?
3. Best use of the remaining time? (Especially last 3–4 days)
4. Common pitfalls or must-know areas?
5. Any exam-day tips?
   Thank you so much — any input from recent passers would mean a lot!

I've Cleared CA Final Group 2, Appeared for CA Final Group 1 in May 2026.Have a few years of firm experience, mainly in forensic audits

I couldn’t clear Group 1 earlier due to personal reasons, and since I’ve been writing these exams for quite a long time now.In case I need to appear again in Nov 2026, I feel focused preparation during September and October should be sufficient. So, I’m planning to use June–August for upskilling and career advancement. I'll also revise Group 1 Subjects during this period.

I’m 28 now, and based on the current market, I want to choose the course/certification that offers the best long-term career growth alongside CA.

I’m currently considering:

• CISA ( Can I work 2 years (not 5) after becoming CA ?)

• Enrolled Agent (EA)

• Power BI

• FP&A

Would appreciate insights from people who have pursued any of these courses regarding:

• Scope and demand

• Career opportunities

• Salary prospects

• Difficulty level

• Overall value addition with CA

Also open to suggestions for any other relevant certifications.

An IS audit senior at a regional bank is leading the fieldwork phase of an audit of the loan-origination system. Three staff auditors are executing the planned procedures and gathering evidence in parallel. What is the audit senior's MOST important responsibility during this fieldwork phase?

A) Ensure all planned procedures are completed by the original end date so the engagement stays on schedule

B) Reassign work from slower staff so everyone completes the same number of procedures

C) Begin drafting the audit report so delivery isn't delayed after fieldwork ends

D) Provide ongoing supervision of staff work, review evidence as it's collected, and document any adjustments to planned procedures

> If people find these useful I'll keep them coming, let me know by commenting answers or upvote.

CISA Certification Journey – My Experience

- Successfully passed the ISACA CISA certification exam

- Focus was on concept understanding instead of memorizing answers

- Exam is fully scenario-based and tests real auditor thinking approach

Preparation Strategy

- Watched YouTube videos to build strong conceptual clarity

- Completed an online structured course for all CISA domains

- Covered topics like IT governance, audit process, risk, and control evaluation

Practice Approach

- Used an online test engine for CISA practice questions

- One of the platforms I used was Pass4surexams, which helped me understand exam pattern and improve time management

- Practice tests helped in identifying weak areas and improving accuracy

Practice Approach

- Used online mock tests and practice question platforms

- Helped me understand exam pattern and time pressure

- Improved ability to eliminate wrong options quickly

Important Note

- Did NOT use any exam dumps

- Focused only on learning + practice-based preparation

- Prioritized understanding over memorization

What Helped Most

- Consistent daily practice

- Reviewing explanations after every test

- Improving weak areas step by step

Final Outcome

- Gained strong understanding of IT audit and risk management

- Improved confidence in real-world audit scenarios

- Passed the exam smoothly with proper preparation strategy

Hey everyone! 👋

Just wanted to drop a quick note — Aurivan is back and officially live! 🎉

We've come back with more quality questions and content to help you prep better. Still a work in progress, but we're committed to making it better every day.

It's not perfect, and that's exactly why your feedback matters. If you spot anything or have suggestions, please don't hesitate to share. Every comment genuinely helps. 🙌

👉 https://laladev-ai.github.io/cisa-prep/

Here's what's packed inside:

- Mock Exam — Simulates the actual CISA exam experience

- 90-Second Timer — Trains you to think like you're in the real test

- Score & Accuracy Tracking — Know exactly where you stand

- Streak Counter — Stay consistent and motivated

- Weak Spots—Pinpoints which domains need more attention

- Bookmark Questions—Save the tricky ones for later

- Domain Performance — See your score per CISA domain

- Difficulty Levels — Foundational, Application, and Analysis

- Built-in Glossary, Topics & Principles — Study without leaving the app

- Works Offline — Install it on your phone and study anywhere

- Study Mode — No timer, instant explanations after each answer, pick your topics freely. Perfect for building your understanding at your own pace.

- Exam Mode — Timed, no hints, no explanations mid-way. Pure simulation of the real CISA exam so you can train under actual pressure.

I chose Sampling risk and the answer is actually 2 detection risk according to doshi.

However when i put it in CHAT GPT it also gave me sampling risk as the answer . Help!

I’m using the official CISA QAE and noticed that the questions under the “Practice Exams” section seem almost identical to the questions already grouped under each domain.

Can anyone confirm if the practice exams are basically a mix/reuse of the same question bank, mainly to simulate the real exam experience and timing?

Also, if I’m running out of time before the exam, is it still worth finishing all the practice exam questions or keep repeating those questions grouped under each domain will do?

Thank you all for your encouragements. They really help. Every time I read a passed testimony here, I feel pushed forward to ensure one day I write my own story. And the story is written today. I am patiently waiting for the breakdown of the result by domains within 10 business days. This dream has been on since 2013, but life issues have been making it impossible. I am so happy I can achieve it.

I was so nervous before the exams but sincerely the Q&A helped. No direct question but they are model after those Q&A. If you study the manual and cover all the domains and practice test, I believe that’s enough to pass the exams. I used just one external resources but I found their questions too watery and not in line with CISA way. So I stopped using it. Well, until my breakdown comes, I can’t describe the extent of my performance.