r/CRISC

▲ 14 r/CRISC

Finally passed - what I did

I passed the CRISC today provisionally. Studied for about a month, and have been in IT for a large enterprise for 4 years. Woke up a few days ago and booked it. Here’s what I used/did that I thought worked:

Hemang doshi Udemy - 3/10 - Good if you are new but not for me. I started listening to this while at work and found it to be super repetitive with the quizzes (did not finish it).

Official QAE - 7/10 - did the tests a couple times and the practice questions. You kind of need this unfortunately. Some of the answers Isaca says that are right are based off of assumptions they make/their ‘mindset’. So while you and maybe your ceo would say “that’s ridiculous” in the real world, Isaca would mark you wrong.

PocketPrep - used it a couple times but just the free version. Definitely not a bad tool, but didn’t use it enough to say if it was ‘the resource’

PSI at home exam - 6/10 - had to schedule my exam super early because all the slots got filled even looking a week out (my fault). But got kicked out of the exam once so had to recheck in which took 20 minutes.

Good luck if you’re preparing!

reddit.com
u/No-Helicopter5041 — 4 days ago
▲ 0 r/CRISC

Anyone willing to help me with Crisc certification resources? I'm unemployed and can only manage the costly exam fees. Would be grateful if someone can share latest manual, QAE etc. 🙏

reddit.com
u/EnvyMeHigh — 5 days ago
▲ 29 r/CRISC

Passed

Total scaled score ~600 on first attempt. Three content areas above 650; one under 450.

Read through the official review manual 1x. Did all questions in the QAE 1x; for those I got wrong, reviewed the answer I chose and the correct answer.

Two practice exams with 80-85% correct. 15+ years in broad GRC - inclusive of infosec, but far from exclusive to infosec.

Good luck all!

reddit.com
u/Ok-Outcome1576 — 5 days ago
▲ 7 r/CRISC+1 crossposts

ISACA Membership & Registering CRISC Exam

Hi,

I'm new to ISACA. I recently received a 50% off ISACA membership offer via email and purchased the membership at the discounted price. My membership is valid until 31-Dec-26.

I understand that once I register for the CRISC exam, I have 6 months to schedule and take it.

My question is: If I register for the CRISC exam on 31-Dec-26 (the last day of my membership) using the member discount, can I schedule the exam anytime up to 30-June-27?

Also, would I need to renew my ISACA membership after 31-Dec-26 to remain eligible to take the exam, even though I registered and received the member discount while my membership was still active?

Has anyone been in a similar situation or knows how ISACA handles this?

Thanks in advance!

reddit.com
u/naras007 — 7 days ago
▲ 32 r/CRISC

Obligatory announcement: I passed.

Third attempt and I finally passed. I won’t pretend the letters after my name mean everything, but in tech risk and governance they do open doors. Especially when you’re in rooms with people who care more about credentials than what you can actually do. (Yeah, the boomers.)

The numbers, for anyone curious:

**•**	Attempt 1: 431  
**•**	Attempt 2 (two weeks later, new domain weights): 435  
**•**	Attempt 3: 616 — passed ✓

What changed was honestly just my approach. The first two times I was studying way too wide. O’Reilly, Pluralsight, every learning platform I could get my hands on. Felt productive, wasn’t. The third time I dropped all of it and went back to the official ISACA materials and the review manual. That’s it.

I used Notebook LM to organize and make sense of everything, then leaned on the QAE then eventually Pocket Prep to test myself.

So the lesson, if there is one: more resources don't equal better results. I learned that the expensive way. Narrowing down and trusting the source material did more than all the extra courses combined.

If you're stuck in the retry loop on CRISC or anything like it, you've probably got what it takes already. Might just be your approach that needs to change, not your effort.

u/Ok-Audience-5260 — 11 days ago
▲ 15 r/CRISC

Provisionally Passed CRISC

I'm happy to share that I've provisionally passed CRISC yesterday at the first attempt.

I'll provide here what I did for the exam.

- CRISC QAE

- CRISC local chapter review course (a study course of the Official Review Manual)

I only used the above two.

I bought QAE but not the Review Manual.

I drilled QAE for around three months, checked my readiness by solving questions from NotebookLM and have done two mock tests. The results of the last two mock tests from QAE were 86% and 82%. I took the second one after one week by spending the time with the questions from NotebookLM. The main point is how you tackle the QAE first time. I asked Gemini what I did not know or what I could not understand. It took a long time but I didn't proceed without understanding clearly.

I hope this post helps your next try.

Cheers,

reddit.com
u/U_you_ — 11 days ago
▲ 2 r/CRISC

typo or genuine correct answer

In the question, (c) is labelled as input validation

But in the justification, (c) is being referred as special character checks.

Can someone explain?

u/flowerymelb — 11 days ago
▲ 12 r/CRISC

provisionally passed

Being tight with cash i used a discount voucher for the exam which i booked last dec - utilized older isaca qae (6th ed) and rm manual as well as udemy 900 questions -

- initial run i scored 73% after studying wrongs and consuming the manual i redid all the q`s AND the sample test at the end with 92% - As this is my first isaca exam i found it challenging even with the cissp , ccsp and a dozen tech certs.

reddit.com
u/Aggressive-Eye-3738 — 13 days ago
▲ 8 r/CRISC

Starting CRISC Prep — Looking for Additional Resources Beyond What I Already Have

Hey everyone,

I recently passed my CISM on April 1st and I'm now shifting my focus to the CRISC. I wanted to share what's worked for me so far and ask for any recommendations on filling the gaps in my study plan.

What I'm Working With:

Through my job I've been provided:

- CRISC Official Review Manual, 8th Edition (eBook)

- CRISC Online Review Course, 8th Edition

- CRISC Questions, Answers & Explanations (QAE) Database, Version 8.1

On my own I also picked up:

- Hemang Doshi's CRISC course on Udemy

What Worked for Me on the CISM (for context):

For my CISM prep I used three main resources, each serving a different purpose:

- Hemang Doshi's CISM Udemy course : Great for getting into the right mindset early on. It really helped me understand the language and framing of ISACA-style questions before diving deep.

- The QAE database : Essential for getting into the ISACA way of thinking and understanding how they approach answers.

- Pete Zerger's YouTube series on CISM: This was honestly a game changer for actually *understanding* the content, not just memorizing it. His explanations made the concepts click in a way the other resources didn't.

- Pocket Prep - Helped with practice on the go during free time and while doing cardio at the gym.

My Ask:

I feel like I have the CRISC study bases covered for mindset (Hemang) and practice questions (QAE), but I'm looking for something similar to what Pete Zerger's series did for me on the CISM — a resource focused on genuinely understanding the CRISC domains and content, not just passing the exam.

Has anyone found a YouTube series, podcast, blog, or any other free/paid resource that really helped them *understand* the CRISC material at a deeper level? Especially anything strong on the risk assessment and risk response domains.

Thanks in advance — any tips or study strategies are hugely appreciated!

reddit.com
u/darksxb — 13 days ago