Login

r/isaca

▲ 10 r/isaca+1 crossposts

CISA exam in 8 days, on 29-05, any last minute tips or resources for the exam

I have been practicing for CISA for the past 5 months on and off and seriously for the past 1month.

I have practiced more than 3500 questions.

With QAE I am averaging around 65% to 70% and planning to grind in the last one week before the exam.

I write down my wrong questions along with the right answer, reason for the answer and the wrong and why I chose it and why it is not right and this is more than 100 pages of written mistakes journal.
Since it contains the right and wrong I am studying with this only and referring to CRM and internet for few concepts which I fail to understand.

For this last one week, I am planning to stick with the same plan and additionally to watch Peter Zerger youtube course.

Please let me know if this is enough for the last week, if not, please let me know what else can I do to improve my chances of passing, as this is very important for me as I am jobless for more than a year.

Thanks in advance

#cisa #isaca

reddit.com
u/Sure-Fault-4488 — 15 hours ago
▲ 17 r/isaca+1 crossposts

CISA exam in 2 days!

Any last day tips and tricks ? What all should I carry to exam center ? Does anyone really feel confident a day before exam and while writing the exam ?

reddit.com
u/naveenbaki — 2 days ago
▲ 9 r/isaca

AAISM or AAIR...or neither?

I've seen ISACA is doing a 50% discount for members on their exam materials for their AI certs (shame not exam vouchers too...) and wondered if I should bite the bullet on one of these.

I already have CISM and CRISC with ISACA, plus some ISC2 certs as well, so is this really worth it though?

I am sceptical as to whether these AI certs will ever achieve 'brand recognition' like some of the more established quals...

Seeking opinions on:

  1. Is taking one of these certs worth the ticket price?
  2. If yes, which one out of AAISM or AAIR will provide more utility?

Thanks!

ETA - I know a lot of people say "Well, if work is paying do whatever". I would *try* and get my employer to fund, but our approvals process is slow, so to catch the discount window, I'd probably have to fund myself initially.

reddit.com
u/tookthecissp1 — 3 days ago
▲ 27 r/isaca+1 crossposts

I passed.

Not sure what my score is yet but I will say this. Along with my experience (GRC, IT audit, TPRM) plus my two previous certs (sec+ and CISA) this one only took about 3 weeks of solid study. I only really used the QAE but I would suggest professor messer security plus study and the CISA get certified get ahead book (both helped with my sec+ and cisa) and those cover two domains in the crisc. The other stuff really just came from work experience.

reddit.com
u/Winter_Growth760 — 3 days ago
▲ 10 r/isaca

Half off membership and AI training

ISACA just went live with a half year half price sale - rest of 2026 membership is half off ($12.50 student, $34 recent grad, $72.50 professional). They are also doing half off the list price of AI training courses and exam prep for members. If you’re planning to do any AI training this year, it’s a good time to join. Offer ends June 30. https://www.isaca.org/campaigns/embrace-ai

u/yeahokaysureboss — 3 days ago
▲ 7 r/isaca+1 crossposts

CISA in 15 Days

My exam is in just 15 days and I’m looking for honest last-minute advice.

Resources:
• Official ISACA QAE database
• Hemang Doshi videos & MCQ

Questions for you:

  1. Is QAE + Doshi enough at this stage, or do I need anything else urgently?
  2. What target QAE score should I aim for?
  3. Best use of the remaining time? (Especially last 3–4 days)
  4. Common pitfalls or must-know areas?
  5. Any exam-day tips?
    Thank you so much — any input from recent passers would mean a lot!
reddit.com
u/HistoricalAnybody969 — 5 days ago
▲ 103 r/isaca+2 crossposts

Updated last minute Cheat Sheet from a recent CISA passer!

I got my CISA result a couple of weeks ago and passed with a scaled score of 671.

I recently shared a review cheat sheet here, with an updated version in the comments, and it received great feedback. To make it more engaging and easier to review at a glance, I created a poster version as well.

Additional tip:
1. You don't need additional test dumps to pass (tho they may help enforce topic mastery). The official QAE, and a choice of your book (Hemang Doshi, Review Manual, Pete Gregory) is enough. Yes! Only 1, as any of these will already cover the knowledge base needed for you to understand and pass the exam. You can even just watch the CISA series of Prabh in YouTube, and just have a quick glance of the book or use it to search for topics that you don't understand well. Just make sure to understand the reasons why an answer is correct in the QAE, instead of just memorizing the answers. Make sure to have gap periods after you reset the QAE to avoid the memorization bias when re-answering.
2. You need less review time than you think. Just book that exam, and plot your timeline! As soon as you consistently get 80% of the correct answer in QAE, and that you understand well and can explain why an answer is correct, you are good to go!
3. You may also consider taking ISC2’s free Certified in Cybersecurity (CC) certification before taking the CISA exam. ISC2 is currently offering the certification for free, but you need to register before May 20. You do not need to schedule the exam right away. The topics between the CC and CISA certifications overlap, so taking the ISC2 exam first can help you build momentum and get a better feel for the exam experience, especially since it is free. (bonus is ISACA and ISC2 uses same test facilities in some countries)

If you have further questions, feel free to comment here and I'll try my best to answer as I may miss your DMs in reddit.

u/InitialOrdinary1651 — 7 days ago
▲ 7 r/isaca

CPE credits maintenance

Hi! Already have CRISC last year and also passed CISM last week. Just wondering for those who have more than one ISACA certs, how do you deal with the CPE credits that needs to be maintained every year? I’ve only registered to online trainings and quizzers (which are both free). But my problem is, are there any more ways to earn the credits at a minimal cost. Cause I have plans to take CISA this year as well and CISSP next year 😬. Thank you!

reddit.com
u/Nice-Pick-980 — 8 days ago
▲ 6 r/isaca

AAIR or CRISC Next?

I am honestly really undecided on this questions right now. I am trying to decide if I want to take the AAIR or the CRISC exam next? I am really up in the air about it because I already have the AAISM and the CISM certifications but I want one that revolves around Risk as well since I am already working in that field as well.

I have looked at some of the CRISC exam questions that are already out there and I am scoring around a 80% on them right now without any studying. So I know if I study it I can pass it in a relatively short amount of time. While the AAIR is a relatively new exam I feel that I would do well in that as well.

So I am honestly kind of stuck right now and am looking for some help to decide

reddit.com
u/cyberfx1024 — 8 days ago
▲ 30 r/isaca+3 crossposts

CISM, CISA, and CRISC

Finally ready to post my journey.

Started in January 2026.

CISA earned on 23 January 2026

CRISC earned on 10 April 2026

CISM earned on 8 May 2026

Never say you can't and always be ready to learn and grow. I have over 20 years in Cybersecurity and over 15 years in GRC. Still growing and learning every day

reddit.com
u/Outrageous_Plant_526 — 13 days ago
▲ 8 r/isaca+1 crossposts

CISA exam retake

I have given my cisa exam yesterday but unfortunately couldn't clear. Just wanted to know can I book my exam now as slots are very less for my centre or I can do that after 30 days only?

reddit.com
u/Holiday-Dingo1675 — 11 days ago
▲ 8 r/isaca

Just got my result, hope y'all pass!

First time taking the beta exam with ISACA, and don't quite understand how they released the beta exam result so late but finally it came in.

reddit.com
u/braliao — 14 days ago
▲ 7 r/isaca+1 crossposts

Infrastructure background - realistic path to GRC/ISSO/compliance roles?

Background: 12 years IT at the same company. Started sysadmin, gradually took on security work. Current responsibilities include patch management across a large Windows/VMware environment, vulnerability remediation, SFTP security administration for external partners, and administering a regulated data processing enclave with access controls in an HSM environment. I gather technical evidence for ISO 27001, PCI-DSS, and GSMA SAS audits but don't own any of those programs.

Just passed CySA+ this week. Also hold ISC2 CC and some Cisco networking certs. No degree. US citizen.

Target: ISSO, Information Assurance Analyst, GRC Analyst, or Cybersecurity Compliance roles. I want work I actually enjoy that pays well. I like the controls and compliance side more than SOC work or firewall engineering. Long term goal is CISA late 2026, eventually independent consulting.

Honest gaps: Never driven an ATO. Never written an SSP or FIPS 199. RMF knowledge is conceptual not hands-on. Audit exposure is evidence gathering not program ownership.

Questions:

  • Does this path make sense or am I missing something obvious?
  • Is a technical infrastructure background actually a differentiator for GRC/compliance roles or does everyone have it?
  • Anything I should prioritize in the next 6 months that I'm not thinking of?

Appreciate straight answers.

reddit.com
u/Firm_Invite5346 — 12 days ago
▲ 1 r/isaca

Is ISACA hyderabad chapter worth joining?

I'm exploring some tech and cyber communities in Hyderabad and came across ISACA. Do you think it is worth becoming a member of this community?

reddit.com
u/anji_0216 — 13 days ago