There are 2 main requirements for attaining the CISA certification from ISACA: Pass the exam and Submit valid work experience. On June 11, 2016 I went to the DoubleTree Hotel by SJC airport to sit for the exam.
Leading up to this moment, I had spent the last 3 months studying and preparing. I purchased both the official Review manual and the Question, Answer, Explanations database. I held off on taking any classes at the time. I spent days reading how others that passed the exam had prepared. I started with the question and answer database, which turned out to be a great self-study tool. The even let you set you test date and it will tell you how much time each day you need to spend to be ready.
From March til the beginning of May, I spent about 2 hours a day studying in the database. I also created an application that would take all the data from the study sessions and analyze them and identify areas I consistently had issues with and questions I was guessing the answer on.
Starting the second week of May, I stopped studying completely for 2 weeks. Partly to let my brain relax a bit and partially to allow me to test how well I remember the information I studied. After my 2 week break, I started studying again for only about 30 minutes a day for the rest of the time before the exam date.
Checked in at the table outside the conference room. When I entered the room it was filled with tables on both sides and a single aisle way down the middle. I sat towards the back, at this point I was quite nervous. ISACA is one of the few certification authorities that was still administering paper/pencil tests.
As the start of the testing time came, they gave out the booklets, answer sheets, and instructions. The test started……and the questions I was seeing in this booklet were not seeming similar to the ones in the database that I was studying. I had filled in all the bubbles on my answer sheet only 75 minutes into the 4 hour exam window. I was the first to bring my test to the proctor in the front of the room and then gather my items and head home.
Four to Five weeks is the time it takes to receive your test scores. I felt good for the first week. However, by the second week, I had convinced myself that I had failed the exam. Not just fail, but horrifically, and in my mind it was because I was finished too soon into the exam window. So I quickly reached the point of not wanting to see my results.
From the day of the exam until the day you get an email with your exam results is a long wait. At the end of July, I received my official score from ISACA. I received a 570 and scored in the top 20% of exam takers in 2016.
In addition to telling you your total score, they also break down your scores on each of the domains covered in the exam. These scores are on the same scale as the overall score, so you are easily able to determine which domains you need to brush up on or study more.
Applying for certification
Once you have passed the exam. You need to document and have verified 5 years of relevant Audit or Information Security experience. Multiple forms have to be filled out and signed by previous employers/mangers.
Once you submit the application by email, expect about 4 working days before you receive a confirmation email. From that point on, you can see your application status on the ISACA website when you sign in.
My Certification was officially issued on November 18, 2016. It is valid for 3 years, during which, as long as I meet CPE requirements, I can renew for an additional 3 years.