CISA Exam Prep

CISA Exam Prep logo
Welcome to the CISA exam prep community!


This forum was created for exam registrants as an additional resource to help you prepare for the exam. We invite you to participate and share your questions, study methods and tips and help respond to other members. Not yet registered for the exam? Register for the CISA exam now!

In addition to CISA exam registrants, we encourage previous exam takers and certifieds to respond to questions and share their study methods. Community leaders are often past top exam scorers who have volunteered to facilitate discussion and moderate the community.

The main focus of the community is intended to be on study methods, information about study resources, and what to expect the day of the exam. To protect the integrity of the exam, specific discussions about actual exam questions and concepts are not permitted. Any items of this nature will be deleted from the community. Any person posting such content will be removed from further community participation and appropriate action will be taken. ISACA also does not permit the solicitation of study groups in our forums (i.e. WhatsApp, in-person, etc.). Solicitations by posters for individual contact information from community members will be deleted.

List of Discussions

  • UPDATE 13 APRIL: ISACA is pleased to announce that remote proctoring went live today for the CISA, CISM, CGEIT, and CRISC exams. Exam takers can schedule an exam at a testing center (if one is open near you) or via live remote proctoring when signing ...

    2 people like this.
  • Hello  Latyr, As I prepare for the CISA, it is my understanding that the answer to your question depends on perspective. This can be the perspective of the auditor or the perspective of the organization. A Risk Assessment is used by the organization ...

  • A.  Run an automated tool to verify the security patches on production servers. An automated tool would provide immediacy and efficiency in the form of a report. ------------------------------ Roger Killam Senior Systems Integrator at CBRE ---- ...

    1 person likes this.
  • Hi Latyr, Yes, you can post questions in the forum if you need help understanding the answer. However, we ask that all users provide context with the question such as where they found the question or why they do not understand the correct answer. Only ...

  • Thank you all for your participation :) The correct answer is  B and the official explanations are: Full operational tests is incorrect. These would require approval from management, are not easy or practical to test in most scenarios and may ...

  • B is the correct answer ------------------------------ Oladapo Juba Internal IT Auditor ------------------------------

  • C. System log analysis is correct. Because reviewing the system log file is the only trail that may provide information about the unauthorized activities in the production library. ------------------------------ Prince Ogwutum Security ------------- ...

Latest Shared Files