When I was studying for the CISA, I created a 40-page study guide for myself that you can download for free.
If you decide to use it, here’s a couple points to keep in mind:
- The guide alone will not be enough to pass the exam. Because I created this guide for myself, it contains only material that I thought was important, thought was going to be on the exam, or needed to brush up on. I left out most of the stuff that I already knew. Even so, I think you will still find it helpful, especially since the price is right.
- To prepare for the exam, I read the official ISACA CISA Review Manual, Sybex’s CISA Certified Information Systems Auditor Study Guide, went through the study questions associated with those books, read some miscellaneous materials, and also attended a CISA review session provided by my local ISACA chapter. This guide is based on them, but people make mistakes, so if something doesn’t seem right, check it out. Errors may have been in the books or my paraphrasing of the material, or both! In the end, always judge what you read, and think for yourself!
- The guide is divided into these sections (which ISACA has since revised for the exam):
IS Audit process
IT Governance
Systems & Lifecycle Mgmt
IT Service Delivery & Support
Protection of Info Assets
BCP and DRP
- Throughout the guide, I highlighted key sections and phrases. I also made acronyms out of many of the key concepts. For example, I memorized the 7 parts of the Code of Ethics using the acronym: IPS PC DE.
- This guide contains more IT details than you’ll probably need, as one of the big surprises when I took the CISA was how few questions on my exam related to IT. For example, this guide includes the 7 OSI layers according to ISACA. I’d memorize the layers, but not all the details regarding each layer. Regarding the IT content of the CISA exam, see these posts: Where is the IS in CISA? and More on the CisA Exam.
- Finally, remember that I created this guide for myself, so there will be things you may not understand or seem strange. When something strikes you the wrong way, just shake your head and move on. Or leave me a comment and I’ll respond.
Final Suggestions
- Make sure you know the basics of auditing, like the different kinds of sampling and when to use them (for help, see my Audit and IT Audit for Dummies post). If you have to cut your study time short, skimp on the IT side, not on the audit side!
- Read the following post: How to Pass Certification Exams.
- Check out the suggestions on this blog, dedicated to passing the CISA exam: http://passcisaexam.wordpress.com
Download CISA Study Guide
To download the guide, go to the Free Downloads page. After you download it successfully, please leave me a comment that you were able to do so–this will help others understand they are doing something wrong, and nothing is wrong with the download link. THANKS!
Testimonial
According to one commenter, 1tsm3, the CISA Study guide “contributed to my passing the June 2014 CISA exam!” See the comment here.
MORE
See my post regarding the FREE CISA Glossary.
See all posts related to CISA .
Good luck! And have fun.
ITauditSecurity 
Hi Everyone,
If you’re interested in what readers like you had to say about the study guide, check out these comments: https://itauditsecurity.wordpress.com/links/free-downloads/#comment-1416
LikeLike
Sir ,You mentioned that you have practised 2500 questions for cisa can u provide those questions?
LikeLike
sandeep,
Those questions came from the books I purchased and the local ISACA chapter seminar that I took. I don’t’ have them anymore and couldn’t legally share them if I did. Sorry.
The only free questions I know of are in this post: FREE CISA Prep: Self-Assessment Exam. Check out that post on this blog.
LikeLike
thanks. I think passing cisa is a tough ask. sir can u guide how to plan study ? and what should be right method? and i find it difficult to apply the studied concepts to questions .
LikeLike
sandeep, I’m responding above your comment rather than below as no REPLY button was after your 10/11/15 comment. Not sure why.
ISACA provides outlines and guidance on what you need to know for the exam in their official book. Focus on those items.
Use the questions to determine where you need to study more. The more wrong answers you get for a particular chapter or exam area, the more you need to better understand and study that area.
Don’t just learn all the “right answers”. It is better to understand the material as questions on the exam sometimes differ from the study questions.
Again, focus on the audit side rather than the IT side; the audit is so much more important FOR THIS EXAM.
LikeLike
I appreciate your effort of providing such notes. I overviewed and it look awesome.
Thanks again
Kashif (CIMA-London)/ACMA(PK)/MBA (Liverpool)
LikeLiked by 1 person
Hello ,
I am not able to download the document. I get an error that the service is unavailable. Please could you help.
Regards,
Roopa Amit
———————————————
UPDATE FROM ITAUDITSECURITY: I no longer email the document. See red text on the Downloads page. Sorry. – Mack
———————————————
LikeLike
Roopa,
Not sure what problem you’re having. Please provide more details on what you did (links you clicked). Otherwise, I can email you the document.
LikeLike
Hello,
I first went to the below mentioned link
https://itauditsecurity.wordpress.com/links/free-downloads/
Download Links
Two sets of links are shown below: Click the first link to access the ITauditSecurity blog Skydrive site and download the file(s); click the second link to read the article that describes the file(s).
Download ACL in Practice PDF and sample data files – mentioned in Teach Yourself ACL.
Download CISA Study Guide – mentioned in FREE CISA Study Guide.
As of 1/11/13, the CISA Study Guide has been downloaded over 2,710 times!
Download Customer.txt – mentioned in ACL: How to Add a Computed Field
Today when I access the link it says internet error. However last time whenI accessed it said page cannot be found. I shall internally the internet settings. However it would be good if you can mail it across to me. Also are there any specific changes in internet settings that needs to be done?
Regards,
Roopa Amit
LikeLike
roopa,
You didn’t say which link you clicked. I assume you clicked the ‘Download CISA Study Guide’ link. I logged out as admin of the blog and clicked the link as a regular user in Firefox, IE, and Opera. All worked fine except Opera. When you get to the Skydrive site, you have to click the file itself to download it.
What browser are you using? I suggest you try another browser or ask someone else on another computer to try the link. Please let me know.
In the meantime, I’ll email you the file.
Sorry you’re having a problem.
ANYONE ELSE HAVING THIS PROBLEM? Let me know. Thx
LikeLike
I would be greatful if you please send me the document. i need it badly.
LikeLike
Arif,
I sent it.
Please leave me a comment regarding: 1) why you could not download it (what browser & version were you using, what messages appeared), and 2) after you read it, what you thought of the guide.
LikeLike
I was able to download it just fine. I downloaded it via Google Chrome. Not sure what the problem is that Roopa is having.
By the way, thanks for creating the guide and the blog posts. Very helpful.
LikeLike
Thanks, Randy, for the feedback and the kudos. Appreciated.
LikeLike
Hello,
Excellent guide to start of with CISA preparations and for revision once we have read through the manual
However just to update, CMM is now an old legacy model of SEI.
CMM is now CMMI, however the basic contents mentioned remain the same.
Thanks once again for the guide
Regards,
Sunny Shewani
LikeLike
Hi Sunny,
Thanks for the feedback. By CMM, you are referring to the Capability Maturity Model?
LikeLike
well I am newly wisher to this certification please guide me that how may I execute these upper ACL files which downloaded …
LikeLike
Hasan,
The CISA cert and the ACL files are not connected. ACL is data analytics software that is primarily used by auditors. To use the files, you have to have ACL software.
The ‘ACL in Practice PDF ‘ document explains how to use the ACL files. To get ACL software, see the post Teach Yourself ACL .
LikeLike
can you please tell me which manual is best and enough to read Sybex or CISA official review manual?
LikeLike
K,
If you only read one, read the official review manual. That true of every cert. It’s just that it is usually the most boring, but has the most and best information.
LikeLike
Hi i am new to CISA and from the accounting background
Can you suggest me any study material for CISA Exam and the ideal time for preparation of Exam
LikeLike
E,
As noted in the 2nd bullet above, use the official ISACA CISA Review Manual. If you can afford another book, get Shon Harris’ CISA guide.
I’d recommend about 3 months preparation at least, for reading, taking notes, and going over and over test questions.
LikeLike
I am not able to download the free CISA study guide, Please email it to me.
[I sent it – Mack]
LikeLike
Pls sent me cisa study guide iam unable to download it
LikeLike
Sonu,
Sorry for your troubles, but please provide more info like what browser did you use and what happened? What did you do and see? I haven’t been able to track down the problem and need help doing that.
LikeLike
Pingback: Study tip #8 | CISA Exam Blog
Hi I wasnt able to download the study guide. I tried downloading it using Windows Explorer and Google Chrome. I click on download CISA study guide and got an error message stating “webpage not available”. can you please email it to me, thanks.
LikeLike
I wasn’t able to download the study guide using Google Chrome 33.0 or IE 10. The error messages simply say that the page cannot be displayed. Thanks.
LikeLike
Chris,
Sorry about that. I always recommend Firefox. The email address you left in the comment does not appear to be valid, so I won’t be able to send it to you. Leave me another comment with a valid email address; if you leave it in the email field, only I will be able to see it.
LikeLike
Thanks a lot for the reply. The email should be valid, as I received notification of your above post at the email that I submitted. I’ll also leave another comment in case it doesn’t work for some reason.
LikeLike
Team, you guys doing a wonderful job. I am sorry but I am not able to download the study guide. Request you to please send it to my email address. Email is sunilkr.bisht@cx.concentrix.com
LikeLike
Sorry, please see my note on the DOWNLOADS page. I can’t respond to these requests any more. I suggest you have someone else download it.
LikeLike
Thanks to your manual … it contributed to my passing the june 2014 CISA exam! Keep on blogging bro!
1tsm3
from the land of k1l1manjaro and the s3r3ng3ti. :-)
LikeLike
1tsm3,
Thanks for letting me know. I’ve heard lots of good comments about the guide, but I believe that’s the first time anyone has ever said the guide specifically helped them pass the CISA exam!
I’ll keep on blogging, but it’s much harder work and takes a lot more time than most people realize. I’ve been doing this blog since March 2009. I haven’t run out of material yet. But finding the time to keep the posts coming is hard.
I always appreciate the comments and how skyyler and I have helped others. That’s our reward. Thanks again!
LikeLike
Good afternoon,
I love reading your blog. Thank you very much on the tips you give for the CISA exam. I had a quick question that I was hoping you could answer. How does an employer look at a candidate who has passed the exam but still hasn’t received the work experience to get the license? Do they even consider them? Is it worth taking the exam if a person doesn’t have the work experience to get the license? Is is possible to pass the exam and then get the experience? I hope you can shed some light on the subject matter.
Thank you
LikeLike
Faraz,
I believe that if you have 2 people who don’t have much audit experience, but 1 person has passed the exam, that person will have the edge.
I have mentioned elsewhere that one company I worked for hired two internal candidates, and neither had an audit cert or audit experience. One person had a privacy cert and the other had some IT experience.
Neither of these people were cheaper than hiring an auditor with some experience, but no certs, as they had been with the company several years. That’s probably why they were hired. As as noted elsewhere, 1 is doing real well and the other’s progress is still debatable.
You will have an easier time getting the experience if you have the cert. If you don’t have the cert or experience, how will you sell yourself to an employer? At least with the cert you have demonstrated that you have a basic understanding of the concepts the cert covers.
I appreciate your feedback on the blog. Glad you enjoy it. I trust you are recommending it to others as well.
Good luck!
LikeLike
Hi, Just able to download. thanks a lot!
LikeLike
Hi Pankaj , are you registered as a member with CISA?
LikeLike
hello Sir, I would like to know that is 2 months enough to prepare for the CISA examination.
LikeLike
Hi Pushpita,
It depends on your background and the amount of study time you have. If you have no IT or audit experience, I’d so no. If you have some experience and can study a lot, maybe you could do it. I would not advise it unless you catch on fast and do well on exams. Best wishes, Mack.
LikeLike
Hi,
First of all let me thank you for this awesome guide. The documents are simply awesome. I have downloaded all and helped me a lot. I am taking the preparation to achieve CISA. Thank you once again and keep this good job. God bless you. Thank you..
With Warm Regards,
Pinaki.
LikeLike
Pinkaki,
That’s why I published it. You’re welcome. All I ask is that you turn around and free give back to others to help them in their journey. God HAS blessed me and allows me to bless others..
LikeLike
I googled for CISA and found this blog. Very useful. Thank you very much. NO body offered this much of information free of cost.
LikeLike
M,
Glad to help. Thanks for taking the time to let me know.
LikeLike
Pingback: Advise for Taking the CISA Exam
Hello, I am trying to download free guide but not able to open it. could you please send this on my email address
Thanks,
Vanita
LikeLike
Sorry, I don’t do that anymore. Pls read the text in red on the Downloads page.
LikeLike
Hi just came across this blog, and l have read all the comments since you created it. l just downloaded the free study guide, thank you so much, you are my hero God bless you real Good. Am a programmer/web administrator, l decided to change my career and move into ls auditing because am not enjoying my job anymore. And since l started studying l have been enjoying it , l am so sure this is what l want to do and am excited about it. Can you please be my mentor?will really love to hear from you.
LikeLike
HI wuraola,
I’d be happy give you some input if you have some questions.
LikeLike
Just 2 weeks remaining.. and i was pretty was 70% sure i will pass the exam. because i am getting approx 75-85% rate in ISACA, QA database. but today i took your exam. 2 thing. your question are more difficult to understand and also time is too fast.. i could do only 15 question from 20 . and just did 50% wrong … now i am suddenly in a feel that i will fail..
LikeLike
Talal Javaid,
Not sure what you mean by “my exam”. The important thing is that when you miss a question, you figure out the right answer and why you chose the wrong answer. In other words, learn the material and understand it.
If you’re doing 75-85 in ISACA, you’ll probably be ok. Believe in yourself and don’t panic. Keep working at it.
LikeLike
Sorry for not cleared msg. buy you got it right…. yes 4june is my cisa exam, don’t have any idea how i am going to do. just finised test of 50 question. done in 50 minutes and got 78%. now what i notice i am not getting confidence in some long question.. small questions are ok.. but still no idea how i am going to do in exam cause that ISACA Q&A database question looks much easear then me than some other free question i can find in net
LikeLike
Talal,
Make sure you’ve read my How to Pass Certification Exams post at https://itauditsecurity.wordpress.com/2010/06/07/pass-exams/
LikeLike
I am beginner could i prepared for cisa exam. because after passing the exam we have 5 year to show experience. I want to know cisa, is it harder exam. How much months enough for preparing the cisa exam.
please tell me the detail of practice question where we can practice and best book i must study. what approach i should follow.
LikeLike
I cover all of this in my CISA posts and especially in the COMMENTS of these posts. See the CISA link under Quick Links at the top of this page, on the right.
LikeLike
Hi Mate,
Thanks for your great posts. I’ve been using the information to structure a study process for myself. I’ve covered the Book almost 2 times, and have finished the Q&A DB at least once and am revising it. The CISSP book was of great help to disambiguate the technical side of things – must say its a great book. I’ve also used Cannon’s book for reference as well; however, seems like I am at peace with the CRM now, and am running thru it a 3rd time.
I’ve done the CISA self assessment exam provided in your link, and have scored an 84% in it also.
Of you i have one question. I have developed this habit of linking the question to the domain and then I rummage for the info at the back of my head to get it absolutely right. This can get me into trouble. Can you help ?
NK
LikeLike
NK,
Sorry, but I’m not understanding what you’re asking me. Please say it again in different words…
I will take a stab at what I think you meant….It sounds like you are memorizing a lot of info and trying to access it to answer questions. Some stuff you have to just memorize–but overall, you need to work at understanding what the question is and how the answer fits the question and what it really means.
That way, you don’t have to memorize as much and you retain true knowledge instead of just facts. It is similar to the difference between remembering the lie you told and just telling the truth, which you don’t have to remember as much–the truth is usually just there.
Also, understanding a concept will help you remember and apply it. If you just memorize to pass an exam, how will that help you in the real world when you face a similar problem and have to make a decision? If you do just what is needed to pass, that will hurt you in the long run. Life has many shortcuts, but they all come with a high cost. Make sure you consider the high cost of shortcuts AND are willing to pay the price later.
Hope that makes sense. Let me know if you want to discuss further.
If I misinterpreted your question, I apologize. Cheers. Mack
LikeLike
Pingback: What IT Auditors Ought to Know – and Don’t! | ITauditSecurity
Pingback: CISA Exam Resources – Audit Monk
I am failing to download the guide it shows the link but when i click there in no guide to download please email me i really need it
LikeLike
I got the guide thank you
LikeLiked by 1 person
z,
Click this link https://onedrive.live.com/?authkey=%21AN6d2gI2WdclzXI&id=C669A789B5945D9E%21122&cid=C669A789B5945D9E if that doesn’t work, try another browser.
This guide is downloaded many times a day. Some people have problems, but most don’t. Sorry for your trouble, but again. try a different browsers.
Future requests like the one above will be deleted and ignored. Sorry!
LikeLike
Thanks a lot ..Was scared to take the exam as so much to read and prepare but your guide is helpful
LikeLike
Nadia,
Great. Wish you the best. M
LikeLike
Hi,
i also wish to take CISA exam this year and started preparing for the same. I have your guide but i know this only will not help. I need information on correct book material that i can use. As in today market there a lot’s of book, but whats the difference and which are the correct one’s to follow. Please let me know. if possible, since you mention you ISACA Delhi chapter helped you. let me know how joining their community can be helpful. Are you also a member? It would be great if you can pm me your contact number to discuss in person.
LikeLike
Deepak,
I always recommend the official ISACA book, as it’s their exam. As for others, I’d suggest asking CISAs you know, or contacting the closest ISACA chapter. Or find a large company in your area that has an internal audit department and talk to some of their auditors.
I can’t recommend any of today’s books as I haven’t read any of them.
My local chapter is not the Delhi chapter as I’m in the US. Chapters can help you by providing seminars, workshops, and advice on studying. You may also find others nearby you can study with or chat with re: questions.
I belong to ISACA as my CISA certification is current. You have to belong to a local chapter to maintain your cert. You don’t have to attend meetings and you can ignore your local chapter if you want.
I don’t give out my contact info. Best wishes. Mack
LikeLike
Hello There,
Can anyone help me understand from basics? at least the resources I can avail! Im into identity & Access management profile for 5 years, Want to do CISA certification. Kindly guide me how do I start preparing.
LikeLike
Search this blog for CISA and certification posts.
LikeLike
Pingback: Advice for Taking the CISA Exam - risk3sixty
Pingback: Blogging about Internal Audit (10 tips) | ITauditSecurity
Pingback: Most Popular Blog Posts of 2021 | ITauditSecurity
Please send me the CISA study guide. I was unable to download it.
Thank you.
LikeLike
Sorry, I don’t send the guide out. Try another browser.
LikeLike