Crisc prep-guide
-
Upload
statisense -
Category
Technology
-
view
1.824 -
download
6
description
Transcript of Crisc prep-guide
5–MonthPrep Guide
|Prepared by: Wale Micaiah|
Certified in Risk and Information Systems
Controls
Having successfully attempted CISM and excelled, it became
necessary to share with others some tips I personally
practiced that aided my success.
I shared them in CismPrepGuide I received tremendous
feedbacks, with several downloads, assisted quite a number
responding to questions on grey areas and contributing my
best to help them get certified.
My philosophy is:
When you find something that
works, share with others so
they don’t go through the
troubles you went through.(http://www.slideshare.net/statisense/cismprepguide)
The first and most important thing to do before paying for
the exam is to establish the reason(s) “why CRISC” among
all the Risk exams! Ask yourself:
Why CRISC?
Is it a job requirement?
Is it for career advancement?
Is it just for professional development
Is it just another conquest?The stronger your conviction “why CRISC”, the more you
will “find excuse for your excuses” when you start
preparing for the exam…trust me, you will have reasons
not to study and practice but if your “why CRISC” is
stronger, you will always find time to study!
Take some time to establish
“why CRISC”
CRISC
“If there is no reason to start, you
will soon find reason to stop!”
So this year, I attempted CRISC on June 14, 2014, about 45
days later (precisely July 29, 2014) I got this:
…We are pleased to inform you
that you PASSED the exam……Again, congratulations on passing the CRISC exam, we look
forward to having you join the more than 16,000 professionals
worldwide who have earned the CRISC credential.
Even though it was a great feeling, it didn’t come to me much
as a surprise…because I had followed some rudimentary
elements of the Psychology of Success coupled with my work
experience, preparation, practice and prayer – yes, I prayed!
…and this is my desire for you too….that ISACA may be
pleased to inform you that you ‘PASSED’ CRISC!
Introduction to CRISCThe CRISC certification, CRISCTM, pronounced “see-risk,” is
designed for IT professionals who have hands-on
experience with:
risk identification, assessment and evaluation;
risk response;
risk monitoring;
IS control design and implementation; and
IS control monitoring and maintenance.
Content of the CRISC ExamThe CRISC exam measures an individual’s ability and
knowledge as they pertain to the performance of the CRISC
task statements. The content of the exam is modified to
reflect changes in technology and practices.
CRISC Domains# DOMAIN % DESCRIPTION
1Risk Identification, Assessment and Evaluation
31Identify, assess and evaluate risk to enable the execution of the enterprise risk management strategy.
2 Risk Response 17Develop and implement risk responses to ensure that risk factors and events are addressed in a cost-effective manner and in line with business objectives.
3 Risk Monitoring 17
Monitor risk and communicate information to the relevant stakeholders to ensure the continued effectiveness of the enterprise’s risk management strategy.
4Information Systems Control Design and Implementation
17Design and implement information systems controls in alignment with the organization’s risk appetite and tolerance levels to support business objectives.
5Information Systems Control Monitoring and Maintenance
18Monitor and maintain information systems controls to ensure that they function effectively and efficiently.
The percentages listed above with the domains indicate the emphasis or percentage of questions that will appear on the exam from each domain.
200 Multiple-Choice Questions – 4hours
1 Question – 72Secs (1min:12Secs)
A candidate must receive a scaled score of 450 or higher to pass the exam
Some questions are included for research and
analysis purposes only
CRISC QUESTIONS PER DOMAINDomain 1: 62 Domain 3: 34 Domain 5: 36
Domain 2: 34 Domain 4: 34
STUDY MATERIALS Official ISACA Study materials – Review Manual and
past Questions & Answers The Risk IT Framework The Risk IT Practitioner Guide COBIT 5
Make some more investment - you will need them!
See www.isaca.org/criscbooks
ADDITIONAL STUDY MATERIALS
Here are some of the additional materials I used for my CRISC preparation.
ISACA Study Materials were my primary and I
refer to these when necessary
STUDY PLANMonth
1 2 3 4 5Week
1
DOMAIN 123
4 Review & Practice5
DOMAIN 2678 Review & Practice
9
DOMAIN 3101112 Review & Practice
13
DOMAIN 4141516 Review & Practice
17
DOMAIN 518
1920 Review & Practice
EXAMINATION WEEK
Consult your reference materials as you study
Remember, this is just a guide! Success is not only in
the PLAN but its EXECUTION!
Each CRISC Domain is divided into: Task statements and Knowledge Statements
STUDY PLAN EXECUTION
Task Statements:These are tasks within this job practice area
that a CRISC candidate must know how to
perform
Knowledge Statements:These are areas a CRISC
candidate must have good understanding of, they are
the basis for the examination.
The Knowledge Statements are the basis for the exam!
STUDY RECOMMENDATION You may start with the Domain you are most familiar with,
but I prefer to start from Domain 1 as they build on one
another.
Read the Task Statements (TS) and Knowledge Statements
(KS) before reading the rest of the Chapter. You may print
it out from the recent CRISC Exam Candidate Guide
document.
The TS, KS is your CRISC Syllabus! TS and KS are the
measurement of your understanding of each Domain. Be
sure you understand what you are required to know in
each KS.
Next, read the Questions corresponding with each
Domain with special attention to understanding the
Questions and logic behind it. For now, do not bother
about getting the answers correctly.
STUDY RECOMMENDATION Take note of words like MOST, LEAST, BEST, FIRST,
PRIMARILY, MAIN, MUST, HIGHEST, GREATEST, PRIMARY,
LOWEST, PRIORITY, MAJOR, EXCLUSIVELY, and NEXT.
They are very, very, very vital!
Refer to other materials of choice, if you need to seek
more clarification.
You should be able to connect the Review Manual with
the TS and KS before proceeding to the next
section/chapter.
Go through the CRISC Item Development Guide. It will
help you know how Professionals think when setting
exam questions.
Stick to what works for you. You know when you
understand better – Morning, Afternoon, Night, with
Music, Low Noise, Library, Room, Public places, etc.
CONTD.
PART I – Risk Management
and Information System Control Theory and Concepts consists of
the 5 Chapters, each dedicated to one of the 5 CRISC Domains
PART II – Risk Management
and Information Systems Control in Practice contains selected
process-specific chapters.
PART I PART II
STUDY RECOMMENDATIONCRISC
REVIEW MANUAL
I suggest you complete Part
I before going on to II
Do YOU have a goal for this
exam?
What is it?A goal keeps you Focus, on a
Mark!
Let’s see how we can set a
GOAL!
WHAT’S YOUR CRISC GOAL?
I had a goal of the score I want to achieve in CRISCduring preparation, and I wrote it down. In fact, Iplaced it where I could see it every time, manytimes, everyday!
GOAL SETTING
I went a step further, I set a goal for each DOMAIN,and I monitor my performance at every practice toensure I meet those goals.
Most people set goal, but they don’t take time to measure (monitor) their goal.
What gets measured (monitored), gets done!
I monitor my performance by keeping a small jotter, Irecorded my performance in each domain and appraisedthem against previous perfomance. See Samples
GOAL SETTING
Keeping those records kept me on track,particularly when I did not perform to expectation.Sometimes, I surpassed my goals and other times Ifall short (sad face) but the records gave me anidea of where I was at every time per Domain.
GOAL SETTING
“Even though it was a great feeling, it didn’t come to
me much as a surprise…because I had followed
some rudimentary elements of the Psychology
of Success coupled with my work experience,
preparation, practice and prayer – yes, I prayed!”
Remember what I said earlier:
Again, remember that ISACA does not go by yourraw score – it is a common scale score of 200 to800. Also, there are some questions that are justfor Research and Analysis purpose – no mark isawarded to them (I assume).
So, you might want to set your goal higher thanusual…the most important thing is that you worktowards whatever PASSING goal you have set!
GOAL SETTING
“Those who Set Goals, Score Goals”
CONGRATULATE YOURSELFOne last thing I did was to congratulate myselfahead of time – I pasted this where I could see itdaily: I pasted it where my CRISC goal
was and I saw it every time,many times, everyday.
It ‘convinced’ my subconscious mind to accept
the ‘congratulations’, and today it is real!
ISACA and several people said congratulations, by mail, SMS, even on Social Media.
As you prepare for this or other
exams, all I can say is:
May the Goal you
have Set and Work
towards be a reality!
Congratulations!
Reference:- www.isaca.org
- CRISC-Exam-Candidates-Guide-English-2013
Analysis by: Wale Micaiah
w. www.statisense.com