Tips to Prepare for ISACAs CRISC Exam

Tips to Prepare for ISACAs CRISC Exam
Author: Adham Etoom, PMP®, GCIH®, CRISC®, FAIR™, CISM®, CGEIT®, Head of Policy & Compliance at National Cyber Security Center of Jordan
Date Published: 12 April 2019

My motivation to pursue ISACA’s CRISC certification was to improve my skills, knowledge and understanding of enterprise and IT risk management.

The CRISC exam is the most rigorous assessment available to evaluate the risk management proficiency of IT professionals, and CRISC is among the leading GRC certifications, according to CIO magazine.

During my career, I have worked at different enterprises in IT/IS at various functional levels. I hold PMP and GCIH, which I consider to be significant factors in passing this exam.

Despite the fact that my preparation time for the CRISC exam was relatively short, I strongly believe in proper planning, execution and monitoring to succeed in any endeavor, no matter the amount of time you have. I am delighted to share with you some tips and advice of how I prepared for the exam:

  • Do your own research about the certification that you are interested in. One of the best starting points is to check the ISACA website; all information that you need should be available there. Then, speak with your trainer, or others who are being certified, and ask for some assistance.
  • To get all ISACA benefits and discounts on certification exams, including CRISC, become a member.
  • Start with the official CRISC study materials (Review Manual, Questions, Answers and Explanations), and make sure to get the latest editions. Reading the review manual at least twice cover-to-cover was a great help for me, as well as practicing QAEs as much as possible before the exam. It is important to grasp the underlying logic behind all concepts across all domains.
  • For more understanding and practice, enroll in a CRISC training course, or you can choose to self-study.
  • Continuously evaluate your understanding level, and challenge yourself with questions to bridge any knowledge gaps and weaknesses. Remember: practice makes perfect!
  • Don’t stop researching and reading while you study from various sources. Risk management is full of abstract concepts. I found these resources valuable for preparation: The Risk IT FrameworkMeasuring and Managing Information Risk: A FAIR Approach, and other ISACA publications.
  • Go to the exam with a reasonable confidence level and an understanding of the risk management process cycle. Remember: confidence can make or break any exam!

CRISC is an important journey in my professional life, and I appreciate it much more than before having gone through the process. I posted more tips here after I passed the exam.

I wish you much luck with your CRISC journey!