I’m excited to share my CISA study progress!
[Two weeks ago] I went through Domain 1: the process of auditing information system.
This is pretty much a revisit of general audit concepts, such as the definition on various risks, the role of internal auditors, the IS audit life cycle, and various productivity tools to facilitate the IS audit.
In CISA SuperReview, Domain 1 is divided into three chapters:
- The macro view (30 minutes)
- IS audit life cycle I (50 minutes)
- IS audit life cycle II+ (25 minutes)
Lesson 1: the Macro View
As mentioned in the last post, Allen always asks us to go through the pre-assessment questions so we have an idea how much we know about the topic. I also find it really helpful to brush up some of the concepts I know way back then when I took the CPA exam.
Chapter one touches on the macro view of audit, such as audit roles, definition of control (inherent / audit / detection / control risks), audit planning, audit project life cycleand key audit project risk indicators.
There are 10 questions and surprisingly I only got 1 wrong. This is really encouraging!
I then sat back and watched 30 minutes of the audio-visual presentation. It’s actually much better than the typical powerpoint presentation — Allen would of course read out some of the notes, but right after that he talks about, in layman terms, how this applies to real life and give actual examples to make the concepts more tangible.
It is also not boring at all as I anticipated, which is very impressive given I am not that into IT audit (remember, I took the exam to show you how it works, not because I particularly find IT audit interesting).
After the presentation, I retook the 10 questions and got them all correct. Awesome feeling!
Lesson 2: IS Audit Life Cycle
With a great head start, I decided to move on to chapter two immediately after. This chapter on IS audit life cycle was much longer and detailed. It was all about audit planning, risk assessment, designing the audit program, gathering evidence, and performing compliance testing.
There were 40 questions and there were quite a few terms that I either didn’t recognize or got them confused. I ended up getting only 45% correct in the pre-assessment this time.
I knew this is a topic that I should pay close attention to, so I put on my earplug and fully concentrated. It was hard to do though, because the chapter was long, and that it was also getting late at night and I could feel my energy depleting rapidly. Anyway I hang on and managed to complete both the video and the post-assessment questions. I got only one wrong. Not bad.
Lesson 3: IS Audit Life Cycle II+
I started early next day on Chapter 3. Chapter 3 continues the discussion on the IS audit life cycle: the substantive testing, and forming conclusions and delivering an opinion. It also covers segregation of audit function, and productivity tools such as test data, ITF, parallel simulation and CAATs to test data integrity.
I got a 60% accuracy in the pre-assessment, showing that I have a better general idea on the audit life cycle now but still lots of concepts that I forgot or got mixed up.
It was a manageable 25-minute presentation, with lots of examples and explanation on how things work in real life.
At the end of each study unit, there is a final assessment in which the system feeds 99 random questions within the exam domain.
I’ve seen most of the questions in the previous exercises. It would have been better if there were new questions but I can see how Allen wants to pound the most important concepts in our head by feeding the same questions over and over. I ended up getting 88% (11 questions wrong). Not bad again, but I fail the 95% accuracy threshold meaning I have to redo the same set again. Hmm. I need a break — and use the break to write this blog as we speak 🙂
Another useful statistics is that I used 28 minutes to answer the 99 questions. It was much faster than what I’d have given in the actual exam, in which there are 150 questions in 4 hours. Having said that, this is not apple-to-apple because the final assessment questions are mostly repeated ones from the previous exercises.
How Much Studying Time did I Spend?
Just to give you an idea how much time I’ve spent so far, I studied for almost 2 hours last night, and 2 hours again this morning. Even though the total presentation length is 1 hour and 45 minutes, you actually need at least double the time to go through the pre- and post- assessment questions, the final assessment, and a break or two in between.
I also took the time this morning to check out the terms that weren’t as explained thoroughly in the course. Specially, I was confused by compliance vs substantive testing, and the definition of attribute sampling and continuous auditing. A simple googling and watching a helpful youtube video (on compliance vs substantive testing) is perfect to get things straightened out.
Until Next Week…