Gauging the CISA Exam Difficulty: How Hard is the CISA Exam?

CISA exam difficulty

How hard is the CISA exam? One of the most common questions we got is about how hard the CISA exam can be. This is obviously a subjective question but we will try to give you a helpful answer based on comparison with other qualifications, and comments from past takers. In this article, I’m going to break it down for you, piece by piece. I will show you all the elements of the CISA exam and difficulty levels, so that you have a better understanding of it before you begin.

CISA Exam Difficulty Level in Terms of Exam Content

Most readers tend to agree: the syllabus and exam content isn’t particularly tough. After all, it is a one-part exam with only 150 questions.

This certification requires 5 years of experience and therefore is not intended for those who just started out working. If you work in IT auditor for a couple of years, it is obviously easier than those who have no relevant experience.

How Hard is the CISA Exam?

How Many Questions Are on the CISA?

There are 150  questions on the CISA.

What is the Material Covered On CISA?

The material that is covered on CISA is all garnered from the five domains.

New CISA Syllabus in 2016

In August 2015, the new syllabus was announced, changing the weighting of the 5 domains:

 Domains Before After
1. The process of auditing information systems 14% 21%
2. Governance and management of IT 14% 16%
3. Information systems acquisition, development, and implementation 19% 18%
4. Information systems operations, maintenance and support 23% 20%
5. Protection of information assets 30% 25%

This is still the current weighting of the five domains that make up the syllabus in 2019.

Exam Difficulty Based on Question Style

The exam content is manageable, but the question style is not for many candidates. Possibly because of the nature of the profession, the phrasing and wording of the questions are pretty hard to comprehend, even for existing IT auditors. You do need to get familiar with ISACA terminologies to pass this exam.

Also, it is hard to know whether you got the answers correctly. Most seem to be able to narrow down the answers to 2 out of the 4, but after that it is all educated guess.

CISA Exam Difficulty when Compared to CISSP Exam

It isn’t entirely apple to apple, and opinions are split on this one. My conclusion is that the perceived difficulty is largely a result of one’s background. If one is an auditor, for example, CISA exam is easier; otherwise, if one is a computer science major, he may find CISSP easier.

In any case, if you have taken the CISSP exam before, your CISSP knowledge overlaps nicely with Domain 5 of the CISA exam which represents 30% of the scoring and indirectly for portions of domains 3 (19%) and 4 (23%).

Domains 1 (14%) and 2 (14%) are likely your biggest knowledge gap that you’ll need to fill. Those are also the areas where the “ISACAisms” will become fairly evident.

CISA vs CIA and Others

How hard is CISA when compared to CIA or to other similar exams in this industry?

CISA Exam Difficulty Conclusions

At the end of the day, it’s not the most complex exam out there, but it is comprehensive. Taking the time to study thoroughly and


For Your Further Reading

Please rate this

About the Author Stephanie

I am the author of How to Pass The CPA Exam (published by Wiley) and the publisher of this and several accounting professional exam prep sites.

follow me on: