Immediately after earning my CompTIA Security+ certification, I started studying for ISC2 CISSP but I quickly realized I was not ready for the task. I spent the next few days researching the next best option. I got on Reddit and followed a lot of topics and ran across ISACA Certified Information System Manager. From there I did a lot of research on the CISM Exam and saw that this would be a better fit for me.
I am not saying the CISM exam is simple because trust me, within the first three questions I was seriously doubting myself. I did a lot of research in terms of business value and I knew this is where I wanted to be.
Here is a breakdown of my study plan:
1) I watched Kelly Handerhan’s CISSP videos on Cybrary. This was an awesome guide.
2) ISC2 Official Study Guide. I read this until about Chapter 8. This was my breaking point.
3) Downloaded Pocket Prep CISM App. Very valuable for studying on the go.
4) Purchased the CISM AIO Guide. Could not get past Chapter 2.
5) Purchased the ISACA online CISM QAE Database. This right here was the money maker. I drilled into these in 30 question practice sessions until I was getting about 80% on test readiness. I also read why my answers were wrong. Then finally took a practice exams until I consistently scored 90%.
My total study time was about 6 months and only because I had to PCS to South Korea. I scheduled my exam in Seoul, South Korea, and battled hectic traffic the morning of my exam. Honestly, I felt like Mad Max that morning. I did pass with a 504 of 800. Disappointed, but will get better with more experience. I highly recommend reading your books in addition to practice questions.