Re: Audit Plan Steps

Helvetia

The latest CCSP study guide suggests that the "lessons learned" step should take place before the audit itself.

I don't understand how you can reflect on past experience and learn anything until after you complete the task. What am I missing please? Does anyone know?

I've tried researching this question online, and every source I have found seems to think that lessons are learned at the end (which matches my intuition).

The practices questions also reaffirm the belief the the "lessons learned" step comes after defining the scope (third step).

What should I do for the exam? Provide the answer I believe to be true? Or deliberately provide what I consider to be a wrong answer in order to pass the exam?

Any advice would be much appreciated.

dcontesti

I have always understood "lessons learned" to be last,

I might suggest that you submit an Errata to (ISC)2. By submitting the errata, you would be asking them to review the materials and hopefully they come back with an answer on their logic.

@CBMExamTeam I know that your team does not develop the training material but am not sure who else to tag on this one.

The exam is not intended to trick people, so I would answer the question with what I believed to be the correct answer.

MHOO

d

Helvetia

The obvious question is which answer ISC2 has decided to use for the exam.

Since we all invest very significant time, effort and money in these exams, I think they owe it to us to make sure we have a clear means of communicating any concerns. Especially, as we will never be told which questions we answered right or wrong. So, it's not completely inconceivable that someone might fail the exam based on erroneous information, unless issues were addressed in a timely manner.

dcontesti

Again, I suggest you submit an errata to them. There is little to nothing that we on the Community can do, except to agree with you that the trainings should reflect reality.

Please reach out to the organization (https://isc2.org/contact-us)

d

denbesten

Exam questions and educational materials are developed by two separate groups of people. These two groups are not permitted to collaborate, so it is unlikely you will see the exact same question/answer both places.

It is also helpful to know how exam development works. There is a concept of a "good question". Good questions are ones that tend to be answered correctly by those who pass an exam and incorrectly by those who fail. ISC2 strives to only have good questions on the exams.

New questions are added to the exam as unscored questions -- that is, they are worth zero points. Your score will not change (up or down) regardless of what answer you chose. After the new question has proven itself good, it enters the question bank as a scored question. If bad, it will either be sent back for rework or it will be discarded. Even after a question has been added to the bank, the question itself continues to be graded and will be pulled if it somehow starts to become bad.

Since many people have taken the test before you, the questions have all been tested for "goodness" many times. You are extremely unlikely to encounter a bad question. If you do, odds are that it is one of the new ("unscored") questions, so no need to worry.

My one piece of advise here is to strive to do better than the minimum. If you truly know your stuff and have prepared yourself well, you should be clearing the bar by enough that a bad question or two does not matter.

ericgeater

The latest CCSP study guide

...published by whom? There's a lot of authors, a lot of books, a lot of ISBNs. Please tell us where to look first.

-----------
A claim is as good as its veracity.

Helvetia

Published, by ISC2. As far as I know, you only get access if you purchase a course. I don't see any author or an ISBN either.
"CCSP Official ISC2 Textbook" (5th edition from 2023)
Page 53, Figure 6.11: Audit Plan (and following section)