Disclaimer: I will not violate the ISC2 NDA. Do not email or contact me regarding specific questions related to the content of the exam.
I passed the exam (June 2021) and received my endorsement!
The exam definitely follows the ISC2 approach of ensuring you have full understanding of the underlying topics. The questions test your ability to apply your core understanding and I do not believe there is a way to study for the questions. Rather, you must truly understand the material at a core level.
I've recently passed both the CISM and CRISC, so I was feeling well prepared for the ISSMP. This exam was definitely typical of ISC2 and I firmly believed I had failed until I got the printout with "Congratulations!" on the first line.
The following is how I approached studying for the test:
Test Question Preparation
The ISACA CISM QA&E is essential, in my opinion.
The questions are nothing like the test, but the questions ensure your understanding of the overall material.
You need to understand both the reason why an answer is wrong and why an answer is right. This will help hone your understanding of the topics.
Taking the Test
You must be focused and relaxed.
Congrats on passing the ISSMP!
I had a question on your endorsement experience. I was wondering how long it took between the time you submitted the application for endorsement and when you got the approval email from (ISC)2?
Six weeks for an approval of ISSMP seems like a really long time when the process doesn't even require someone to endorse concentrations.
Just curious because I passed the exam just over a week ago, and trying to set my expectations appropriately.
Congrats again on passing the exam!
My ISSMP came through very quickly, even back when it was a paper based exam.
Congrats on passing the exam.
Mine finished in just under two weeks. I am happy that it didn't take 4-6 weeks.
However, as I wrote to (ISC)2, my main concern is that I think the process in antiquated and somewhat broken. (ISC)2 isn't unique in reviewing the scoring of tests using psychometrics. Indeed, AWS, Microsoft, and a host of others use this method to validate test results.
The problem comes in the endorsement process itself. (ISC)2 has several other options available to it rather than relying on the office staff. They could implement:
There are lots of ways to do this to cut down the time from weeks to days - (ISC)2 just needs to be interested enough in it to do something about it.
The credly/acclaim badges are also another area where it is difficult to understand the issue. Again, comparing (ISC)2 to my experience with companies who give technical exams, you go from "pass to badge" in about 48-72 hours. With (ISC)2 it can take up to another month from the date that endorse you. It's just really hard to understand what drives the difference. It'd be great to know what Microsoft and AWS have been to optimise so that some learning can be shared with (ISC)2.
I get this isn't the exact forum to discuss these things, but I really do think the endorsement process at (ISC)2 needs to be improved upon. I am not bought into the fact that a quicker and more efficient endorsement process is an insurmountable challenge.
Still not as long winded as CIISec.
It took an age to complete the application; all 40+ pages of narrative, then several weeks to arrange a face to face interview and then about 3 or 4 weeks to be notified I'd been accepted.
I have no issues with the endorsement process.
Once the certification is passed, to me, if it takes 2 weeks or 6 months, the certification is gained.
I would rather have a thorough vetting and I'm willing to wait as long as needed.
Now, with that, I definitely want to be able to post my accomplishment as soon as possible, but I understand why I have to wait.