Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
DWayland
Newcomer II
‎07-06-2021 02:14 PM
‎07-06-2021 02:14 PM

ISSMP Passed - Study Sharing

Disclaimer: I will not violate the ISC2 NDA. Do not email or contact me regarding specific questions related to the content of the exam. 

 

I passed the exam (June 2021) and received my endorsement!

The exam definitely follows the ISC2 approach of ensuring you have full understanding of the underlying topics. The questions test your ability to apply your core understanding and I do not believe there is a way to study for the questions. Rather, you must truly understand the material at a core level.

I've recently passed both the CISM and CRISC, so I was feeling well prepared for the ISSMP. This exam was definitely typical of ISC2 and I firmly believed I had failed until I got the printout with "Congratulations!" on the first line.

 

Study Plan

The following is how I approached studying for the test:

  • Read the ISACA CISM CRM (Certification Reference Manual) - Good foundational information
  • Utilized the ISACA CISM QA&E (Questions Answers & Explanations) - Essential!
  • Read the ISACA CRISC CRM - Foundational and focused specifically on Risk
  • Utilized the ISACA CRISC QA&E - Helpful
  • Read the Official (ISC)2 Guide to the ISSMP CBK - 2nd Edition (I just reviewed the material and focused on the areas that the CISM had not covered)
  • Read all online documents identified in the ISC2 CBK Suggested References for the ISSMP (I did not purchase any books other than the ISSAP CBK)
  • Downloaded the ISC2 Exam Outline for the ISSMP, searched for, and read, references to each section (focusing on NIST documents)
  • Downloaded the ISC2 Flashcards and worked through the tests for each domain

Test Question Preparation

The ISACA CISM QA&E is essential, in my opinion.

 

The questions are nothing like the test, but the questions ensure your understanding of the overall material.

 

You need to understand both the reason why an answer is wrong and why an answer is right. This will help hone your understanding of the topics.

 

Taking the Test

You must be focused and relaxed.

  • Read the question. Read the question again. Read the question a third time.
  • Read the possible answers.
  • Read the question again.
  • Select your answer.

Good Luck!

Reply
17 Replies
chrisresnik
Viewer
‎07-23-2021 02:29 AM
‎07-23-2021 02:29 AM

Congratulations!

 

I'm about to start preparing for the ISSMP exam and I'm looking around for study material....

Was "Official (ISC)2 Guide to the ISSMP CBK - 2nd Edition" any helpful? You mention it in the list.... the reviews on Amazon are terrible for this book though which is why I'm wondering if I should purchase this or not.

Unfortunately, the official online study preparation material provided by ISC is way too expensive.

 

Best regards

Chris

Reply
0 Kudos
RodneyCornelius
Newcomer I
‎07-23-2021 06:44 AM
‎07-23-2021 06:44 AM

Hi Chris,

An excellent question.

There really is no good way to prepare for this exam. Even more than the
CISSP, the ISSMP an experienced-based exam (imho). But hopefully this
feedback helps a bit.

I got the CBK book and read it, but I don't feel like it provided much
value. In fact, I am glad work paid for it instead of me (otherwise I would
have wanted my money back).

I think you're better off reading the exam content outline, identifying
which areas you feel unsure about, and then reading through the associated
material on the CBK reference list for the ISSMP (focus on the free NIST
and other documents). And also checking for content on YouTube, websites,
and other channels you trust.

You can also consider to download and use CISM prep apps. I think CISM
drastically expands on risk management categories and risk types compared
to ISSMP, but the high-level context is the same.

If you took your CISSP exam and passed it within the last three years, it
will serve you well (if not, brush up by getting a copy of something like
the 11th Hour CISSP and read the appropriate sections you feel weak on).
Helpful if you have a CCSP for a few questions, but absolutely not required.

We are probably not allowed to plug other communities, but If you have
Discord, join the Certification Station:
https://discord.gg/certstation

I found that channel to very helpful to me in studying for my CCSP and my
ISSMP.

The culmination of your IT experience has probably prepared your more for
this exam than you give it credit for. Speaking for myself, I went from
being nervous about the lack of material, to confident that so long as I
remember what (ISC)2 focuses on (code of ethics, good governance and risk
management, sound technical choices to maximise security benefit), that I
would probably pass the exam.

Sorry that I don't have a specific list of references to offer, but hope
that some of this was helpful.
Reply
chrisresnik
Viewer
‎07-24-2021 01:00 AM
‎07-24-2021 01:00 AM

Hi Rodney

Thanks for the reply, I really appreciate it.

Don't worry too much about the lack of a specific list of reference, your pointers are quite helpful.

I did pass the CISSP in 2019, followed up by CISM and CISA in 2020. I have finished the basic preparation for CRISC as well but there is an CRISC exam overhaul coming up soonish so I'll wait until that is out.

Overall I think that means I'm at least half-way there so I'll check the official exam outline and focus on the identified weaknesses.

(By the way, ISACA also insists on saying how much of an experience-based exam CISA is and yet I manged to pass the exam. CKAD/CKA/CKS exams are much harder because these are hands-on exam where time management is absolutely crucial)

Best regards

Chris

Reply
RodneyCornelius
Newcomer I
‎07-24-2021 11:10 AM
‎07-24-2021 11:10 AM

No worries, glad it was useful.

Given your certification history, you're more like >80% of the way there.

Good luck when you decide to take it - I am sure you'll knock it out of the
part 😊
Reply
0 Kudos
csjohnng
Community Champion
‎08-10-2021 08:42 AM
‎08-10-2021 08:42 AM

I recall I take CISM and ISSMP together.
I only look at CISM QAE for the CISM.
and look at one or two domain in the ISSMP which does not cover in the CISM and pretty much that's it for me.
John
Reply
0 Kudos
csjohnng
Community Champion
‎08-10-2021 08:44 AM
‎08-10-2021 08:44 AM

@DWayland 

Congrats and welcome to the club.

John
Reply
DWayland
Newcomer II
‎08-16-2021 12:12 PM
‎08-16-2021 12:12 PM

Thanks John.

 

This was definitely a roadmap goal, and it's nice to finally have it.

Reply
0 Kudos
Certifiable
Viewer II
‎08-12-2022 09:09 PM
‎08-12-2022 09:09 PM

Thank you for the write up. Helpful. Same boat, not a lot of good study material out there for the ISSMP.
Reply
0 Kudos