Академический Документы
Профессиональный Документы
Культура Документы
IntrotoCGEITExamPrep
March23,2010
BillPankey
Bill
P k
TunitasGroup
TodaysAgenda
Introductions
Aboutme
About me
Aboutyou
WhoisaCGEIT?
AbouttheQualifyingCGEITExam
Subjective&Objective
TestItems
CGEITExamPrepCourse
WeeklyLectures
Readings
PracticeQuizzes
SampleTest
ClassWiki
CPE
Copyright2010TunitasGroup. Allrightsreserved.Thispresentationmaterialmaybeusedsolelyby
participantsinSFISACAs2010CGEITPreparationClass. Nootheruseispermittedwithoutexpresswritten
authorization.
CGEITEXAMPREP#1
AboutMe
IamaCGEIT
June2009CGEITExam
Top5%score(?)
Bestdomains(600+):alignment,riskmanagement,performance
Best domains (600+) : alignment risk management performance
measurement
Worstdomains(~450):valuedelivery,resourcemanagement
Backgroundassoftwareapplicationsstrategist&developer
alignment
Backgroundassecurityarchitect,engineer,auditor
riskmanagement
Academicbackgroundinmathematicalstatistics,abstract&
appliedmeasurementtheory
li d
t th
performancemeasurement
X MBAorexecutivemanagementexperience
valuedelivery,resourcemanagement
PartneratTunitasGroup,anITriskmanagementconsultingfirm
strongfocusintheUShealthsector
AboutYou
Varietyofcredentials
50%
25%
0%
CISA
CISM
CISSP
PMP
ITIL
COBIT
MBA
Series1
Copyright2010TunitasGroup. Allrightsreserved.Thispresentationmaterialmaybeusedsolelyby
participantsinSFISACAs2010CGEITPreparationClass. Nootheruseispermittedwithoutexpresswritten
authorization.
CGEITEXAMPREP#1
AboutYou
Varyingperceivedstrengths
Value
50
%WEAK
Measurement
Alignment
Resource
Frameworks
Ri k
Risk
%STRONG
50
WhoisaCGEIT?
A professionaloccupyingasignificantmanagement[executive],
advisory[consultant],orassurance[audit]rolerelatingtothe
governanceofIT.
Providessignificant supporttoBoardofDirectors
and/orexecutivemanagement
LeadsinestablishingITinfrastructure&process
FocusontheoversightofITmanagement,notIT
managementperse
t
E.g.,controloverchangemanagementprocessvs.management
ofchanges
Experienceinestablishing\ maintaininganIT
governanceframework
Copyright2010TunitasGroup. Allrightsreserved.Thispresentationmaterialmaybeusedsolelyby
participantsinSFISACAs2010CGEITPreparationClass. Nootheruseispermittedwithoutexpresswritten
authorization.
CGEITEXAMPREP#1
WhoisaCGEIT>ExamPrepStrategy
DevelopandmaintainaCGEITPerspectiveofthetask
areas and study materials in particular how various
areasandstudymaterials,inparticular,howvarious
knowledge|results|outputs>
1. arerelevanttoexecutiveand/orboarddecisions
2. organize,controlormonitorITprocesses
3. impactperformanceofthebusiness
Createvalue(financialandotherwise)
Reduceextraordinarylosses,writeoffs,penalties,claims,
etc
AbouttheExam
TestItems
Reactions
Results
LessonsLearned
MoreResults
StudyRecommendations
Copyright2010TunitasGroup. Allrightsreserved.Thispresentationmaterialmaybeusedsolelyby
participantsinSFISACAs2010CGEITPreparationClass. Nootheruseispermittedwithoutexpresswritten
authorization.
CGEITEXAMPREP#1
AbouttheCGEITExam
120Questions|4hours(!)
seems like massive amount of time; but some use it all
seemslikemassiveamountoftime;butsomeuseitall
ISO17024certificationofCGEITcredential(future)
requirementtocriterionvsnormreferenceofscoring
scoreagainstanobjectiveratherthanrelativestandardof
competence
10
AbouttheCGEITExam
Examtestsjudgment aboutCGEITrelatedtasks
DoesNotrequirerecitationoffactsinCGEITbasic
D
N t
i
it ti
f f t i CGEIT b i
references
Cannotbeansweredthoughsimplerecitationof
facts
Somequestionsdonotgiveenoughinformation
todeterminetheanswer
requiresuseofcandidatesknowledge&experienceto
answerintermsofmostprobable scenario
Nuanceandsubtlety
Copyright2010TunitasGroup. Allrightsreserved.Thispresentationmaterialmaybeusedsolelyby
participantsinSFISACAs2010CGEITPreparationClass. Nootheruseispermittedwithoutexpresswritten
authorization.
CGEITEXAMPREP#1
11
AbouttheCGEITExam:QuestionFormats
2questionformats:
1.Simpleconcept&keyword
Testknowledgeofbest|goodpractice
2.CompanyITscenariofollowedbyseveral
questionsregardingbestcourseofactionin
that scenario
thatscenario
Testjudgmentregardingapplicationofbestpractice
tonovelsituation
12
SampleConcept&KeywordQuestion*
12
TheMOST effectivewaytoimplementIT
governance in an enterprise is through the use of a:
governanceinanenterpriseisthroughtheuseofa:
A.
businesscase.
B.
ITbalancedscorecard.
C.
phasedlifecycle.
D.
setofITperformancemetrics.
*FromCGEITStudyGuide
Copyright2010TunitasGroup. Allrightsreserved.Thispresentationmaterialmaybeusedsolelyby
participantsinSFISACAs2010CGEITPreparationClass. Nootheruseispermittedwithoutexpresswritten
authorization.
CGEITEXAMPREP#1
13
SampleScenarioQuestion
Toenhanceitsconsumerorientedecommercebusiness,
Company A acquires a small (15 person) web development
CompanyAacquiresasmall(15person)webdevelopment
company.Toacceleratethereturnonthisinvestment,the
companyshould:
A. Keepthewebcompanyintactasawhollyownedsubsidiary
withitsownP&Lreporting
B. Keepthewebcompanydevelopmentteamsintact,its
leadersreportingtotheCTOorVPapplications
C. Assignthewebcompanydeveloperstoexistingdevelopment
teamswithinCompanyA
D. Organizethewebcompanyasanewbusinessunitreporting
totheCIO.AssignCompanyAresourcestoitasrequired.
14
AbouttheCGEITExam:ISACA
FromISACAexamcommittee:
Claim:CGEITexamhassamelevelofreliability&
validityasdootherISACAexams
ISACAwillnotreleaseactualpsychometricmeasures
Skepticismaboutthisresult
Smallitembank(~500items)
DiscounttheCGEITbasicreferences
Itemresponsesareonlygenerally boundtobasic
references(i.e.page#andtext)
Copyright2010TunitasGroup. Allrightsreserved.Thispresentationmaterialmaybeusedsolelyby
participantsinSFISACAs2010CGEITPreparationClass. Nootheruseispermittedwithoutexpresswritten
authorization.
CGEITEXAMPREP#1
15
AbouttheCGEITExam:PostTestReactions
Aftertakingexam,andbeforenoticeofresults:
June2009candidates,reportsurprise
Examwastooeasy|guardedoptimism|everyonewillpass
DisappointmentthatdetailedknowledgeofISACAtools&
frameworks(e.g.,COBIT,VALIT)wasnottested
ParticipantsinFall2009CGEITPrepCoursereport
16
AbouttheCGEITExam:Reality
~50%Fail
Copyright2010TunitasGroup. Allrightsreserved.Thispresentationmaterialmaybeusedsolelyby
participantsinSFISACAs2010CGEITPreparationClass. Nootheruseispermittedwithoutexpresswritten
authorization.
CGEITEXAMPREP#1
AbouttheCGEITExam:
ScoreDistribution*:ScaledTotalTestScores**
17
Fail Pass
Fail
Pass
25%
<300
300 350
350 400
400 450
450 500
500 550
550 600
600 650
650700
>700
MedianScore:432
70%Percentile:476
90%Percentile:524
Average:438
*SurveyofJune09&Dec09candidates
**WeightedAverageofDomainScores
18
AbouttheCGEITExam:PostResultReactions
Somecomments:
IIdidn
didn'ttpass.I
pass I'm
mjustcan
just can'ttbelieveit.ThisisthefirstexamI
believe it This is the first exam I've
veevernot
ever not
passed.
Manyquestionsseemedstraightforwardhoweveritwasnotthecase.
[Exam]isunpredictableandgivesthesenseofmereluckinpassingthe
exam[rather]thanobtaininganddemonstratingrealknowledgeno
boundaries,questionsaremisleadingwithmore[than]oneclose
answer...
Examisverypracticeoriented...
Exam is very practice oriented
Overall,Ithinkthelessontobelearnedisthatgovernanceis
notanexactbodyofknowledge,itisacombinationof
practicalsenseandexperienceinthefield.Studywell,but
trustyourinstincts.
Copyright2010TunitasGroup. Allrightsreserved.Thispresentationmaterialmaybeusedsolelyby
participantsinSFISACAs2010CGEITPreparationClass. Nootheruseispermittedwithoutexpresswritten
authorization.
CGEITEXAMPREP#1
10
19
CandidateReaction>ExamPrepStrategy
FocusontherealworldpracticeofITgovernance
Askthewhatandhowlikestudyquestions
Whatistheproblembeingsolved?
Howdoesoneknowthatthereisaproblem?
Whatarethebarrierstosolvingtheproblem?
Whowillsolvetheproblem?
Howwilltheproblembesolved?
Howwilloneknowthattheproblemhasbeensolved?
AvoidastudyoffactsaboutITgovernance
20
AbouttheCGEITExam:DomainScores
Pas s
Rate*
median
90th %
70th %
25th %
average
Frameworks
459
595
561
390
463
59%
StrategicAlignment
334
567
451
276
379
38%
ValueDelivery
429
491
429
305
397
26%
RiskManagement
485
660
533
440
492
53%
ResourceManagement
g
Performance
Measurement
501
648
536
354
480
65%
376
517
446
305
394
26%
*%ofcandidatesscoringabove450,theminimumcompetencylevel
Copyright2010TunitasGroup. Allrightsreserved.Thispresentationmaterialmaybeusedsolelyby
participantsinSFISACAs2010CGEITPreparationClass. Nootheruseispermittedwithoutexpresswritten
authorization.
CGEITEXAMPREP#1
11
21
AbouttheCGEITExam:
DomainScores*:StrategicAlignment
25%
<300
300 350
350 400
400 450
450 500
500 550
550 600
600 650
650700
>700
MedianScore:334
70%Percentile:451
90%Percentile:567
Average:379
*SurveyofJune09&Dec09candidates
22
AbouttheCGEITExam:
DomainScores*:ValueDelivery
25%
<300
300 350
350 400
400 450
450 500
500 550
550 600
600 650
650700
>700
MedianScore:429
70%Percentile:429
90%Percentile:491
Average:397
*SurveyofJune09&Dec09candidates
Copyright2010TunitasGroup. Allrightsreserved.Thispresentationmaterialmaybeusedsolelyby
participantsinSFISACAs2010CGEITPreparationClass. Nootheruseispermittedwithoutexpresswritten
authorization.
CGEITEXAMPREP#1
12
23
AbouttheCGEITExam:
DomainScores*:PerformanceMeasurement
25%
<300
300 350
350 400
400 450
450 500
500 550
550 600
600 650
650700
>700
MedianScore:376
70%Percentile:446
90%Percentile:519
Average:394
*SurveyofJune09&Dec09candidates
24
AbouttheCGEITExam:
WholePartCorrelations
Fram
meworks
Aliggnment
Value
Delivery
Risk
Manaagement
R
Resource
Manaagement
Perfo
ormance
Measu
urement
Correlation
w/TotalTest
Score
.71
.66
.81
.28
.55
.43
Domain
Weight
25%
15%
15%
20%
13%
12%
Pass rate|
domainscore
>450*
.82
.9
1.
.66
.5
.66
* Estimatedconditionalprobabilityofpassingtheexam,givenatleast
minimalcompetencyinthespecifieddomain
Copyright2010TunitasGroup. Allrightsreserved.Thispresentationmaterialmaybeusedsolelyby
participantsinSFISACAs2010CGEITPreparationClass. Nootheruseispermittedwithoutexpresswritten
authorization.
CGEITEXAMPREP#1
13
25
ExamPrepStudyStrategy
Focusonareasofweakness
1. Strategicalignment
ContextforbusinessvalueofIT
2. ValueDelivery
BusinessvalueofIT
ManagementofITsbusinessvalue
3. PerformanceMeasurement
MeasurementofITsbusinessvalue
Reviewcompetenciesinremainingareas
RiskManagement
Resourcemanagement
Frameworks
Practiceexamstrategyandskills
26
AboutCGEITExamPrep
Webinars
ReadingMaterial
SampleTestItems
Wiki
CPE
PracticeExam
Copyright2010TunitasGroup. Allrightsreserved.Thispresentationmaterialmaybeusedsolelyby
participantsinSFISACAs2010CGEITPreparationClass. Nootheruseispermittedwithoutexpresswritten
authorization.
CGEITEXAMPREP#1
14
27
WeeklyClassLectures
Weekly(Tuesday)webinarsfocusedonsingle
topics
6:308:00PMPDT(GMT7)
Webinarcomponent:
http://tinyurl.com/cgeitPrep
or http://dimdim.dimdim.com/bpankey
Dialin:
Di l i
16417153635withPasscode:675176#
28
WebinarDownloadSite
Copyright2010TunitasGroup. Allrightsreserved.Thispresentationmaterialmaybeusedsolelyby
participantsinSFISACAs2010CGEITPreparationClass. Nootheruseispermittedwithoutexpresswritten
authorization.
CGEITEXAMPREP#1
15
29
StudyMaterials:Reading
1. ExamCommitteediscountstheCGEITbasicreferences
BoardBriefingonITGovernance:tediousbutessential
COBIT|VAlIT|RISKIT:Readoverviews,detailsnonessential
GovernanceintheExtendedEnterprise:interesting|nonessential
FrameworksforITManagement:interestingbutnonessential
2. BooksrelatedtoITgovernance
http://www.amazon.com/CGEITEXAM
PREP/lm/R3E4TNHMDEML4S/ref=cm_lm_byauthor_title_full
Note: I have no financial interest w/ Ama on.com
Note:Ihavenofinancialinterestw/Amazon.com
3. TradeJournals
ISACAJournal
CIOJournal
4.
CGEITStudyGuide
Havenotreviewed|Norecommendation
30
StudyMaterials:ISACAJournal
Copyright2010TunitasGroup. Allrightsreserved.Thispresentationmaterialmaybeusedsolelyby
participantsinSFISACAs2010CGEITPreparationClass. Nootheruseispermittedwithoutexpresswritten
authorization.
CGEITEXAMPREP#1
16
31
32
PracticeTestItems
PracticetestitemsdevelopedforSpring|Fall2009
CGEITPrep
concepts&keywords
p
y
Scenario
Availableonlinethroughvarioussurveyengines
http://www.tunitas.com/cgeit/CGEITResources_Fall2009.htm
Copyright2010TunitasGroup. Allrightsreserved.Thispresentationmaterialmaybeusedsolelyby
participantsinSFISACAs2010CGEITPreparationClass. Nootheruseispermittedwithoutexpresswritten
authorization.
CGEITEXAMPREP#1
17
33
Concepts&Keywords
testitems
Surveygizmoandword
documentformats
Questionsareprobably
moreobvious* thatwhatis
ontheexam
*Obvious doesnotmean
easier
34
ScenarioTypeQuestions
FromFall2009CGEITPrep
Week# PracticeTestItems
MicroPoll.com
compareyourresponsew/
compare your response w/
thoseofothercandidates
BPankeyresponseselectionand
rationalearecontainedinthe
correspondingweeks
PowerPoint
Thesetestscenariosmaybe
moredifficult/nuancedthat
thoseontheactualexam.
Copyright2010TunitasGroup. Allrightsreserved.Thispresentationmaterialmaybeusedsolelyby
participantsinSFISACAs2010CGEITPreparationClass. Nootheruseispermittedwithoutexpresswritten
authorization.
CGEITEXAMPREP#1
18
35
ClassWiki
Allpersonsonclasslistregisteredasmembers/
permittedtosubmititems
itt d t
b it it
Testitemdiscussions
Axiomsofgoodgovernance
http://cgeitexamprep wikispaces com
http://cgeitexamprep.wikispaces.com
CPE
36
Uponrequest,will
provideCPEcertificates
forcandidatesforwhom
Icanverifyattendance.
Webinarlogin&/or
dialincalllogs
1.5CPEpersession
ITgovernance
IT
domainforCISA
???forothers
Makerequestatendof
course
Copyright2010TunitasGroup. Allrightsreserved.Thispresentationmaterialmaybeusedsolelyby
participantsinSFISACAs2010CGEITPreparationClass. Nootheruseispermittedwithoutexpresswritten
authorization.
CGEITEXAMPREP#1
19
37
PracticeTest
~May25:60itempracticetest
1. Takeundertestconditions(2hours|paper&
pencil|noreferencematerial)
2. ScoringsheetavailableJune1
38
FinalQuestions
NextSession:
OverviewofITGovernance
Copyright2010TunitasGroup. Allrightsreserved.Thispresentationmaterialmaybeusedsolelyby
participantsinSFISACAs2010CGEITPreparationClass. Nootheruseispermittedwithoutexpresswritten
authorization.