Looking forward to posting this for some time ;-)

Provisional of course it’s been only 5 days

Finished in just under 120mins.

Background: 36yrs experience in IT, heavy shift to security advisory help for SMB in the last 6-10 years.

I started with CISM, got crazy bored, moved to CISSP and finished that 2 weeks ago (https://www.reddit.com/r/cissp/comments/1596ffe/cissp_passed_131q/). Decided to swing by to CISM to rock that out. Lots of overlap and very little material that was unique to CISM honestly.

Thorteaches was my primary method - from Udemy purchased the whole series and all the sample tests. I bought the book but I’m just not the sit down and read something kind of guy. Also bought the Bradyon Budde test bank, which was horrible and full of errors so I aborted. The thorteaches questions were my only test valid test bank and it was limited - 160 Qs total. Solid, but limited.

Note: any test bank is going to have some stupid and or wrong questions. Don’t assume it is always right, but so realize more often than not I will be. REALLY found this out with the second test bank. Once I figured out how to leave feedback I will, as the questions need scrubbing and the answer descriptions REALLY need flushing out.

Listened to the videos on 200% as I battled traffic, was a great distraction! Since it was almost identical to CISSP this went fast.

Ran through the test sets, easiest to hardest, and everything I would get wrong I would go google answers although thor had great materials on his website specific to 80% of what I was looking up. Very clear and concise language.

I created a notepad document where I would log all the things I was struggling to absorb and then I would google content, drop it there, and then re read it a few times over time to get it down. Used my CISSP notes and added to them. COBIT5 was something I focused on really knowing (created by ISACA who does CISM so.... logic says... )

Thor has some videos on test taking skills and study skills, very useful

My tips to future candidates

• understand the hierarchy of things and the core principles is key (CIA, IAAA, PASTA, STRIDE, etc)
• if you read a question and don’t immediately see the 1-2 wrong answers, they’ll you didn’t read the question! Try again.
• you have to break the question doing looking for keywords such as WHO are they talking about, is it MOST or LEAST. Look for double negatives, they are tricky
• think like a manager, not a tech
• assume perfect organization of your dreams, not they places you’ve worked
• during test if you cannot identify the 2 wrong answers and then understand the principal under the 2 left (one might be about integrity the other about availability) then pick one and move on. You will not magically know this after you’ve burned 10min on a single question. Your test is 150q and that’s not a ton of time per question!

I took about 15 months of on and off working on studying. Since I’ve been doing a lot of the stuff in 6 of 8 domains, I think it made the process easier.

Glad it’s done, good luck to all still on their journey

Any questions happy to answer