Certified: The CISM Audio Course

Domain 4 begins here. This episode walks you through how to design a comprehensive incident response plan—from defining roles and escalation paths to documenting procedures for detection, containment,...

6 Jul 202519min

Strong security programs communicate effectively. In this episode, we explain how to report program performance, risks, and control status to senior leaders, stakeholders, and technical staff. You’ll ...

6 Jul 202519min

Once a vendor is onboarded, the work doesn’t stop. This episode covers how to include security clauses in contracts, define SLAs, and monitor vendor compliance over time. We also address continuous as...

6 Jul 202520min

Third-party vendors can expand capabilities—or introduce serious risk. This episode explains how to evaluate vendors before selection by conducting security assessments, verifying compliance, and alig...

6 Jul 202519min

Security programs fail without user participation. This episode explores how to build training and awareness initiatives that promote secure behavior and reinforce governance. You’ll learn how to desi...

6 Jul 202518min

Testing controls is how you validate effectiveness—and it’s a must-know area for the exam. In this episode, we walk through test design, performance validation, and how to evaluate controls in both te...

6 Jul 202518min

CISM candidates must know how to implement controls—not just select them. This episode covers how to plan, deploy, and integrate security controls across the enterprise. You’ll also learn about common...

6 Jul 202518min

Controls are at the heart of any security program. This episode shows you how to choose the right controls based on risk assessments, business impact, and regulatory requirements. We also explain how ...

6 Jul 202517min