All Episodes

Welcome to the ISACA CISM

Episode 71: Continuous Improvement through Post-Incident Reviews and Risk Reassessment

Episode 70: Supervising Risk Treatment and Continuous Monitoring

Episode 69: Supervising Risk Identification and Assessment

Episode 68: Managing and Monitoring Security Compliance with External Parties

Episode 67: Integrating Security Requirements into Organizational Processes

Episode 66: Aligning Security Programs with Operational Business Objectives

Episode 65: Evaluating and Reporting Information Security Metrics

Episode 64: Compiling and Presenting Effective Security Reports

Episode 63: Defining and Communicating Security Roles and Responsibilities

Episode 62: Gaining Senior Leadership Commitment and Stakeholder Support

Episode 61: Communicating the Business Case and Gaining Stakeholder Buy-In

Episode 60: Building Effective Security Budgets and ROI Analysis

Episode 59: Integrating Information Security into Corporate Governance

Episode 58: Implementing Information Security Governance Frameworks

Episode 57: Establishing Information Security Strategy Aligned with Organizational Goals

Episode 56: Identifying Internal and External Influences on Security Strategy

Episode 55: Conducting Meaningful Post-Incident Reviews

Episode 54: Techniques for Secure Recovery and Restoration

Episode 53: Techniques for Incident Eradication

Episode 52: Incident Response Communications: Reporting, Notification, and Escalation

Episode 51: Effective Incident Containment Methods

Episode 50: Digital Forensics and Evidence Collection Basics

Episode 49: Incident Investigation Methodologies

Episode 48: Incident Management Tools and Techniques

Episode 47: Training, Testing, and Evaluating Your Incident Management Capabilities

Episode 46: Incident Classification and Categorization Methods

Episode 45: Testing, Maintenance, and Improvement of Your DRP

Episode 44: Designing Your Disaster Recovery Plan (DRP)

Episode 43: Building Your Business Continuity Plan (BCP)

Episode 42: Conducting Business Impact Analysis (BIA

Episode 41: Maintaining and Updating Your Incident Response Plan

Episode 40: Designing and Documenting the Incident Response Plan

Episode 39: Communications and Reporting for the Information Security Program

Episode 38: Contractual Security Requirements and Ongoing Vendor Monitoring

Episode 37: Vendor Risk Assessment and Selection

Episode 36: Developing Engaging Information Security Awareness and Training Programs

Episode 35: Techniques for Information Security Control Testing and Evaluation

Episode 34: Implementing and Integrating Information Security Controls

Episode 33: Designing and Selecting Effective Information Security Controls

Episode 32: Developing and Using Information Security Program Metrics

Episode 31: Writing Actionable Procedures and Guidelines

Episode 30: Developing Effective Security Policies

Episode 29: Applying Industry Standards and Frameworks to Your Security Program

Episode 28: Information Asset Identification and Classification Fundamentals

Episode 27: Selecting and Implementing Security Tools and Technologies

Episode 26: Staffing and Managing Security Teams

Episode 25: Best Practices in Risk Monitoring and Reporting

Episode 24: Establishing Risk and Control Ownership

Episode 23: Risk Transfer and Avoidance Strategies

Episode 22: Risk Mitigation and Acceptance Strategies

Episode 21: Conducting Effective Risk Analysis Workshops

Episode 20: Quantitative vs. Qualitative Risk Assessment

Episode 19: Conducting Vulnerability and Control Deficiency Analysis

Episode 18: Identifying and Managing Emerging Risks (AI, Quantum, IoT)

Episode 17: Current Cyber Threat Landscape

Episode 16: Strategic Planning Essentials – Budgets, Resources, and the Business Case

Episode 15: Deep Dive into NIST Cybersecurity Framework (CSF)

Episode 14: Deep Dive into ISO 27001 and ISO 27002

Episode 13: Deep Dive into COBIT Framework

Episode 12: Overview of Major Governance Frameworks (COBIT, ISO, NIST)

Episode 11: Developing an Effective Information Security Strategy

Episode 10: Organizational Structures, Roles, and Responsibilities in Security Governance

Episode 9: Contractual Requirements and Security Agreements

Episode 8: Legal and Regulatory Compliance Essentials

Episode 7: Organizational Culture and Its Impact on Security

Episode 6: Test-Taking Strategies and Exam-Day Tips for Success

Episode 5: Building a Personalized CISM Study Plan

Episode 4: Essential Skills and Experience for CISM Candidates

Episode 3: CISM vs. CISSP vs. CRISC – Choosing Your Certification Path

Episode 2: Understanding the Exam – Domains, Structure, and Study Strategies

Episode 1: Welcome to the CISM Certification – Overview and Benefits