Certified: The CISM Audio Course

Containment is a critical phase in incident response—and a highly tested concept in Domain 4. This episode covers the strategies and decision points for containing incidents, from isolating affected …

You don’t have to be a forensic analyst—but you do need to understand the basics. This episode explains how evidence is collected, preserved, and documented during an incident. We also explore the ch…

CISM candidates must understand how to manage an incident investigation. This episode covers how to gather evidence, document timelines, identify root causes, and follow structured investigative meth…

Tools can streamline detection, coordination, and resolution during incidents. In this episode, we explore common technologies used in incident management, from SIEM platforms to communication system…

Your incident response plan is only as strong as your ability to execute it. This episode covers how to train staff, conduct simulations, and evaluate performance to ensure your organization is prepa…

Classifying incidents accurately enables proper response. In this episode, we discuss how to build an incident classification system based on impact, type, and severity—key for escalation and priorit…

A DRP must be tested, maintained, and improved over time to remain effective. This episode explains how to schedule recovery tests, evaluate outcomes, and implement improvements based on performance …

Disaster recovery planning ensures technology and data availability during a crisis. In this episode, we break down how to design and document a DRP that complements your BCP and incident response pl…

Business continuity is broader than disaster recovery—and the CISM exam knows it. This episode explains how to build a BCP that supports organizational resilience, continuity of operations, and stake…

CISM Domain 4 expects you to know how to conduct a business impact analysis. In this episode, we walk through how to identify critical functions, assess downtime impacts, and define recovery objectiv…

An outdated incident response plan is a liability. This episode teaches you how to maintain IR documentation over time, incorporate lessons learned, and update plans to reflect changes in business st…

Domain 4 begins here. This episode walks you through how to design a comprehensive incident response plan—from defining roles and escalation paths to documenting procedures for detection, containment…

Strong security programs communicate effectively. In this episode, we explain how to report program performance, risks, and control status to senior leaders, stakeholders, and technical staff. You’ll…

Once a vendor is onboarded, the work doesn’t stop. This episode covers how to include security clauses in contracts, define SLAs, and monitor vendor compliance over time. We also address continuous a…

Third-party vendors can expand capabilities—or introduce serious risk. This episode explains how to evaluate vendors before selection by conducting security assessments, verifying compliance, and ali…

Security programs fail without user participation. This episode explores how to build training and awareness initiatives that promote secure behavior and reinforce governance. You’ll learn how to des…

Testing controls is how you validate effectiveness—and it’s a must-know area for the exam. In this episode, we walk through test design, performance validation, and how to evaluate controls in both t…

CISM candidates must know how to implement controls—not just select them. This episode covers how to plan, deploy, and integrate security controls across the enterprise. You’ll also learn about commo…

Controls are at the heart of any security program. This episode shows you how to choose the right controls based on risk assessments, business impact, and regulatory requirements. We also explain how…

If you can’t measure it, you can’t manage it. In this episode, we cover how to create meaningful metrics for tracking the effectiveness of your security program. You’ll learn how to align metrics wit…