All Episodes
Displaying 21 - 40 of 120 in total
Episode 20 — Establish Internal Policies That Are Clear, Enforceable, and Auditable
This episode teaches how to establish internal security policies that people can follow, leaders can enforce, and auditors can validate, which is central to ISSMP beca...
Episode 21 — Advocate for Policy Adoption and Secure Organization-Wide Commitment
This episode focuses on how an ISSMP-level security manager drives real policy adoption rather than producing documents that sit on a shelf, because the exam frequentl...
Episode 22 — Develop Procedures, Standards, Guidelines, and Baselines That Operate Together
This episode explains how procedures, standards, guidelines, and baselines complement policy and translate governance intent into repeatable operational behavior, whic...
Episode 23 — Evaluate Service Management Agreements for Risk, Cost, and Accountability
This episode teaches how to evaluate service management agreements through a security management lens, because ISSMP expects you to understand how operational services...
Episode 24 — Govern Managed Services and Cloud Services With Security Built In
This episode explains how to govern managed services and cloud services so security responsibilities are clear, measurable, and continuously enforced, a critical ISSMP...
Episode 25 — Manage Security Impact of Mergers, Acquisitions, Outsourcing, and Reorgs
This episode focuses on managing security during major organizational change—mergers, acquisitions, outsourcing, and reorganizations—because ISSMP tests your ability t...
Episode 26 — Embed Regulatory Compliance Requirements Into Contracts and Service Agreements
This episode teaches how to embed regulatory and compliance requirements into contracts and service agreements so obligations are enforceable, measurable, and evidence...
Episode 27 — Monitor and Enforce Contractual Security Commitments Without Creating Drag
This episode explains how an ISSMP-level security manager monitors and enforces contractual security commitments without creating unnecessary operational drag, because...
Episode 28 — Promote Security Programs to Stakeholders Using Their Language and Incentives
This episode teaches how to promote security programs to stakeholders by speaking their language and aligning to their incentives, which ISSMP emphasizes because progr...
Episode 29 — Identify Training Needs and Implement Programs by Role and Target Segment
This episode focuses on identifying training needs and implementing programs by role and target segment, because ISSMP tests whether you understand that effective trai...
Episode 30 — Monitor, Evaluate, and Report Training Effectiveness With Meaningful Evidence
This episode teaches how to monitor, evaluate, and report training effectiveness using evidence that supports governance decisions, because ISSMP expects leaders to pr...
Episode 31 — Identify KPI and KRI Metrics That Reflect Security Performance and Exposure
This episode explains how to select KPIs and KRIs that accurately reflect security performance and risk exposure, which is heavily tested in ISSMP because leadership d...
Episode 32 — Tie Security Metrics to Risk Posture and What Leadership Actually Cares About
This episode teaches how to connect security metrics to risk posture in a way that leaders can understand and act on, which ISSMP tests because security managers must ...
Episode 33 — Use Metrics to Drive Security Program and Operations Improvements That Last
This episode explains how to use metrics as a management tool to drive durable improvements in both security programs and security operations, which is central to ISSM...
Episode 34 — Prepare and Secure the Annual Security Budget Under Competing Priorities
This episode focuses on preparing and securing the annual security budget under competing priorities, a frequent ISSMP theme because program leaders must justify inves...
Episode 35 — Adjust Budget Requests as Risks and Threats Shift Mid-Year
This episode teaches how to adjust budget requests when risks and threats shift mid-year, which matters for ISSMP because effective security management requires adapti...
Episode 36 — Manage and Report Financial Responsibilities With Credibility and Clarity
This episode explains how an ISSMP-level security manager handles financial responsibilities and reporting with credibility, because exam questions often test whether ...
Episode 37 — Define Security Roles and Responsibilities Across Teams and Third Parties
This episode focuses on defining security roles and responsibilities across internal teams and third parties, which ISSMP tests because unclear accountability is a maj...
Episode 38 — Create Team Accountability That Works in Real Organizational Friction
This episode teaches how to create team accountability that holds up under real organizational friction, a core ISSMP skill because security programs fail when account...
Episode 39 — Build Cross-Functional Relationships That Keep Security Embedded and Trusted
This episode explains how to build cross-functional relationships that keep security embedded and trusted, which ISSMP emphasizes because influence and partnership are...