All Episodes
Displaying 61 - 71 of 71 in total
Episode 61: Communicating the Business Case and Gaining Stakeholder Buy-In
CISM leaders must champion security through influence, not just authority. In this episode, we cover how to build and communicate compelling business cases for securit...
Episode 62: Gaining Senior Leadership Commitment and Stakeholder Support
Security programs rise or fall on leadership support. This episode teaches you how to earn and sustain executive commitment, communicate risk in business terms, and al...
Episode 63: Defining and Communicating Security Roles and Responsibilities
Effective governance depends on clear roles and responsibilities. In this episode, we walk through how to assign, document, and communicate who owns what in your secur...
Episode 64: Compiling and Presenting Effective Security Reports
CISM candidates must know how to report program results and risk insights to both executives and operational teams. This episode explains how to compile relevant data,...
Episode 65: Evaluating and Reporting Information Security Metrics
Metrics turn performance into visibility. This episode shows you how to define, collect, and report information security metrics that support governance, justify decis...
Episode 66: Aligning Security Programs with Operational Business Objectives
Security must support the mission. This episode teaches you how to align your security initiatives with day-to-day business operations, process priorities, and perform...
Episode 67: Integrating Security Requirements into Organizational Processes
In this episode, we cover how to embed security into core business workflows—from procurement to development and beyond. You’ll learn how to ensure that security requi...
Episode 68: Managing and Monitoring Security Compliance with External Parties
Vendors, suppliers, and partners all affect your risk posture. This episode explores how to define, enforce, and monitor external security requirements. You’ll learn h...
Episode 69: Supervising Risk Identification and Assessment
CISM-certified professionals must oversee—not just conduct—risk assessments. This episode covers how to supervise the process, validate results, and ensure assessments...
Episode 70: Supervising Risk Treatment and Continuous Monitoring
Managing risk doesn’t stop with one decision. In this episode, we explore how to supervise treatment activities (mitigation, transfer, acceptance) and establish ongoin...
Episode 71: Continuous Improvement through Post-Incident Reviews and Risk Reassessment
Mature security programs improve over time. In this final episode, we explain how to lead post-incident reviews, implement lessons learned, and reassess risk in light ...
