Jason Edwards
Certified: The ISC(2) ISSMP Audio Course
Certified: The ISC(2) ISSMP Certification Audio Course is an audio-first study program for experienced security professionals who are ready to step into security management leadership. If you already understand core security concepts and you now need to lead programs, influence stakeholders, and make decisions that hold up under pressure, this course is built for you. It’s designed for practitioners moving into manager, lead, architect, or program roles, and for leaders who want a structured path toward the ISSMP credential without living in a textbook. You’ll hear the “why” behind common mana...
Author
Jason Edwards
Category
Podcast website
Latest episode
Feb 22, 2026
Where to listen?
Podcasts in the app Replaio Radio Coming soonPodcasts are coming to the app soon. Install now and be the first to see a whole new take on podcasts
Episodes
Episode 119 — Obtain Authorized Risk Waivers With Proper Approval and Traceable Records 22.02.2026 12:30
This episode teaches how to obtain authorized risk waivers with proper approval and traceable records, because ISSMP scenarios frequently hinge on who can accept risk, what evidence must exist, and how to ensure waivers do not become invisible risk debt. You will learn how risk waivers differ from operational exceptions, how to confirm decision authority and delegated limits, and how to document t...
Episode 118 — Document Compliance Exceptions With Controls, Workarounds, and Risk Context 22.02.2026 12:05
This episode explains how to document compliance exceptions with the controls, workarounds, and risk context needed to remain defensible, because ISSMP often tests whether you understand that exceptions must be governed, time-bounded, and evidence-supported rather than informal permission slips. You will learn how to define the exact requirement being excepted, the scope and duration, the business...
Episode 117 — Monitor and Validate Remediation Actions Until Risk Is Truly Reduced 22.02.2026 12:49
This episode teaches how to monitor and validate remediation actions until risk is truly reduced, which ISSMP emphasizes because remediation is not complete when a ticket is closed, but when control performance and evidence prove the weakness is no longer present. You will learn how to track remediation by risk tier, define acceptance criteria and validation tests, and ensure owners deliver durabl...
Episode 116 — Evaluate and Validate Findings and Build Responses That Address Root Causes 22.02.2026 13:09
This episode explains how to evaluate and validate audit findings and then build responses that address root causes, because ISSMP questions often test whether you can move beyond superficial fixes and produce remediation that actually reduces risk and improves control operation. You will learn how to confirm the finding’s scope, determine whether evidence was misunderstood or incomplete, identify...
Episode 115 — Coordinate Audit Activities and Maintain Evidence Readiness Year-Round 22.02.2026 16:50
This episode teaches how to coordinate audit activities and maintain evidence readiness year-round, because ISSMP expects leaders to run compliance as a continuous program capability rather than a seasonal event. You will learn how to organize evidence repositories, define evidence standards, assign owners, and create regular routines that keep artifacts current, complete, and traceable to specifi...
Episode 114 — Plan and Schedule Internal and External Audit Activities With Minimal Disruption 22.02.2026 12:18
This episode explains how to plan and schedule internal and external audit activities with minimal disruption, which matters for ISSMP because audit success depends on evidence readiness, stakeholder coordination, and disciplined scope management, not last-minute scrambling. You will learn how to define audit objectives and scope, identify control owners and evidence sources, align timelines to bu...
Episode 113 — Define and Monitor Compliance Metrics That Survive Audit Scrutiny 22.02.2026 12:31
This episode focuses on defining and monitoring compliance metrics that survive audit scrutiny, because ISSMP expects leaders to distinguish activity counts from evidence-backed indicators of control operation and conformance. You will learn how to select metrics that reflect control coverage, control effectiveness, timeliness of required activities, and integrity of evidence, while avoiding vague...
Episode 112 — Implement Compliance Frameworks Into Operations Without Creating Paper Security 22.02.2026 13:05
This episode teaches how to implement a compliance framework into daily operations without creating “paper security,” which ISSMP tests because leaders must ensure controls are real, measurable, and consistently executed rather than documented and ignored. You will learn how to translate framework requirements into policy, standards, procedures, and operational workflows that produce evidence natu...
Episode 111 — Evaluate and Select Compliance Frameworks That Fit Business and Regulation 22.02.2026 13:22
This episode explains how an ISSMP-level leader evaluates and selects compliance frameworks that fit the organization’s regulatory obligations, business model, and operational reality, because the exam frequently tests whether you can choose a governance-aligned approach instead of defaulting to whatever framework is most popular. You will learn how to compare frameworks based on scope coverage, c...
Episode 110 — Inform and Advise Senior Management on Compliance Strategy and Tradeoffs 22.02.2026 12:22
This episode teaches how to inform and advise senior management on compliance strategy and tradeoffs, which is central to ISSMP because executives must decide how to balance regulatory requirements, risk appetite, operational constraints, and investment priorities. You will learn how to frame compliance as a strategy that includes scope determination, framework selection, control implementation ap...
Episode 109 — Promote Organizational Ethics and Resolve Security Dilemmas Without Hand-Waving 22.02.2026 12:40
This episode explains how to promote organizational ethics and resolve security dilemmas without hand-waving, because ISSMP expects leaders to navigate gray areas where policies, incentives, and business pressures collide. You will learn how to identify ethical risk signals such as “quiet exceptions,” selective enforcement, retaliation against reporting, and decisions that shift risk onto customer...
Episode 108 — Promote the ISC2 Code of Ethics Through Practical Leadership Decisions 22.02.2026 12:00
This episode teaches how to promote the ISC2 Code of Ethics through practical leadership decisions, which matters for ISSMP because ethics is tested not as theory, but as judgment under pressure when security leaders face conflicts, incomplete information, and competing stakeholder demands. You will learn how ethical principles show up in daily choices such as transparent reporting, responsible di...
Episode 107 — Advise on Risks of Non-Compliance and Non-Conformity With Business Clarity 22.02.2026 12:20
This episode explains how to advise on the risks of non-compliance and non-conformity with business clarity, because ISSMP scenarios often test whether you can communicate compliance risk as decision-relevant exposure rather than vague fear. You will learn how to distinguish non-compliance with laws and regulations from non-conformity with internal policies or external standards, and how each can...
Episode 106 — Identify Intellectual Property Laws and Translate Them Into Security Controls 22.02.2026 14:44
This episode teaches how to identify intellectual property laws and translate them into security controls that protect IP value and reduce legal exposure, which matters for ISSMP because leaders must secure trade secrets, copyrighted material, and proprietary designs while enabling legitimate business use. You will learn how IP obligations influence classification decisions, access boundaries, sec...
Episode 105 — Identify Applicable Security and Privacy Laws, Regulations, and Standards 22.02.2026 13:06
This episode explains how an ISSMP-level leader identifies applicable security and privacy laws, regulations, and standards and translates them into actionable requirements, because exam questions often test whether you can determine applicability without either missing obligations or over-scoping controls unnecessarily. You will learn how applicability is driven by industry, data types, geography...
Episode 104 — Identify Legal Jurisdictions and Trans-Border Data Flow Obligations 22.02.2026 12:05
This episode teaches how to identify legal jurisdictions and trans-border data flow obligations that impact security program decisions, which ISSMP tests because compliance scope often depends on where data is collected, processed, stored, and accessed. You will learn how jurisdiction can be triggered by customer location, business presence, processing activities, service provider regions, and con...
Episode 103 — Capture Lessons Learned and Turn Them Into Concrete Program Changes 22.02.2026 12:29
This episode explains how to capture lessons learned and convert them into concrete program changes that measurably reduce future risk, because ISSMP expects leaders to treat incidents and disruptions as governance inputs, not just operational setbacks. You will learn how to structure after-action reviews that separate facts from opinions, identify contributing factors across people, process, and...
Episode 102 — Restore Normal Operations While Protecting Integrity, Availability, and Trust 22.02.2026 14:47
This episode teaches how to restore normal operations while protecting integrity, availability, and trust, which matters for ISSMP because recovery is not complete when systems are merely “back online,” but when they are back in a verified, defensible state. You will learn how to sequence restoration based on BIA priorities, validate data integrity before resuming critical processing, and confirm...
Episode 101 — Implement the Plan and Coordinate Response Without Operational Chaos 22.02.2026 14:59
This episode explains how an ISSMP-level leader implements contingency plans and coordinates response actions without creating operational chaos, because exam scenarios often test whether you can move from “plan on paper” to disciplined execution under stress. You will learn how to establish a clear command structure, confirm decision authority, and organize parallel work streams such as technical...
Episode 100 — Declare and Communicate a Disaster Clearly Across the Organization 22.02.2026 12:17
This episode teaches how to declare and communicate a disaster clearly across the organization, because ISSMP scenarios often test whether you can initiate contingency response with the right authority, the right messaging, and the right operational discipline when conditions are uncertain and stakes are high. You’ll learn how declaration criteria connect to BIA thresholds, recovery objectives, go...
Episode 99 — Manage the Plan Update Process So Contingency Plans Stay Current 22.02.2026 11:57
This episode focuses on managing the plan update process so contingency plans stay current as systems, vendors, processes, and organizational structures change, because ISSMP expects leaders to maintain operational readiness and auditability over time. You’ll learn how to establish update triggers such as new applications, architecture changes, vendor replacements, organizational reorgs, regulator...
Episode 98 — Determine Survivability and Resiliency Capabilities Without False Confidence 22.02.2026 12:14
This episode explains how to determine survivability and resiliency capabilities without false confidence, because ISSMP questions often test whether you can distinguish “we have backups” from “we can actually sustain and recover critical services under real conditions.” You’ll learn how survivability relates to maintaining essential functions during disruption, while resiliency includes the abili...
Episode 97 — Plan Testing, Evaluation, and Modification of COOP, BCP, and DRP 22.02.2026 11:49
This episode teaches how to plan testing, evaluation, and modification of COOP, BCP, and DRP so contingency planning becomes a living program that improves over time, which ISSMP tests because untested plans are rarely executable when disruption happens. You’ll learn the differences between tabletop exercises, functional tests, technical recovery drills, and full-scale simulations, and how to sele...
Episode 96 — Assign Recovery Roles and Responsibilities That Work During Real Disasters 22.02.2026 12:52
This episode explains how to assign recovery roles and responsibilities that actually work during real disasters, because ISSMP questions frequently hinge on accountability, authority, and coordination when stress, outages, and incomplete information make normal processes unreliable. You’ll learn how to define who declares a disaster, who authorizes disruptive recovery actions, who owns technical...
Episode 95 — Identify Recovery Alternatives and Coordinate Practical Recovery Strategies 22.02.2026 12:29
This episode teaches how to identify recovery alternatives and coordinate practical recovery strategies that match risk tolerance, business priorities, and real operational constraints, which ISSMP often tests through tradeoff questions. You’ll learn how to evaluate alternatives such as hot, warm, and cold approaches; active-active versus active-passive designs; alternate sites; cloud failover; ma...
Similar podcasts
Replaio is not a podcast publisher; show names, artwork and audio belong to their authors and are distributed through public RSS feeds.