Monthly Archives: September 2018
Governance, Risk, and Compliance
An enterprise is an entity doing business to deliver value that satisfies a customer’s needs so as to survive and grow. Doing business is executing a collection of processes with resources to create value which is usually quantitatively evaluated by monetary vehicle. A customer pays for the value to meet his or her needs. Simply put, an enterprise exists for customer’s needs and makes profit to survive and grow.
An enterprise is governed by the leadership team, the board of directors and senior management or executives. Customer’s needs are the origin of an enterprise’s mission and vision. A strategy is the means for the leadership team to fulfill the mission and vision and is usually broken down to goals and objectives that are met by implementation of plans.
An enterprise explores opportunities to make profit and takes risks associated with them. Governance is the collective processes and behaviors for the leadership team to direct the enterprise. That is, the leadership team governs for the performance to make profit, makes informed decisions to take risks, and obeys the laws and regulations to be compliant.
Bruce Passed ISC2 CISSP-ISSEP Exam on 25th September
After studying for 42 hours in 12 days (from 2018/09/14 to 2018/09/25), I cleared the ISC2 CISSP-ISSEP exam this afternoon and it’s really lucky for me, probably, to be the first exam taker who passed this exam in Taiwan.
The following is what I used to prepare for this exam:
- Official (ISC) 2® Guide to the CISSP®-ISSEP® CBK® ((ISC) 2 Press) 1st Edition
- Systems Engineering Fundamentals Kindle Edition
- Official (ISC)² Guide to the CSSLP, Second Edition
- Official (ISC)2 Guide to the CISSP CBK ((ISC)2 Press) 4th Edition
- Official (ISC)2 Guide to the CISSP-ISSMP CBK ((ISC)2 Press) 2nd Edition
- Official (ISC)2 Guide to the ISSAP CBK ((ISC)2 Press) 2nd Edition
- The Official (ISC)2 Guide to the CCSP CBK 2nd Edition
- Official (ISC)2® Guide to the CAP® CBK® ((ISC)2 Press) 2nd Edition
- IATF Release 3.1
- FEA Consolidated Reference Model Document Version 2.3
- FEA Practice Guide
- ISO 27001
- ISO 27005
- ISO 21827
- PMBOK® Guide – Sixth Edition
- NIST Special Publications
- 800-12
- 800-100
- 800-64 Rev 2
- 800-18 Rev 1
- 800-34 Rev 1
- 800-39
- 800-30 Rev 1
- 800-27 Rev A
- 800-37
- 800-37 Rev 2
- 800-160 (vol1 & vol2)
- 800-55
- 800-50
- 800-53
- 800-53A
- 800-60 (vol1 & vol2)
- 800-86
- 800-61
800-40 Rev 3 - 800-128
- 800-137
- 800-115
- 800-92
- 800-88
My exam preparation is completely directed by the ISC2 CISSP-ISSEP exam outline. The most common references used for the ISSEP by domain from ToniHardy and the ISC2 official references are quite helpful. Having passed CSSLP exam helps as well.
The milestones are updated as follows:
- Milestone #1: PMI + CISSP
- 2018/04/09 ACP
- 2018/04/27 PBA
- 2018/06/19 CISSP
- 2018/07/10 RMP
- Milestone #2: ISACA
- 2018/07/24 CISM
- 2018/08/13 CRISC
- 2018/08/28 CISA
- Milestone #3: ISC2
- 2018/09/07 CCSP (originally scheduled on 2018/09/14)
- 2018/09/13 CSSLP (originally scheduled on 2018/09/28)
- 2018/09/25 CISSP-ISSEP (bonus)
- Milestone #4: EC-Council
- 2018/10/15 CEH
- 2018/10/29 ECSA
Moving forward is the best strategy of retreat! I’ll keep moving.
Mission
Image
Just Move Forward!
Moving Forward
is the Best Strategy of
Retreat!
Risk Management
Bruce Passed ISC2 CSSLP Exam on 13th September
After studying for 36 hours in 6 days (from 2018/09/08 to 2018/09/13), I cleared the ISC2 CSSLP exam this afternoon. The following is what I used to prepare for this exam:
- Official (ISC)² Guide to the CSSLP, Second Edition
- Official (ISC)2 Guide to the CSSLP ((ISC)2 Press) 1st Edition
- CSSLP Certification All-in-One Exam Guide
The ISC2 official Guide to the CSSLP helps. The exam is not so challenging for an experienced developer with CISSP qualification.
The milestones are updated as follows:
- Milestone #1: PMI + CISSP
- 2018/04/09 ACP
- 2018/04/27 PBA
- 2018/06/19 CISSP
- 2018/07/10 RMP
- Milestone #2: ISACA
- 2018/07/24 CISM
- 2018/08/13 CRISC
- 2018/08/28 CISA
- Milestone #3: ISC2
- 2018/09/07 CCSP (originally scheduled on 2018/09/14)
- 2018/09/13 CSSLP (originally scheduled on 2018/09/28)
- Milestone #4: EC-Council
- 2018/10/15 CEH
- 2018/10/29 ECSA
What a relief! Keep moving!
Bruce Passed ISC2 CCSP Exam on 7th September
After studying for 40 hours in 9 days (from 2018/08/29 to 2018/09/06), I cleared the ISC2 CCSP exam this morning. The following is what I used to prepare for this exam:
- Official (ISC)² Guide to the CCSP CBK, Second Edition
- Official (ISC)² CCSP Study Guide
- Official CCSP Study App
It helps to pass this exam having some hands-on experience in cloud computing, ex. Azure and/or AWS, and sticking to the official CCSP CBK and study guide.
After evaluating the criticality of the CCSP and CSSLP exams, I changed my strategy to take CCSP exam first. The milestones are updated as follows:
- Milestone #1: PMI + CISSP
- 2018/04/09 ACP
- 2018/04/27 PBA
- 2018/06/19 CISSP
- 2018/07/10 RMP
- Milestone #2: ISACA
- 2018/07/24 CISM
- 2018/08/13 CRISC
- 2018/08/28 CISA
- Milestone #3: ISC2
- 2018/09/07 CCSP (originally scheduled on 2018/09/14)
- 2018/09/28 CSSLP
- Milestone #4: EC-Council
- 2018/10/15 CEH
- 2018/10/29 ECSA
Keep moving!