Monthly Archives: September 2018

Governance, Risk, and Compliance

Posted on by
Reply

cissp-logo_400x400

An enterprise is an entity doing business to deliver value that satisfies a customer’s needs so as to survive and grow. Doing business is executing a collection of processes with resources to create value which is usually quantitatively evaluated by monetary vehicle. A customer pays for the value to meet his or her needs. Simply put, an enterprise exists for customer’s needs and makes profit to survive and grow.

An enterprise is governed by the leadership team, the board of directors and senior management or executives. Customer’s needs are the origin of an enterprise’s mission and vision. A strategy is the means for the leadership team to fulfill the mission and vision and is usually broken down to goals and objectives that are met by implementation of plans.

An enterprise explores opportunities to make profit and takes risks associated with them. Governance is the collective processes and behaviors for the leadership team to direct the enterprise. That is, the leadership team governs for the performance to make profit, makes informed decisions to take risks, and obeys the laws and regulations to be compliant.

Bruce Passed ISC2 CISSP-ISSEP Exam on 25th September

Posted on by
7

IMAG3392

After studying for 42 hours in 12 days (from 2018/09/14 to 2018/09/25), I cleared the ISC2 CISSP-ISSEP exam this afternoon and it’s really lucky for me, probably, to be the first exam taker who passed this exam in Taiwan.

The following is what I used to prepare for this exam:

  1. Official (ISC) 2® Guide to the CISSP®-ISSEP® CBK® ((ISC) 2 Press) 1st Edition
  2. Systems Engineering Fundamentals Kindle Edition
  3. Official (ISC)² Guide to the CSSLP, Second Edition
  4. Official (ISC)2 Guide to the CISSP CBK ((ISC)2 Press) 4th Edition
  5. Official (ISC)2 Guide to the CISSP-ISSMP CBK ((ISC)2 Press) 2nd Edition
  6. Official (ISC)2 Guide to the ISSAP CBK ((ISC)2 Press) 2nd Edition
  7. The Official (ISC)2 Guide to the CCSP CBK 2nd Edition
  8. Official (ISC)2® Guide to the CAP® CBK® ((ISC)2 Press) 2nd Edition
  9. IATF Release 3.1
  10. FEA Consolidated Reference Model Document Version 2.3
  11. FEA Practice Guide
  12. ISO 27001
  13. ISO 27005
  14. ISO 21827
  15. PMBOK® Guide – Sixth Edition
  16. NIST Special Publications
    • 800-12
    • 800-100
    • 800-64 Rev 2
    • 800-18 Rev 1
    • 800-34 Rev 1
    • 800-39
    • 800-30 Rev 1
    • 800-27 Rev A
    • 800-37
    • 800-37 Rev 2
    • 800-160 (vol1 & vol2)
    • 800-55
    • 800-50
    • 800-53
    • 800-53A
    • 800-60 (vol1 & vol2)
    • 800-86
    • 800-61
      800-40 Rev 3
    • 800-128
    • 800-137
    • 800-115
    • 800-92
    • 800-88

My exam preparation is completely directed by the ISC2 CISSP-ISSEP exam outline. The most common references used for the ISSEP by domain from ToniHardy and the ISC2 official references are quite helpful. Having passed CSSLP exam helps as well.

The milestones are updated as follows:

  • Milestone #1: PMI + CISSP
    • 2018/04/09 ACP
    • 2018/04/27 PBA
    • 2018/06/19 CISSP
    • 2018/07/10 RMP
  • Milestone #2: ISACA
    • 2018/07/24 CISM
    • 2018/08/13 CRISC
    • 2018/08/28 CISA
  • Milestone #3: ISC2
    • 2018/09/07 CCSP (originally scheduled on 2018/09/14)
    • 2018/09/13 CSSLP (originally scheduled on 2018/09/28)
    • 2018/09/25 CISSP-ISSEP (bonus)
  • Milestone #4: EC-Council
    • 2018/10/15 CEH
    • 2018/10/29 ECSA

Moving forward is the best strategy of retreat! I’ll keep moving.

Bruce Passed ISC2 CSSLP Exam on 13th September

Posted on by
1

CSSLP Logo

After studying for 36 hours in 6 days (from 2018/09/08 to 2018/09/13), I cleared the ISC2 CSSLP exam this afternoon. The following is what I used to prepare for this exam:

The ISC2 official Guide to the CSSLP helps. The exam is not so challenging for an experienced developer with CISSP qualification.

The milestones are updated as follows:

  • Milestone #1: PMI + CISSP
    • 2018/04/09 ACP
    • 2018/04/27 PBA
    • 2018/06/19 CISSP
    • 2018/07/10 RMP
  • Milestone #2: ISACA
    • 2018/07/24 CISM
    • 2018/08/13 CRISC
    • 2018/08/28 CISA
  • Milestone #3: ISC2
    • 2018/09/07 CCSP (originally scheduled on 2018/09/14)
    • 2018/09/13 CSSLP (originally scheduled on 2018/09/28)
  • Milestone #4: EC-Council
    • 2018/10/15 CEH
    • 2018/10/29 ECSA

What a relief! Keep moving!

Bruce Passed ISC2 CCSP Exam on 7th September

Posted on by
1

CCSP - 2 lines

After studying for 40 hours in 9 days (from 2018/08/29 to 2018/09/06), I cleared the ISC2 CCSP exam this morning. The following is what I used to prepare for this exam:

It helps to pass this exam having some hands-on experience in cloud computing, ex. Azure and/or AWS, and sticking to the official CCSP CBK and study guide.

After evaluating the criticality of the CCSP and CSSLP exams, I changed my strategy to take CCSP exam first.  The milestones are updated as follows:

  • Milestone #1: PMI + CISSP
    • 2018/04/09 ACP
    • 2018/04/27 PBA
    • 2018/06/19 CISSP
    • 2018/07/10 RMP
  • Milestone #2: ISACA
    • 2018/07/24 CISM
    • 2018/08/13 CRISC
    • 2018/08/28 CISA
  • Milestone #3: ISC2
    • 2018/09/07 CCSP (originally scheduled on 2018/09/14)
    • 2018/09/28 CSSLP
  • Milestone #4: EC-Council
    • 2018/10/15 CEH
    • 2018/10/29 ECSA

Keep moving!