The "Risk Intel" Podcast was developed to share our collective insights and knowledge working within the Financial Services industry and invite other risk enthusiasts to the show to educate and promote proactive risk management. The show is hosted by Ed Vincent, CEO of SRA Watchtower, a leading SaaS provider of innovative risk management solutions, serving the financial services industry and beyond. Our suite of proprietary technology solutions and methodologies was built “by risk pros for r ...
…
continue reading
Risk Maturity Podcasts
The Bare Metal Cyber CRISC Prepcast is a comprehensive audio training series designed to help you master the CRISC certification with confidence. Each episode delivers in-depth coverage of ISACA’s CRISC domains — from risk governance to monitoring — using a uniquely structured, exam-focused format built for long-term retention. Whether you're studying on the go or doing a deep review, this prepcast is your essential guide to IT risk success.
…
continue reading
Welcome to the Risk Intelligence Podcast, where the Global Association of Risk Professionals, also known as GARP, brings together the world’s foremost Risk Practitioners, from around the globe, for in depth insights and discussions on today’s most important risk issues in finance and energy. Here is your chance to listen in.
…
continue reading
I’m Michael Rosenbaum, I’ve spent the better part of the last two decades in and out of film and television - mostly known for playing the bald dude on the show Smallville. I’m the guy that you probably don’t know by name, but when you see my face you might say “oh, that guy from that thing.” I’ve befriended some of the most talented people in the business, but it wasn’t until I started inviting them into my home that I realized, I didn’t really know these people. What started as me having s ...
…
continue reading
OUR YOUTUBE: https://www.youtube.com/c/REALRAWTALK?sub_confirmation=1 LISTEN ON APPLE PODCASTS: https://podcasts.apple.com/us/podcast/rawtalk/id1294154339 FOLLOW RAWTALK PODCAST INSTAGRAM | https://instagram.com/getrawtalk TIKTOK | https://tiktok.com/@askrawtalk FOLLOW BRADLEY: INSTAGRAM | https://instagram.com/bradleymartyn SUBSCRIBE TO RAWTALK PODCAST CLIPS: https://www.youtube.com/channel/UCvzSBNBOK599FqzrTZS8ScQ/?sub_confirmation=1 SUBSCRIBE TO LIFE OF BRADLEY MARTYN: https://www.youtube ...
…
continue reading
Felicia King is an internationally recognized CISO and considered to be one of the top network layer security strategists in the U.S. Since launching in 2004 on the WGTD network, her Breakfast Bytes podcast has focused on information security risk management and the issues business leaders need to be aware of to benefit from the challenges others have faced. Learn about the most effective approaches, what you can do to mitigate risk, and how to protect your most valuable assets, your data, a ...
…
continue reading
Each webinar features an SEI researcher discussing their research on software and cybersecurity problems of considerable complexity. The webinar series is a way for the SEI to accomplish its core purpose of improving the state-of-the-art in software engineering and cybersecurity and transitioning this work to the community. The SEI is a federally funded research and development center sponsored by the U.S. Department of Defense and operated by Carnegie Mellon University. The SEI Webinar Seri ...
…
continue reading
Since 2007, Weird Medicine has been "the first and still only uncensored medical show in broadcast radio history" on SiriusXM. Now, the same crew that continues to shock, horrify, entertain and inform the satellite airwaves is producing a weekly podcast! This is a medical show for people who would never listen to a medical show on the internet (or anywhere else). If you have a question you'd like answered on the show, call the voicemail line at 347 766 4323 (347 POO HEAD) any time. Remember, ...
…
continue reading
Established in 2004, Leader’s Edge is the award-winning content platform for The Council of Insurance Agents & Brokers, covering legal and legislative issues, international business and regulation, management trends and best practices, technology, and more. Leader’s Edge is written and recorded for large and mid-sized commercial insurance and employee benefit executives around the globe.
…
continue reading
Keith and The Girl (est. March, 2005) is a fast-paced comedy show that talks about EVERYTHING. KATG host and Podcasting Hall of Fame inductee Keith Malley and guests talk openly about their lives including topics such as their relationships, religion and atheism, the LGBT community, love, hate, fights, racism, feminism, weed and other drug use, family, and any comfortable or uncomfortable topic. Keith creates an aggressive but safe place for his guests to share intimate and never-been-told s ...
…
continue reading
The purpose of the Skeptical Analyst podcast is to offer my opinions, remarks, and contemplations about issues at the intersection of the insurance industry, technology, society, and cyber risks.
…
continue reading
A group of guys dedicated to wildlife conservation, sharing hunting strategies, and enjoying God's great outdoors. We travel across the United States pursuing wild game, gathering knowledge and insight, and sharing it with our community with the goal of creating more ethical and efficient hunters. Est 2019. Make sure to subscribe to follow our journey!
…
continue reading
The Voice of Cybersecurity for MSPs & MSSPs! The CyberCall is the weekly podcast where cybersecurity meets business reality. Hosted by Andrew Morgan, Founder of Right of Boom, this is the go-to show for Managed Service Providers (MSPs), virtual CISOs (vCISOs), and IT leaders navigating the complex world of cyber risk, compliance, and AI. Each episode features raw, practical conversations with the sharpest minds in cybersecurity—from operators in the trenches to CISOs, researchers, policymake ...
…
continue reading
This is TAG Data Talk where we discuss news, trends, and ideas in the world of Data Science and Analytics. TAG Data Talk is hosted by the Technology Association of Georgia's Data Science and Analytics society.
…
continue reading
1
North American Ag Spotlight: Agriculture & Farming News and Views
North American Ag, Chrissy Wozniak
5
214
Never forget, Food Security is National Security! North American Ag provides daily agriculture news and weekly podcasts, devoted to highlighting the great people and companies that serve the agriculture industry and help feed our world. Covering ag tech, ag issues, policy, new products, family & faith. North American Ag gives insight into what’s happening in agriculture throughout North America. In agriculture, government policy and faith effect farming every day. Unfortunately without open ...
…
continue reading
Preparing Organizations for Managing Crisis
…
continue reading
Each week, our Sunday Sermons are uploaded to help empower and inspire you with Purpose and Belonging. Listen and share.
…
continue reading
Speedwell Research spends hundreds of hours researching public businesses each month and in "The Synopsis" they share their key learnings. Most business podcasts are superficial and assume their listeners are unsophisticated. In contrast, The Synopsis trusts listeners are interested in learning about complex, industry-specific issues, so long as they are explained clearly. We cover businesses from inception to current day, coupling business analysis and an investors lens. Start listening tod ...
…
continue reading
A new podcast series brought to you by Company Director in partnership with Microsoft. Join host Alan Kohler as he sits down with Australia’s leading company directors to discover their experiences and insights in driving digital innovation on their boards.
…
continue reading
Properly practiced, digital transformation should lead to happier, faster, smarter and safer employees and customers. Welcome to Experience Threading: The Podcast where we discuss human-centered, outcome focused digital transformation. If you’ve ever wondered, “How can we make it easier for people to get their work done? How can I move to the cloud, and then stay in the cloud? What’s the best way to handle risk in this work-anywhere world?” we invite you to listen in for the tools, technique ...
…
continue reading
Welcome to What The Health – your premier guide for everything health and wellness. With an unwavering commitment to unbiased, transformative information, our platform is committed to putting you on a pathway toward happiness and health. Your host, John Salak, an award-winning journalist and editor, will break down today’s complex health issues and narratives to deliver clear, actionable insights and compelling interviews that explore traditional and avant-garde health paradigms. What The He ...
…
continue reading
Netenrich invites security professionals to learn how they can optimize their security operations, remove silos, and gain increased efficiencies with the tools and systems they have. This podcast series is focused on effective detection, investigation, and response techniques where data and analytics is at the foundation. Hear from leading cybersecurity experts on how they’re transforming security ops. Netenrich boosts security and digital operations effectiveness so that organizations can a ...
…
continue reading
Creative and Critical Thinking in Business... and Life. Through episodes about innovation, leadership, design, AI and some on health. ggutt.substack.com
…
continue reading
1
OPEN Tech Talks: Technology worth Talking| Artificial Intelligence |Tools & Tips
Kashif Manzoor
3158
Open Tech Talks is your weekly sandbox for technology: Artificial Intelligence, Generative AI, Machine Learning, Large Language Models (LLMs) insights, experimentation, and inspiration. Hosted by Kashif Manzoor, AI Evangelist, Cloud Expert, and Enterprise Architect, this Podcast combines technology products, artificial intelligence, machine learning overviews, how-to's, best practices, tips & tricks, and troubleshooting techniques. Whether you're a CIO, IT manager, developer, or just curious ...
…
continue reading
1
3923: The American Way w/ Alice Fishbein
2:11:59
2:11:59
Play later
Play later
Lists
Like
Liked
2:11:59
New KATG guest Alice Fishbein might be on her first podcast of any kind ever, but you wouldn’t know it from her candid opinions and frank discussions. Keith and Alice talk about her one-woman show satirizing Titanic, her work in criminal defense, Americans lack of empathy, Epstein never having a client list after all (???), hateful comedians announ…
…
continue reading
1
286. 'The General' Buck Was Altered? 49 Point Record Doesn't Add Up…
1:10:21
1:10:21
Play later
Play later
Lists
Like
Liked
1:10:21
Use code HA20 for 20% off Pnuma Outdoors gear! https://pnumaoutdoors.com/ Use code HNTA15 for 15% off Out On A Limb MFG products! https://outonalimbmfg.com/ Use code HA10 for 10% VPA Broadheads: vparchery.com Check out Alberta Professional Outfitters Society for Hunting Alberta: https://www.apos.ab.ca Follow our socials: TikTok: https://www.tiktok.…
…
continue reading
1
Stress Testing: Current Issues, Regulatory Analysis, and a Sneak Peek at the Future
32:13
32:13
Play later
Play later
Lists
Like
Liked
32:13
Hear from Cristian deRitis, deputy chief economist at Moody’s Analytics, on the stress testing impact of heightened geopolitical risk, constantly shifting tariffs, climate risk developments, and AI/ML evolution. This podcast examines stress testing challenges and trends, with an eye on how regulation and recent events are shaping these important ex…
…
continue reading
1
Model Your Way to Better Cybersecurity
1:02:54
1:02:54
Play later
Play later
Lists
Like
Liked
1:02:54
Threat modeling is intended to help defend a system from attack. It tops the list of techniques recommended by the National Institute of Standards and Technology (NIST) to secure critical systems. In a world where people with malicious intent have deadlier tools at their disposal, defenders need to take advantage of Model-Based Systems Engineering …
…
continue reading
1
S3 | E21: Mind the Gap (PT2): Mitigating Execution Risk
18:26
18:26
Play later
Play later
Lists
Like
Liked
18:26
In Part 2 of our Risk Intel podcast series with our partners at Plansmith, Edward Vincent welcomed back Craig Hartman, Chairman and CEO of Plansmith, to explore a question that resonates with every financial leader: Once you’ve identified execution risk, how do you actually reduce it? Craig’s decades of experience helping banks and credit unions na…
…
continue reading
1
637 - Taurine, Cancer, and Truck Bonerzzz
40:21
40:21
Play later
Play later
Lists
Like
Liked
40:21
Dr Steve and Dr Scott discuss: Taurine and cancer Trisomy 21 prognosis THC and intercourse eradicating HIV with "wake up" mRNA instructions boneriffic truck driving watch the complete video at patreon.com/weirdmedicine Please visit: simplyherbals.net/cbd-sinus-rinse (the best he's ever made. Seriously.) instagram.com/weirdmedicine x.…
…
continue reading
1
Tren Twins On Going Natty, Relationships & Conspiracy Theories
2:22:29
2:22:29
Play later
Play later
Lists
Like
Liked
2:22:29
Sponsored by: Prize Picks Use code “BRADLEY”& Make your first $5 line up & get $50 whether you WIN OR LOSE! https://prizepicks.onelink.me/ivHR/BRAD This Episode is Sponsored by: BetterHelp Visit https://www.BetterHelp.com/RAWTALK today to get 10% off your first month! On this week’s episode of RAW TALK, Brad sits down w/ The Tren Twins & talks all …
…
continue reading
1
A Look at Germany’s Hospital System Reform
12:30
12:30
Play later
Play later
Lists
Like
Liked
12:30
In this episode, Leader's Edge hosts its second conversation at The Council's Employee Benefits Leadership Forum, with Jochen Körner, CEO of Ecclesia Group, a Germany-based brokerage.Körner dives into detail about the Krankenhausversorgungsverbesserungsgesetz, which is changing how the German hospital system operates and funds itself. Körner also s…
…
continue reading
1
Interview. Precision Medicine Fund Manager on Portfolio Construction, Risk, and "Developers" vs "Enablers"
1:15:59
1:15:59
Play later
Play later
Lists
Like
Liked
1:15:59
In this insightful interview with Blue Box Asset Mangement's Porfolio Manager Mark Dainty we talk about precision medicine and life sciences, his investment strategy, and how he constructs a portfolio of "developers" vs "enablers". We also talk about 3 stocks in the fund. We hope you enjoy listening! *~*~*~*~* Get access to all of Speedwell Researc…
…
continue reading
1
The Ingram Micro Cyber Incident & Building Security Maturity - F12’s ISO 27001Journey
1:03:30
1:03:30
Play later
Play later
Lists
Like
Liked
1:03:30
Supply chain attacks doubled according to the 2025 Verizon DBIR. This week the channel awakens to Ingram Micro being attacked by the SafePay Ransomware group. Incident Response (IR) expert, Chris Loehr, EVP of Solis joins The CyberCall, to share perspective on the GlobalProtect VPN compromise. That’s why today on today's CyberCall, we’re talking ab…
…
continue reading
1
JOSH DUHAMEL: Overcoming Self-Doubt, Intensity on Transformers & Finding Purpose in Fatherhood
1:15:56
1:15:56
Play later
Play later
Lists
Like
Liked
1:15:56
Josh Duhamel (Ransom Canyon, Transformers) joins me to share his journey from battling self-doubt early in his career to finding purpose through fatherhood later in life. Josh opens up about his passion for men’s health and helping others focus on feeling and looking their best through his new brand Gatlan. We also talk about the intensity surround…
…
continue reading
1
Episode 93: Evaluating Business Practices Alignment with Risk Management and Security Frameworks
10:10
10:10
Play later
Play later
Lists
Like
Liked
10:10
Alignment is the final step toward risk maturity. In this capstone episode, we explore how to evaluate whether business practices support or undermine formal risk management and information security frameworks. You’ll learn how to detect misalignments, recommend improvements, and support compliance initiatives. This topic is a favorite for comprehe…
…
continue reading
1
Episode 92: Reporting Control Information and Supporting Risk-Based Decisions
9:46
9:46
Play later
Play later
Lists
Like
Liked
9:46
Controls are only valuable if their performance is understood. This episode focuses on how to report control-related data—such as testing results, KCI trends, and implementation updates—to support decision-making. You’ll learn how to interpret control reporting in context and how it influences risk posture and treatment adjustments. Expect to apply…
…
continue reading
1
Episode 91: Reporting Risk Information to Stakeholders
9:46
9:46
Play later
Play later
Lists
Like
Liked
9:46
Clear, timely risk reporting supports informed decision-making at every level. In this episode, we explain how to tailor risk reports for different audiences, from executive boards to process owners. You’ll learn best practices for content clarity, escalation protocols, and aligning reports with organizational priorities. These skills are often tes…
…
continue reading
1
Episode 90: Reviewing Control Assessments for Effectiveness and Maturity
10:05
10:05
Play later
Play later
Lists
Like
Liked
10:05
Mature organizations regularly review their control environment. In this episode, we cover how CRISC professionals assess whether controls are effective, scalable, and aligned with enterprise goals. You’ll learn about assessment techniques, maturity models, and reporting strategies. This material directly supports your ability to analyze real-world…
…
continue reading
1
Episode 89: Monitoring and Analyzing KPIs and KCIs
10:19
10:19
Play later
Play later
Lists
Like
Liked
10:19
Once performance and control indicators are established, continuous monitoring is essential. This episode explains how to track KPI and KCI trends, detect anomalies, and report on performance across business units. You’ll also learn how these metrics support strategic decision-making. Expect to use this material when answering questions that focus …
…
continue reading
1
Episode 88: Collaborating with Control Owners on KPIs and KCIs Identification
10:57
10:57
Play later
Play later
Lists
Like
Liked
10:57
Key Performance Indicators and Key Control Indicators help measure the health of processes and controls. In this episode, we discuss how CRISC professionals work with control owners to define metrics that reflect performance, resilience, and reliability. These indicators are often referenced in exam questions that test your ability to select approp…
…
continue reading
1
Episode 87: Monitoring and Analyzing Key Risk Indicators (KRIs)
10:04
10:04
Play later
Play later
Lists
Like
Liked
10:04
KRIs are only useful when monitored and interpreted correctly. This episode walks through how to track, evaluate, and act on risk indicator trends. You’ll also learn how to detect deviations from risk appetite and escalate appropriately. Mastering KRI interpretation is essential for Domain 3 and 4 questions that test your ability to manage emerging…
…
continue reading
1
Episode 86: Defining and Establishing Key Risk Indicators (KRIs)
10:38
10:38
Play later
Play later
Lists
Like
Liked
10:38
Key Risk Indicators help detect emerging risks before they escalate. In this episode, you’ll learn how to define KRIs that are specific, measurable, and aligned to business impact. We’ll explore how to select thresholds, determine data sources, and connect KRIs to strategic objectives. Expect to use this knowledge in CRISC exam questions that test …
…
continue reading
1
Episode 85: Validating Execution of Risk Responses Against Risk Treatment Plans
9:52
9:52
Play later
Play later
Lists
Like
Liked
9:52
Risk response without verification is a recipe for gaps. This episode teaches you how to validate that risk treatment plans have been carried out as intended. You’ll explore evidence-gathering techniques, stakeholder coordination, and response monitoring—skills needed to close the loop between risk identification and risk mitigation. This topic is …
…
continue reading
1
Episode 84: Collaborating with Control Owners: Control Implementation and Maintenance
10:17
10:17
Play later
Play later
Lists
Like
Liked
10:17
A strong design isn’t enough—controls must be implemented and sustained. This episode shows how to support control owners through implementation, ongoing operations, documentation, and updates. You'll also learn how to monitor control lifecycles and assess when adjustments are needed. This is essential for mastering questions related to control mat…
…
continue reading
1
Episode 83: Collaborating with Control Owners: Control Selection and Design
10:51
10:51
Play later
Play later
Lists
Like
Liked
10:51
Designing effective controls is a team effort. In this episode, we focus on how to work with control owners to select appropriate control types and design them to fit operational needs. You’ll learn how business context, system complexity, and risk level influence control design—an area frequently tested in Domain 3 and 4 questions involving techni…
…
continue reading
1
Episode 82: Collaborating with Risk Owners: Developing Risk Treatment Plans
11:07
11:07
Play later
Play later
Lists
Like
Liked
11:07
Risk treatment plans must reflect ownership, accountability, and alignment with the organization's overall strategy. This episode walks through how CRISC professionals collaborate with risk owners to define actions, timelines, and success metrics. You’ll learn how treatment plans transition from planning to execution—an essential skill tested in qu…
…
continue reading
1
Episode 81: Facilitating Stakeholder Selection of Recommended Risk Responses
10:47
10:47
Play later
Play later
Lists
Like
Liked
10:47
Stakeholder engagement is critical when selecting the most appropriate response to a risk. In this episode, we explore how CRISC professionals guide decision-makers through treatment options, balancing risk appetite, resource constraints, and business goals. You’ll learn how to structure these conversations and document decisions. This topic suppor…
…
continue reading
1
Episode 80: Reviewing Risk and Control Analysis for Gaps Assessment
10:51
10:51
Play later
Play later
Lists
Like
Liked
10:51
After controls and risks have been analyzed, gaps become clear. This episode focuses on reviewing results to identify missing safeguards, ineffective responses, and misalignments with business needs. You’ll learn how to translate analysis into practical insights, and how CRISC expects you to use this knowledge to recommend action or escalate issues…
…
continue reading
1
Episode 79: Identifying and Evaluating Effectiveness of Existing Controls
10:48
10:48
Play later
Play later
Lists
Like
Liked
10:48
Controls are only valuable if they work. In this episode, we explain how to identify current controls across systems and processes and how to evaluate their design and operational effectiveness. You'll also learn techniques to identify gaps, overlaps, and redundancies—skills you'll need to analyze real-world scenarios and propose improvements. This…
…
continue reading
1
Episode 78: Conducting a Comprehensive IT Risk Assessment
10:55
10:55
Play later
Play later
Lists
Like
Liked
10:55
Risk assessments must be structured, repeatable, and aligned with business needs. This episode walks through how to conduct a comprehensive assessment, including risk identification, impact analysis, likelihood estimation, and prioritization. You’ll learn how to connect all the components into a cohesive evaluation that feeds into treatment plannin…
…
continue reading
1
Episode 77: Promoting a Risk-Aware Culture through Security Awareness Training
11:55
11:55
Play later
Play later
Lists
Like
Liked
11:55
Culture shapes risk behavior. In this episode, we look at how CRISC professionals help promote a risk-aware culture by supporting training programs and awareness campaigns. You'll learn how these efforts reduce human error, improve policy compliance, and reinforce security behaviors. This topic supports both Domain 1 and 4 content and is often test…
…
continue reading
1
Episode 76: Facilitating Identification of Risk Appetite and Tolerance
9:50
9:50
Play later
Play later
Lists
Like
Liked
9:50
This episode focuses on helping stakeholders define and document risk appetite and tolerance—core elements of strategic alignment. You’ll learn how to facilitate discussions that clarify how much risk the organization is willing to accept and under what conditions. These concepts appear frequently in questions that test your ability to translate st…
…
continue reading
1
Episode 75: Establishing and Maintaining the IT Risk Register
10:07
10:07
Play later
Play later
Lists
Like
Liked
10:07
The risk register is a living document that tracks an organization’s risk exposure. In this episode, we explore how to build and maintain a complete, dynamic risk register. You’ll learn to define attributes like likelihood, impact, ownership, and treatment status—and how CRISC uses the register to tie together governance, assessment, and reporting …
…
continue reading
1
Episode 74: Establishing Accountability Through Risk and Control Ownership
10:02
10:02
Play later
Play later
Lists
Like
Liked
10:02
Without clear ownership, risk management breaks down. This episode shows you how to assign responsibility for risks and controls within the organization, ensuring accountability and follow-through. You'll learn how ownership affects governance, reporting, and response—and how ISACA expects you to spot accountability gaps in exam scenarios. This top…
…
continue reading
1
Episode 73: Evaluating Threats, Vulnerabilities, and Risks to Develop IT Risk Scenarios
9:48
9:48
Play later
Play later
Lists
Like
Liked
9:48
Risk scenarios make risks measurable and actionable. This episode explains how to build effective scenarios using threat and vulnerability information, asset dependencies, and business objectives. You’ll learn the structure of a strong risk scenario, and how CRISC expects you to apply them to risk registers and assessments. Expect to see this teste…
…
continue reading
1
Episode 72: Identifying Threats and Vulnerabilities to People, Processes, and Technology
10:05
10:05
Play later
Play later
Lists
Like
Liked
10:05
Threats and vulnerabilities are the building blocks of risk—and CRISC candidates must assess all three layers: people, processes, and technology. This episode walks through methods to identify common risk sources and how to prioritize them. You'll gain the skills to interpret threat vectors and weak points within the organization, essential for sce…
…
continue reading
1
Episode 71: Identifying Potential or Realized Impacts of IT Risk
10:40
10:40
Play later
Play later
Lists
Like
Liked
10:40
Understanding how IT risks impact business objectives is central to the CRISC exam. In this episode, we explore how to recognize both potential and actual consequences of risk events. You’ll learn to evaluate impacts across financial, operational, reputational, and compliance dimensions. This topic shows up frequently in questions that require inte…
…
continue reading
1
Episode 70: Collecting and Reviewing Organization’s Business and IT Information
10:45
10:45
Play later
Play later
Lists
Like
Liked
10:45
This supporting task is foundational: you can’t manage risk without understanding your environment. In this episode, you’ll learn how to gather and evaluate information about business processes, IT systems, and organizational context. We walk through techniques for mapping assets, identifying dependencies, and building a full picture of the risk la…
…
continue reading
1
Episode 69: Domain 4 Review: Key Takeaways and Exam Tips
10:04
10:04
Play later
Play later
Lists
Like
Liked
10:04
Domain 4 brings together technical and organizational elements of risk—this review episode ties them all together. We recap core topics including IT operations, system development, security, continuity, and privacy, and offer targeted study tips for exam success. Use this episode to clarify technical terms, strengthen connections between IT and ris…
…
continue reading
1
Episode 68: Data Privacy and Protection Principles
11:21
11:21
Play later
Play later
Lists
Like
Liked
11:21
Privacy is no longer optional—it’s a regulatory and reputational imperative. This episode explores core privacy concepts, including data subject rights, lawful processing, and protection controls. You’ll also review laws such as GDPR and how CRISC professionals incorporate privacy into risk assessments and control selection. Expect these principles…
…
continue reading
1
Episode 67: Business Continuity Management Concepts and Practices
10:53
10:53
Play later
Play later
Lists
Like
Liked
10:53
Business Continuity Management (BCM) ensures critical operations continue under adverse conditions. This episode breaks down BCM elements such as continuity planning, recovery strategies, and business impact alignment. You’ll learn how to evaluate the maturity of BCM programs and prepare for CRISC questions that test resilience across business func…
…
continue reading
1
Episode 66: Information Security Awareness Training
10:36
10:36
Play later
Play later
Lists
Like
Liked
10:36
People are often the weakest link in risk management. In this episode, we cover how security awareness training programs reduce human error and increase risk resilience. You’ll learn how CRISC professionals evaluate training effectiveness, integrate messaging with controls, and assess cultural readiness—concepts that appear often in Domain 4 scenar…
…
continue reading
1
Episode 65: Information Security Concepts, Frameworks, and Standards
10:55
10:55
Play later
Play later
Lists
Like
Liked
10:55
A solid grasp of security frameworks is essential for risk alignment. This episode introduces key information security concepts—confidentiality, integrity, availability—and reviews common frameworks like ISO 27001, NIST CSF, and COBIT. You’ll learn how to evaluate security posture using structured approaches and anticipate CRISC questions that test…
…
continue reading
1
Episode 64: Emerging Technologies and Associated Risks
12:03
12:03
Play later
Play later
Lists
Like
Liked
12:03
New technologies can bring competitive advantage—but also new risk. This episode discusses emerging trends such as cloud computing, AI, blockchain, and IoT, and how each introduces unique threats and control considerations. You’ll learn how CRISC professionals evaluate innovation through a risk lens and anticipate exam questions that challenge you …
…
continue reading
1
Episode 63: System Development Life Cycle (SDLC) Essentials
10:56
10:56
Play later
Play later
Lists
Like
Liked
10:56
CRISC candidates must understand how security and risk controls integrate with the SDLC. In this episode, we walk through the major phases of system development—planning, design, testing, deployment, and maintenance—and explore how risks emerge at each step. You’ll gain clarity on how to embed controls into projects and spot exam questions that tes…
…
continue reading
1
Episode 62: Data Lifecycle Management Principles
12:31
12:31
Play later
Play later
Lists
Like
Liked
12:31
Data carries risk throughout its entire lifecycle—from creation to deletion. This episode explains the stages of data lifecycle management, how retention and disposal policies mitigate risk, and the importance of classification. You’ll learn how to evaluate data-related controls and align them with compliance and privacy frameworks, a vital topic f…
…
continue reading
1
Episode 61: Disaster Recovery Management (DRM)
10:39
10:39
Play later
Play later
Lists
Like
Liked
10:39
Disaster Recovery Management is critical to ensuring operational continuity during and after unexpected events. This episode explores the components of a DRM strategy, including recovery time objectives (RTOs), recovery point objectives (RPOs), and alternate site arrangements. You’ll also learn how CRISC professionals evaluate recovery controls as …
…
continue reading
1
Episode 60: Project Management in the IT Environment
10:47
10:47
Play later
Play later
Lists
Like
Liked
10:47
Every IT project introduces risk—and every CRISC candidate must be prepared to assess it. This episode covers how project management methodologies like Agile and Waterfall affect risk posture, and how scope, budget, and resource decisions influence exposure. You’ll learn to identify risk at each stage of the project lifecycle and align it with ente…
…
continue reading
1
Episode 59: IT Operations: Problem and Incident Management
10:20
10:20
Play later
Play later
Lists
Like
Liked
10:20
Problem and incident management are essential components of operational resilience. This episode explains how organizations detect, document, and resolve IT issues while minimizing business impact. You’ll explore how these processes fit into the broader risk lifecycle and why CRISC professionals must evaluate their maturity and integration with con…
…
continue reading
1
Episode 58: IT Operations: Change and Asset Management
9:47
9:47
Play later
Play later
Lists
Like
Liked
9:47
Change and asset management processes are central to minimizing IT risk. In this episode, we examine how structured change control reduces service disruption, and how asset inventories support effective risk assessments. You’ll also learn how failures in these areas contribute to vulnerabilities—a critical concept for both Domain 4 understanding an…
…
continue reading
1
Episode 57: Enterprise Architecture Principles
10:13
10:13
Play later
Play later
Lists
Like
Liked
10:13
A strong enterprise architecture provides structure and clarity for risk-informed IT decisions. This episode explores the foundational components of enterprise architecture, how it aligns with business strategy, and how it supports secure, resilient design. You’ll learn how to analyze architecture from a risk perspective—important for answering CRI…
…
continue reading
