This is one of the lengthiest and a relatively important domain in CISSP. People working in technical roles find this domain difficult as it is more business-focused and relates to wide concepts in Risk Management, as well as setting up an Information Security and Governance Framework. For your information, the CISSP Exam weightings are below.
To say it's a challenge studying for the coveted and respected ISC2's CISSP when you are in your full time job and have family commitments is an understatement. I have gone through this journey of preparing for CISSP alongside a full time job with one of the Big 4 firms. It's not easy and I wanted to share the approach I pursued that helped me clear my CISSP exam successfully.
In the current business scenario, virtually every ERP application is vulnerable to unauthorised access, financial fraud, sabotage or espionage (leakage of industry secrets) from cyber-attacks targeting these business-critical enterprise systems.
In 2015, ISC2 (the official CISSP certification body) revised the CISSP official book from an earlier Third Edition to a new FOURTH Edition book with some changes.
There are many articles already published on the Internet on this topic. As this is of interest to you, I will quickly share a few success mantras that I followed to help me pass my CISSP exam.