COSO ERM Explained for CISOs | Enterprise Risk Management for Cyber Leaders (AICPA Review) S1E12 Titelbild

COSO ERM Explained for CISOs | Enterprise Risk Management for Cyber Leaders (AICPA Review) S1E12

COSO ERM Explained for CISOs | Enterprise Risk Management for Cyber Leaders (AICPA Review) S1E12

Jetzt kostenlos hören, ohne Abo

Details anzeigen

Über diesen Titel

In this Cert Corner episode, Omar Sangurima reviews the COSO Enterprise Risk Management (ERM) certificate offered through the AICPA. As cybersecurity professionals increasingly present to boards and executive leadership, understanding enterprise risk becomes critical. Omar shares his candid experience with the course structure, exam difficulty, cost, and practical value — and reflects on how ERM reframes risk as part of business strategy and performance. Alyson Laderman adds insight into how certification exams are built and why question clarity matters. A practical conversation for CISOs, aspiring CISOs, and cyber leaders looking to bridge the business-risk gap. CHAPTERS:

00:00 – Welcome to Cert Corner

00:37 – Why COSO ERM?

02:55 – Don’t trust — verify: AI research and due diligence

04:27 – Cyber risk vs. enterprise risk language

05:39 – Are murky exam questions intentional?

06:01 – How certification exams are made (behind the scenes)

12:21 – Who should take COSO ERM?

15:30 – Exam cost breakdown (member vs. non-member)

18:35 – Course structure and prep time

20:53 – Final exam format (open book, timed)

21:50 – COSO ERM framework overview (5 domains, 20 principles)

24:09 – Section exams vs. final exam experience

28:54 – COSO vs. COBIT comparison

29:47 – Certificate vs. certification (CPE requirements)

31:19 – Translating cyber into business language

33:20 – Measuring ROI over time

35:29 – Lessons learned (and don’t cram during a snowstorm)

📌 About COSO ERM

The COSO Enterprise Risk Management framework integrates risk management into strategy and performance. Unlike cyber-focused frameworks (e.g., COBIT), ERM emphasizes enterprise-wide governance, business objectives, and organizational performance.

🎙 About The Cyber Mettle Podcast

Where law, business, and cybersecurity intersect. Practical conversations for professionals navigating risk, governance, leadership, and resilience.

#CyberMettle #COSO #EnterpriseRiskManagement #ERM #CISO #CyberLeadership #BoardReporting #RiskManagement #Governance #CyberStrategy #AICPA #CertCorner
Noch keine Rezensionen vorhanden