Excellent material! So informative…! I must follow you in other social media’s to see what other lessons and advices. Thank you so much for your time and effort on the preparation of this webinar.

Thanks a lot ma’am 🎉 Coming from the 3 days training

Starting my learning journey in the GRC space without any background in Cybersecurity. This is the second video I am watching on GRC and I must say you explained this framework in a way that is easy to understand. Thank you

You are an Amazing Educator and Trainor. I really enjoyed watched your IT/Cybersecurity and CSF Tutorial videos. They are so perfect and easily digestible. Wish to watch your complete Tutorial video about IT Audit Fundamentals course.

peju honestly your the best I like the way you break down the frameworks and give confidence to people listening to you. thank you

Great presentation Peju, I am currently scoping a Framework for a large project, so your presentation was very informative. Keep up the good work 👍🏾😉

what a clear and concise presentation!

I love your commitment to share this content! Keep it up Peju! Great content, great sharing!

She's awesome ❤

how can I get hands on IT Audit before joining to a job as they are asking about the hands on

Great delivery . More of your great works.

Extremely informative and very helpful!

Thanks for the video. So I have a very important question. With NIST CSF, without a community profile, how can you really determine the controls needed for your Target profile??? Or should organizations always look for a community profile to use as baseline? For example, with NIST RMF, I know that I would categorize the system, and based on the High Water mark, I will select my control baseline from 800-53, then tailor if need be. But atleast the categorize process would help me to know the controls or baseline or Target that applies. Moreover, with CIS baselines, I can decide that, perhaps, I want to select IG1, IG2, or IG3, depending on my cyber maturity, and Im confident about which controls those come with. Another example....with NIST 800-171 for instance, which pretty much is prescriptive, I know with Level 2, I have 110 controls to adhere to, so any gap analysis I would perform would be against that. However with NIST CSF, Im still not absolutely sure how we arrive at what the Target Proile is supposed to be. Or are you saying the security personnel can randomly pick what controls they think suit the organization?? I hope you understand my ask.

Nice one again. Time to time post IT class as well. Too many NIST CSF 2.0 out there. Missing IT Audit session out there that last for 60 minutes and so. Thanks

Great content and delivery! Thanks so much. Will have no choice but to subscribe to your channel. You're a great tutor!❤

Brilliant Delivery

Thank you peju

Thank you

Do you have a completed example risk assessment for a (updated on 10/11 for clarity) fictional customer you can share?

Can you share this ppt?

Grc