https://cgrc.baremetalcyber.com/ 2026-04-22T02:47:47Z 1.0 https://cgrc.baremetalcyber.com/episodes 2026-04-22T02:47:47Z 0.8 https://cgrc.baremetalcyber.com/recommended 2026-04-22T02:47:47Z 0.8 https://cgrc.baremetalcyber.com/baremetalcyber 2026-04-22T02:47:47Z 0.8 https://cgrc.baremetalcyber.com/contact-us 2026-04-22T02:47:47Z 0.8 https://cgrc.baremetalcyber.com/course-hub 2026-04-22T02:47:47Z 0.8 https://cgrc.baremetalcyber.com/study-guide 2026-04-22T02:47:47Z 0.8 https://cgrc.baremetalcyber.com/flash-cards 2026-04-22T02:47:47Z 0.8 https://cgrc.baremetalcyber.com/subscribe 2026-04-22T02:47:47Z 0.8 https://cgrc.baremetalcyber.com/episodes/welcome-to-certified-the-isc-2-cgrc-audio-course 2026-03-28T18:33:01Z 0.9 https://cgrc.baremetalcyber.com/episodes/episode-1-official-isc2-cgrc-exam-outline-june-15-2024-format-scoring-policies 2026-03-28T18:33:21Z 0.9 https://cgrc.baremetalcyber.com/episodes/episode-2-spoken-audio-only-study-plan-for-cgrc-timeboxing-sequencing-and-retention 2026-03-28T18:33:38Z 0.9 https://cgrc.baremetalcyber.com/episodes/episode-3-exam-day-tactics-for-cgrc-mental-models-pacing-and-elimination-strategy 2026-03-28T18:33:57Z 0.9 https://cgrc.baremetalcyber.com/episodes/episode-4-master-governance-risk-management-and-compliance-principles-for-security-programs 2026-03-28T18:34:12Z 0.9 https://cgrc.baremetalcyber.com/episodes/episode-5-align-security-and-privacy-governance-with-organizational-objectives-and-integrity 2026-03-28T18:34:32Z 0.9 https://cgrc.baremetalcyber.com/episodes/episode-6-compare-risk-frameworks-using-nist-cobit-and-iso-iec-without-confusion 2026-03-28T18:34:48Z 0.9 https://cgrc.baremetalcyber.com/episodes/episode-7-operationalize-compliance-frameworks-using-standards-guidelines-and-mandates 2026-03-28T18:35:02Z 0.9 https://cgrc.baremetalcyber.com/episodes/episode-8-walk-the-sdlc-with-security-and-privacy-integrated-at-every-stage 2026-03-28T18:35:17Z 0.9 https://cgrc.baremetalcyber.com/episodes/episode-9-translate-requirements-gathering-into-security-and-privacy-controls-that-stick 2026-03-28T18:35:33Z 0.9 https://cgrc.baremetalcyber.com/episodes/episode-10-track-information-lifecycles-retention-disposal-destruction-and-data-flow 2026-03-28T18:35:48Z 0.9 https://cgrc.baremetalcyber.com/episodes/episode-11-apply-marking-and-handling-rules-to-each-data-type-end-to-end 2026-03-28T18:36:06Z 0.9 https://cgrc.baremetalcyber.com/episodes/episode-12-balance-confidentiality-integrity-availability-non-repudiation-and-privacy-tradeoffs 2026-03-28T18:36:24Z 0.9 https://cgrc.baremetalcyber.com/episodes/episode-13-define-system-assets-and-boundaries-to-prevent-hidden-scope-and-risk 2026-03-28T18:36:39Z 0.9 https://cgrc.baremetalcyber.com/episodes/episode-14-understand-security-and-privacy-control-categories-and-requirement-drivers 2026-03-28T18:37:20Z 0.9 https://cgrc.baremetalcyber.com/episodes/episode-15-assign-roles-and-responsibilities-for-compliance-activities-with-clear-ownership 2026-03-28T18:37:40Z 0.9 https://cgrc.baremetalcyber.com/episodes/episode-16-establish-a-compliance-program-for-the-applicable-framework-from-scratch 2026-03-28T18:37:55Z 0.9 https://cgrc.baremetalcyber.com/episodes/episode-17-interpret-iso-iec-fedramp-pci-dss-and-cmmc-without-overreach 2026-03-28T18:38:12Z 0.9 https://cgrc.baremetalcyber.com/episodes/episode-18-navigate-fisma-hipaa-executive-orders-and-gdpr-security-privacy-expectations 2026-03-28T18:38:29Z 0.9 https://cgrc.baremetalcyber.com/episodes/episode-19-describe-the-system-precisely-name-scope-purpose-and-functionality 2026-03-28T18:38:44Z 0.9 https://cgrc.baremetalcyber.com/episodes/episode-20-document-system-scope-so-interconnections-and-dependencies-don-t-surprise-you 2026-03-28T18:39:01Z 0.9 https://cgrc.baremetalcyber.com/episodes/episode-21-identify-information-types-processed-stored-and-transmitted-with-confidence 2026-03-28T18:39:21Z 0.9 https://cgrc.baremetalcyber.com/episodes/episode-22-define-security-objectives-per-information-type-using-fips-and-iso-iec-logic 2026-03-28T18:39:41Z 0.9 https://cgrc.baremetalcyber.com/episodes/episode-23-incorporate-privacy-compliance-requirements-into-security-objectives-without-mixing-terms 2026-03-28T18:39:57Z 0.9 https://cgrc.baremetalcyber.com/episodes/episode-24-determine-system-risk-impact-level-using-the-selected-framework-s-rules 2026-03-28T18:40:12Z 0.9 https://cgrc.baremetalcyber.com/episodes/episode-25-identify-baseline-controls-and-explain-why-they-exist-in-the-framework 2026-03-28T18:40:31Z 0.9 https://cgrc.baremetalcyber.com/episodes/episode-26-document-inherited-controls-clearly-across-shared-services-and-common-environments 2026-03-28T18:40:47Z 0.9 https://cgrc.baremetalcyber.com/episodes/episode-27-determine-applicability-of-baseline-and-inherited-controls-without-double-counting 2026-03-28T18:41:07Z 0.9 https://cgrc.baremetalcyber.com/episodes/episode-28-tailor-controls-to-system-context-while-preserving-framework-intent-and-traceability 2026-03-28T18:41:21Z 0.9 https://cgrc.baremetalcyber.com/episodes/episode-29-select-control-enhancements-using-overlays-security-practices-and-mitigating-controls 2026-03-28T18:41:47Z 0.9 https://cgrc.baremetalcyber.com/episodes/episode-30-identify-data-handling-and-marking-requirements-that-drive-control-choices 2026-03-28T18:42:04Z 0.9 https://cgrc.baremetalcyber.com/episodes/episode-31-write-control-selection-documentation-that-is-testable-defensible-and-complete 2026-03-28T18:42:21Z 0.9 https://cgrc.baremetalcyber.com/episodes/episode-32-design-continued-compliance-strategy-using-continuous-monitoring-and-vulnerability-management 2026-03-28T18:42:37Z 0.9 https://cgrc.baremetalcyber.com/episodes/episode-33-allocate-controls-across-owners-and-secure-stakeholder-agreement-without-gaps 2026-03-28T18:42:52Z 0.9 https://cgrc.baremetalcyber.com/episodes/episode-34-design-an-implementation-strategy-resourcing-funding-timeline-and-effectiveness-measures 2026-03-28T18:43:33Z 0.9 https://cgrc.baremetalcyber.com/episodes/episode-35-align-control-implementation-with-organizational-expectations-and-compliance-requirements 2026-03-28T18:44:02Z 0.9 https://cgrc.baremetalcyber.com/episodes/episode-36-identify-control-types-management-technical-common-and-operational-controls 2026-03-28T18:44:20Z 0.9 https://cgrc.baremetalcyber.com/episodes/episode-37-set-frequency-for-documentation-reviews-and-training-that-meets-requirements 2026-03-28T18:44:36Z 0.9 https://cgrc.baremetalcyber.com/episodes/episode-38-implement-selected-controls-consistently-with-the-chosen-compliance-baseline 2026-03-28T18:45:53Z 0.9 https://cgrc.baremetalcyber.com/episodes/episode-39-implement-compensating-and-alternate-controls-without-breaking-compliance-intent 2026-03-28T18:46:06Z 0.9 https://cgrc.baremetalcyber.com/episodes/episode-40-prepare-for-an-assessment-or-audit-by-defining-roles-and-responsibilities-early 2026-03-28T18:46:22Z 0.9 https://cgrc.baremetalcyber.com/episodes/episode-41-set-assessment-objectives-scope-resources-schedule-deliverables-and-logistics 2026-03-28T18:46:37Z 0.9 https://cgrc.baremetalcyber.com/episodes/episode-42-scope-assets-methods-and-level-of-effort-so-the-assessment-is-realistic 2026-03-28T18:46:50Z 0.9 https://cgrc.baremetalcyber.com/episodes/episode-43-assemble-evidence-prior-audits-system-documentation-policies-and-procedures 2026-03-28T18:47:05Z 0.9 https://cgrc.baremetalcyber.com/episodes/episode-44-finalize-an-assessment-plan-that-matches-requirements-and-stakeholder-needs 2026-03-28T18:47:56Z 0.9 https://cgrc.baremetalcyber.com/episodes/episode-45-conduct-assessments-using-interview-examine-and-test-with-clear-rigor 2026-03-28T18:47:41Z 0.9 https://cgrc.baremetalcyber.com/episodes/episode-46-use-penetration-testing-control-testing-and-vulnerability-scanning-appropriately 2026-03-28T18:48:10Z 0.9 https://cgrc.baremetalcyber.com/episodes/episode-47-verify-and-validate-evidence-so-findings-are-defensible-and-repeatable 2026-03-28T18:48:24Z 0.9 https://cgrc.baremetalcyber.com/episodes/episode-48-produce-the-initial-assessment-report-with-risks-summaries-and-findings 2026-03-28T18:48:38Z 0.9 https://cgrc.baremetalcyber.com/episodes/episode-49-assign-risk-responses-avoid-accept-share-mitigate-or-transfer-correctly 2026-03-28T18:48:55Z 0.9 https://cgrc.baremetalcyber.com/episodes/episode-50-collaborate-risk-response-actions-with-stakeholders-without-losing-accountability 2026-03-28T18:49:17Z 0.9 https://cgrc.baremetalcyber.com/episodes/episode-51-reassess-corrective-actions-and-validate-noncompliant-findings-are-truly-fixed 2026-03-28T18:49:36Z 0.9 https://cgrc.baremetalcyber.com/episodes/episode-52-develop-the-final-assessment-report-with-status-recommendations-and-closure 2026-03-28T18:49:55Z 0.9 https://cgrc.baremetalcyber.com/episodes/episode-53-build-a-risk-response-plan-around-residual-risk-priority-and-resources 2026-03-28T18:50:11Z 0.9