CISSP Study Plan – Day 8 of 55 | Compliance and Security Frameworks
- Luke Ahmed
- Sep 16
- 3 min read
Updated: Sep 18
"Concepts over facts!
– Luke Ahmed
Today is Day 8 of Yihenew’s CISSP study plan, continuing with Security and Risk Management, this time focusing on compliance and how frameworks shape security decisions.
Key Areas Covered:
What Compliance Means — aligning security practices with external regulations, standards, and internal policies
Major Frameworks — ISO 27001, NIST Cybersecurity Framework, PCI DSS, HIPAA, GDPR, SOX
Why Compliance Matters — beyond avoiding fines, compliance builds customer trust and ensures business continuity
Audits & Assessments — evidence-based evaluations of whether controls meet regulatory and industry requirements
CISSP Exam Tie-In — compliance questions often test whether you can connect governance concepts with operational security controls
In this CISSP study plan session, Yihenew highlighted that the exam doesn’t test your ability to memorize every law or framework. Instead, it tests whether you understand the concepts behind compliance—risk management, accountability, and alignment with organizational goals.
Quick CISSP Practice Question
Which of the following is the primary purpose of compliance frameworks like ISO 27001 or NIST CSF?
A. To define detailed technical configurations
B. To ensure legal penalties are avoided
C. To align organizational security with governance and risk management
D. To replace security policies and procedures
✅ Correct Answer: C. To align organizational security with governance and risk management
Explanation: Compliance frameworks don’t dictate every technical detail; they provide structure to ensure an organization’s security program aligns with governance and risk objectives. Avoiding penalties is a byproduct, not the main goal.
Follow his full journey on TikTok or check out Day 9.
👉 Can you take the Yani Challenge?
55 days of consistent CISSP prep, tackling one domain at a time, using only the resources below:
Course
Luke's CISSP Course (2 months access, $89.98)
One-to-one Zoom sessions with Luke Ahmed (2 weeks before exam)
Books, Notes, and Practice Questions
All-In-One Study Guide by Shon Harris (Around $45)
Sybex 10th Edition (Around $52.55)
Total Cost: approxiamately $250 depending on your geographic location. Yani is located in East Africa.
📚 Study Plan (55 Days of Dedication):
- Weekdays: 2–3 hours of focused study—late nights and early mornings (5 AM).
- Weekends: 5–6 hours of deep study sessions.
Pass CISSP in first attempt within 100 questions.
Yani's biggest expense was his time, committment, consistency, and dedication! It was worth it because he passed first attempt in 100 questions using the above resources only.
If Yihenew could do it, so can you.
All the best Future CISSP. You can feel free to contact me anytime as well.
Thank you. Luke Ahmed
