CISSP Domain1 Section 11 and 12

1.11 Apply supply chain risk management (SCRM) concepts1.11.1 Risks associated with the acquisition of products and services from suppliers and providers1.11.2 Risk mitigations 1.12 Establish and maintain a security awareness, education, and Training program1.12.1 Methods & techniques to increase awareness and training 1.12.2 Periodic content reviews to include emerging technologies and trends1.12.3 Program effectiveness evaluation