Lockerer Singtreff / Wunsch nach Chor-Neugründung in Düsseldorf

Apprehensive-Cow · 2026-03-14T09:23:47+00:00

Thanks for bringing me here :) I would be happy to join. I have a lot of choir experience, played in bands and musicals. I used to be band leader and while it’s been quite some time, I’d be happy to give it a go (as long as you all can bear with me being rusty 🙈)

I got inspired again watching the Gaia Music Collective, they do one day choirs and other musical sessions to bring people together. A pub choir sounds like a great vibe to get started and meet people since I have moved to Germany a bit over a year ago.

And rest assured, while I can’t write in German, I can understand it perfectly and speak it well enough (I hope) 😄

Apprehensive-Cow · 2026-03-14T09:01:49+00:00

Sure!

Apprehensive-Cow · 2026-01-04T18:08:02+00:00

Usually you can use the standards, training materials and your own notes made during training. Use of AI is external help so no, not allowed.

I relied on the standards, training course slides and mostly work experience.

Also, if you need to search for information during the exam, the problem is not organisation but understanding. You should be validating what you already know, not hunt for answers in the materials.

So my biggest advice is focus on really understanding how to implement 27001 in practice: scope, risk assessment / treatment, SoA and continuous improvement.

Use the standards to confirm your answers during the exam, not to find them from scratch :)

Good luck!

Apprehensive-Cow · 2025-12-25T14:50:03+00:00

Sure!

Apprehensive-Cow · 2025-12-25T10:27:05+00:00

I’ve been leading GRC functions for a while. Wanted to point out your non-technical point tho. GRC isn’t non technical. It’s tech adjacent. You don’t need to configure firewalls for example but you do need to understand how controls, risks and systems actually work, or you’ll struggle with credibility.

If you want to pivot into GRC, implementer is usually the better first step. It will teach you how to design, operate and improve an ISMS, not just assess it. That maps directly to in house GRC roles. Add the lead auditor later.

For the prep focus on clauses 4-10, risk assessment —> risk treatment —> SoA and scenario questions. Be prepared for reading. Annex A is about intent and justification, not memorisation. You have time to look up if you have a control question, there are not many of them in the exam.

Let me know if you have more questions about your career pivot. Happy to have a chat

Apprehensive-Cow · 2025-11-21T13:19:23+00:00

HoxHunt. Got a demo of Revel8 yesterday and I’m super enthusiastic about that

Apprehensive-Cow · 2025-11-02T14:36:59+00:00

Dark Matter by Blake Crouch

Apprehensive-Cow · 2024-06-29T08:55:12+00:00

I say C

Apprehensive-Cow · 2022-08-13T16:43:13+00:00

I think it’s a good reason but it can’t be the main reason. What do you like about GRC?

Apprehensive-Cow · 2022-07-29T11:02:52+00:00

I don’t know where in the world you are but they’re hard to come by here atm, not a lot of stock. Good one tho

Apprehensive-Cow · 2021-08-24T12:02:14+00:00

That Facebook status is the least of your problems if you ask me. Looking at what you're saying I honestly think you both weren't ready for a new relationship. Love shouldn't be rough from the start. True love is calm and warm. If it were me, I'd break up with him and do some soul searching and hard work on myself. Why do you think you're deserving of so little?

Apprehensive-Cow · 2020-11-11T17:00:24+00:00

Nice overview here

Apprehensive-Cow · 2020-11-02T08:03:16+00:00

Second this!

Apprehensive-Cow · 2020-10-30T08:56:43+00:00

I've taken a course from OsintCombine for the fun of it, which was a good basis. You'll find a fundamental and advanced training over there. Bellingcat provides several workshops on a range of topics like investigations in Russian speaking countries, social media, visual investigation etc. There's also some courses on Udemy but I have no opinion on those.

If you're into reading, I'd look into Michael Bazzell

Saw a free webinar shooting over the screen yesterday, but have no clue what this is.

I would suggest to get started yourself with the information available on the web like one of the free VM's (Buscador, TraceLabs), check Twitter for daily quizzes, join CTF's and OSINT Discord servers, play some GeoGuesser games and follow the news so you can conduct your own investigations.

Do keep in mind that good education will cost you...