I'm currently looking at the items on the CGRC Supplemental Reference list provided by (ISC)², and observed that SP800-160 Vol 1 has been replaced by SP 800-160 Vol. 1 Rev. 1, "Engineering Trustworthy Secure Systems"

I also noticed that none of the "Supplemental Reference" items are (ISC)²'s own property, so I don't feel bad to add some things which seem conspicuously absent -- now that I've been doing a fairly deep dive into CGRC study:

• NIST FIPS 200, "Minimum Security Requirements for Federal Information and Information Systems" (SELECT step)
• SP 800-53A Rev. 5: "Assessing Security and Privacy Controls in Information Systems and Organizations" (ASSESS and MONITOR steps)
• NIST SP 800-100, "Information Security Handbook: A Guide for Managers) (MONITOR step)

The absence of SP 800-53A from the Supplemental Reference was a surprise to see.  Any chance it was intentionally removed?