Buy the official CBK.  You'll need the references at the end of each CBK chapter as not all the answers are in the book itself.

@akkem   I did read the CBK for historical purposes only knowing that almost none of it was testable.  I have read the NIST documents on the ISC2 recommended page that I was not familiar with.  isc2.org/certifications/references   I have not taken the exam yet, but this strategy is what worked from my ISSEP and ISSMP exams.  I will admit that architecture is my weakest discipline of the 3.  Also answering from an architect's perspective is a little tougher for me.  

I just started my journey for the ISSAP study and had the same questions a few weeks back when looking for references what people used to study. Based on that research I have bought the latest edition of Shaun Harris' All-in-one CISSP Exam guide (9th edition), the ISC2 Official Study Guide for CISSP (10th edition) and 'ISSAP STUDY GUIDE 2026-2027) from Hydra Exam Prep (its on Amazon). I don't have that book yet, so not sure how good it is and how realistic the prep questions in it are but its one of the few ISSAP dedicated study resources I could find.

Personally I think you will have to side track into various supplemental materials in areas where you think you may be not so strong. Ie. be familiar with key standards and frameworks, Cryptography and architectural concepts. Personally I have worked as Security Architect with organisations world wide for more than 20 years, so I am comfortable with architecture aspects but need to focus on the GRC elements and Cryptography for instance. It will be different for you depending on your experience.

The key to almost all these types of exams is that you need to change the way you think and your point of view when answering questions. That is very tricky at the start but it really helped me in exams like CISM and CISA.