Don't remember anything specific coming out of DoD or counter intel regs but in a prior life I did live in that world.
When the exam candidate has loads of training and experience in something, that’s really kind of the ideal target demographic for these certifications. Knowledge you’ve accumulated over time is also hard to attribute to an original source. It feels more like a natural thought or action than something that was learned from a book or on the job.
I can honestly say that I didn’t study at all for the ISSEP. I when I sat for the exam, I worked daily %50 in a Delegated Accrediting Agent Engineer and %50 as a Theater-level fly away team Cyber-CI incident responder. There wasn’t much in the way of study guides at the time, and it was quite difficult to get an idea of what was actually covered on the exam. So, I just scheduled it and passed on the first go. I’m pretty sure I was the first ISSEP holder in my state.
My comments come from getting a face full of the references from unlikely sources. For example, working procurement fraud cases involving non-conforming and counterfeit products I basically got a crash course on the procurement regs. And as I read into the procurement and supply chain guidance and regs, I would get to particular topics and sections and would be like, “Oh… so that’s where they got that CBK objective from.”
So, take that with a grain of salt.
It's more about security controls at a greater depth within the domain covered than architecture in SABSA or ToGAF sense. The textbook may not cover the material in enough depth, so you'll need to have followed up on some of the references at the end of each chapter. I'd consider it along side looking at SABSA, ToGAF and Zachman or CSSK/CCSP or AWS cert if you're looking into architecture in a more general sense.