IT Governance Fundamentals
Five lessons covering the frameworks, processes, and disciplines that make IT governable at scale: choosing and applying governance frameworks, running a change management process, building and maintaining a risk register, managing third-party risk, and preparing for internal and external audits with defensible evidence.
Lessons
- intermediate
Governance Frameworks
COBIT, ITIL, ISO 27001 — what they are, what they're not, and how to choose.
- intermediate
Change Management
The RFC process, change advisory boards, and the discipline that prevents Friday night outages.
- intermediate
Risk Assessment
Risk registers, likelihood vs impact, and the difference between accepting risk and ignoring it.
- intermediate
Third Party & Vendor Risk
Your vendors are part of your attack surface. Govern them accordingly.
- intermediate
Audit Preparation
Evidence collection, control testing, and not being surprised by findings.