IT Governance Fundamentals

Five lessons covering the frameworks, processes, and disciplines that make IT governable at scale: choosing and applying governance frameworks, running a change management process, building and maintaining a risk register, managing third-party risk, and preparing for internal and external audits with defensible evidence.

Lessons

  1. Governance Frameworks

    COBIT, ITIL, ISO 27001 — what they are, what they're not, and how to choose.

    intermediate
  2. Change Management

    The RFC process, change advisory boards, and the discipline that prevents Friday night outages.

    intermediate
  3. Risk Assessment

    Risk registers, likelihood vs impact, and the difference between accepting risk and ignoring it.

    intermediate
  4. Third Party & Vendor Risk

    Your vendors are part of your attack surface. Govern them accordingly.

    intermediate
  5. Audit Preparation

    Evidence collection, control testing, and not being surprised by findings.

    intermediate