A security breach is not only devastating to a company’s reputation but can also be very expensive. Over the past several years, the average cost of a data breach has been well over $3.5 million. During this security awareness training we will discuss strategies to increase security, influence behavior, mitigate risk and ensure compliance. We cover critical governance requirements and security methodologies to assist organizations to protect assets, prevent downtime and increase control awareness and adoption.

The Information Technology Governances are plentiful: Payment Card Industry Data Security Standard (PCI), Health Insurance Portability and Accountability Act (HIPAA), Cybersecurity Maturity Model Certification (CMMC), Health Information Trust Alliance Common Security Framework (HITRUST), Sarbanes Oxley, SSAE18 SOC2 for 3rd party service providers… the list goes on and on. During this course, we discuss NIST (National Institute of Standards and Technology) controls and how a single framework can be implemented to help ensure compliance with all corresponding governances.

Course Key Concepts: Compliance, Security, Cybersecurity, NIST, PCI, HIPAA, SOC2, CMMC, IT.

Learning Objectives
  • Explore Information Technology Governances.
  • Identify Commonalities amongst various Information Technology Governances.
  • Discover how the NIST Cybersecurity Framework can be implemented to meet all your organizations’ IT governance requirements.
Last updated/reviewed: August 21, 2023

Included In Certifications

This course is included in the following Certification Programs:

10 CoursesInformation Technology Auditor Certification

  1. Understanding Information Technology Governance and the Application of NIST
  2. Performing a Security Risk Assessment
  3. Auditing Data Security IT Computer Controls
  4. Auditing Third Party Service Providers and Cloud Environments
  5. Auditing Automated Business and Financial Transaction Processes
  6. Auditing Logical Security and Logical Access Controls
  7. Auditing Change Management
  8. Auditing the Network
  9. The Importance of Incident Response, Disaster Recovery and Business Continuity Planning
  10. Information Technology Audit Summary
9 Reviews (28 ratings)


Member's Profile
this was especially helpful because I coordinate SOC II Type II testing for my Co., and one of my peers coordinates HITRUST. I enjoyed learning more about NIST and how many of the controls map. We are hoping to do something similar in our Co. to make the testing more efficient.

Anonymous Author
good overview of each of the security frameworks and a comparison of the similarities. good foundational course to take deeper content learning. practical examples and graphics.

Anonymous Author
This course expanded my knowledge regarding IT terms and governance. The Excel spreadsheet comparisons between IT governance documents was helpful.

Member's Profile
Great course. I like the presenter and I thought test was on point. I wish class reference guide was more thorough

Anonymous Author
This was a useful refresher on the different frameworks and standards used for cybersecurity posture and compliance.

Anonymous Author
This is more of a refresher course for me. Nothing surprised me. This will be most useful to performance auditors.

Member's Profile
Side by side comparison of the different standards and requirements was helpful to see. Recommend the course.

Anonymous Author
I enjoyed this course. It was surprising to learn of the views of compliance from outside of the government.

Anonymous Author
Exceptional course in applying the NIST framework for compliance in multiple areas.

Course Complexity: Foundational

No advanced preparation or prerequisites are required for this course.

Education Provider Information
Company: Illumeo, Inc., 75 East Santa Clara St., Suite 1215, San Jose, CA 95113
Contact: For more information regarding this course, including complaint and cancellation policies, please contact our offices at (408) 400- 3993 or send an e-mail to .
Instructor for this course
Course Syllabus
  Introduction to Understanding Information Technology Governance and the Application of NIST2:58
  Exploring Information Technology Governances15:46
  Exploring Information Technology Governances Cont'd11:02
  Commonalities Amongst Various IT Governances-Part 112:18
  Commonalities Amongst Various IT Governances-Part 210:16
  Commonalities Amongst Various IT Governances-Part 316:04
  NIST and IT Governance Requirements15:30
  Understanding Information Technology Governance and the Application of NIST1:23:53
  Slides: Understanding Information Technology Governance and the Application of NISTPDF
  Understanding Information Technology Governance and the Application of NIST Glossary/ IndexPDF