
Most organizations have governance, but few actually govern.
Policies exist. Frameworks are documented. Audits are completed. But the system on paper and the system in practice are rarely the same, and that gap is where risk lives, where accountability dissolves, and where good intentions quietly fail.
David Nichols and Rick Lemieux of the DVMS Institute argue that real governance is not a compliance exercise: it is the ongoing work of aligning organizational capabilities with stated intent and verifying that the alignment holds.
Drawing on the DVMS Governance, Resilience, Assurance, and Accountability model, this book provides executives, risk professionals, and operational leaders with a shared language and a practical method to turn governance from a paper artifact into a living system.
For organizations tired of finding that their controls looked better on the last audit than they performed during the last incident, this book is the place to start.

The Fundamentals of Adopting the NIST Cybersecurity Framework is the first book from the Institute’s Digital Value Management System® series. It takes business leaders and stakeholders on a journey into a world where the ever-changing cyber threat landscape intersects with digital business risk, and where the NIST Cybersecurity Framework helps organizations build the capabilities to Govern, Identify, Protect, Detect, Respond, and Recover from a cyberattack.
The publication also introduces the reader to the concept of a Digital Value Management System® (DVMS), a Governance by Assurance™ Overlay System that continuously transforms fragmented operational data into trusted, audit-ready evidence, enabling leaders to provide continuous assurance that the business is fulfilling its strategic and operational intent for creating, protecting, and delivering trusted, resilient, and accountable digital value.

Organizations today are composed of interconnected technologies, cloud services, data pipelines, software platforms, frameworks, governance domains, and workflow processes, all operating alongside human and AI actors. In this environment, risk no longer resides within isolated components; it emerges at the boundaries where systems, dependencies, and decisions interact.
A Practitioner’s Guide to Building Operational Cyber-resilience is a body of knowledge publication that teaches ITSM, GRC, Cybersecurity, Audit, and Business Practitioners how to design, implement, and operationalize a Governance by Assurance™ Overlay System that continuously transforms fragmented operational data into trusted, audit-ready evidence, enabling leaders to provide continuous assurance that the business is fulfilling its strategic and operational intent for creating, protecting, and delivering trusted, resilient, and accountable digital value.

Thriving on the Edge of Chaos is a must-read for leaders, regardless of organizational size or sector, who seek to master navigating volatility, uncertainty, complexity, and ambiguity (VUCA) in a digital ecosystem. This book transcends technical disciplines, offering a universal approach for fostering adaptability, driving innovation, and building resilience in a rapidly changing digital ecosystem.
At its heart, the book highlights the critical role of organizational culture as the “glue” that binds strategy, leadership, and execution, ensuring sustainable performance, resilience, accountability, and audit readiness across complex digital ecosystems. Through actionable insights and real-world examples, it equips leaders with the knowledge to embrace complexity, harness disruption, and confidently manage a digital world that demands constant reinvention.
Rather than offering a rigid framework, Thriving on the Edge of Chaos introduces an adaptable overlay, the Digital Value Management System®, a governance system that assures digital business performance, resilience, accountability, and audit readiness through evidence-driven governance.
For the CEO, the DVMS establishes a clear line of sight between digital operations, business performance, and strategic outcomes, transforming operational risks from a cost center to a driver of growth and innovation.
For the Board of Directors, the DVMS provides real-time audit-ready assurance that the organization’s digital assets, operations, and ecosystem are governed, protected, and resilient, supported by evidence-based assurance that links operational integrity to value, trust, and accountability.
For the CIO, CRO, and CISO, the DVMS establishes a common source of verifiable truth. It also enables executives, risk leaders, and assurance professionals to make better decisions, strengthen accountability, and sustain confidence in organizational performance across complex digital ecosystems.
| Cookie | Duration | Description |
|---|---|---|
| cookielawinfo-checkbox-analytics | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics". |
| cookielawinfo-checkbox-functional | 11 months | The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional". |
| cookielawinfo-checkbox-necessary | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary". |
| cookielawinfo-checkbox-others | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other. |
| cookielawinfo-checkbox-performance | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance". |
| viewed_cookie_policy | 11 months | The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data. |