Marius Russo-Got Digital Infrastructure • Cybersecurity • Architecture
Institutional governance for technology and security • policy → oversight → assurance

Governance, Risk & Compliance

End‑to‑end expertise across the full lifecycle of critical systems — from pre‑sales & bidding to architecture, delivery, service transition and operations — ensuring coherence, security and governance from strategy to run.

What I do

Consulting tailored to international organisations: clear target states, structured execution, and assurance-grade outcomes.

IT & data governance

Design governance operating models that align decision rights, accountability, service ownership and architecture/security oversight.

Decision RightsOperating ModelAccountability

Risk management

Establish risk frameworks and registers that work in practice—linking threats, controls, owners and mitigation plans.

Risk RegisterControlsMitigation

Policies & standards

Create enforceable policies and standards for cloud, security, data, service management and supplier governance.

PolicyStandardsEnforcement

Portfolio governance

Strengthen programme/portfolio governance: stage gates, benefits tracking, KPI dashboards and steering mechanisms.

Stage GatesBenefitsSteerCo

Supplier & contract assurance

Define assurance requirements for suppliers: SLAs, security clauses, evidence packs and governance routines.

Supplier AssuranceSLAsEvidence Packs

Audit & compliance readiness

Prepare organisations for audits and reviews: evidence management, controls testing, reporting and corrective actions.

Audit ReadinessControls TestingCorrective Actions

Typical deliverables

Outputs designed to stand up to boards, auditors and security authorities — suitable for procurement, governance and execution.

Governance Operating Model

Roles & responsibilities, decision forums, policies, review cadences and escalation paths.

RACIBoardsEscalation

GRC Toolkit

Risk register templates, control baselines, compliance mapping and reporting dashboards.

GRCRiskDashboards

Supplier Assurance Pack

Contractual controls, SLAs, assurance checklists, and recurring governance routines with vendors.

Supplier ControlsSLAsGovernance Routines

Contact

For advisory, architecture authority, cybersecurity governance, or programme delivery in international/high-trust environments.

Engagement model

Short advisory calls, assessment sprints, architecture authority, delivery leadership, or embedded support across the lifecycle.

Advisory Architecture Security assurance Delivery Operations continuity

Quick intro (copy/paste)

“Hello Marius, we are planning a mission‑critical initiative in a regulated environment. Could we schedule a short call to align on scope, constraints and delivery approach?”