Knowledge Base

Knowledge That Makes IT Delivery Better

Practical guides, framework comparisons, and assessment methodologies — written by experienced IT delivery consultants for IT leaders and delivery managers.

Cybersecurity

Cyber Resilience Act: The 24-Hour Reporting Duty From September 2026 — an SDLC Roadmap

From 11 September 2026 the CRA reporting duties bite: 24h early warning, 72h notification, 14-day final report to ENISA. The SDLC roadmap for delivery organisations — and how CRA fits alongside NIS2 and DORA.

May 30, 202612 min

DevOps

Rework Rate: The 5th DORA Metric That Exposes AI-Generated Instability

DORA has officially extended its 4-metric canon: Deployment Rework Rate. What it measures, how it exposes AI-generated code instability, and why only 7% of teams stay below 2%.

May 25, 202611 min

IT Management

Agentic AI: Why 40% of Projects Fail — and How to Beat the Odds

Gartner expects over 40% of agentic AI projects canceled by 2027, McKinsey 5.8x ROI with process redesign plus governance. The data-driven counter-plan.

May 18, 202613 min

IT Governance

Cost of Delivery: Why FinOps Is Now Your Concern Too

FinOps as a delivery governance discipline: cost of delivery, unit economics, AI cost control and cost-of-delay. How delivery leaders bridge to the CFO.

May 14, 202614 min

DevOps

From DevOps to Platform Engineering: When an IDP Pays Off

Internal Developer Platform: when platform engineering truly pays off, what golden paths deliver, why adoption must be earned — and when it does not pay.

May 11, 202613 min

IT Governance

Spec-Driven Development: Governing AI Coding Agents at Enterprise Scale

Spec-Driven Development brings AI coding agents under governance: versioned spec repos, high-value review gates, and CI/CD integration without a FAANG budget.

May 8, 202613 min

DevOps

The AI-Delivery Capability Check: The 7 DORA 2025 Multipliers

The 7 capabilities from the DORA Report 2025 as a self-assessment: maturity levels, diagnostic questions, common gaps, and quick wins for AI delivery.

May 5, 202613 min

DevOps

Beyond the Four DORA Metrics: SPACE, DevEx & DX Core 4

DORA measures output, not experience. How top-quartile teams combine DORA, SPACE and DX Core 4 into one robust system for measuring developer productivity.

May 2, 202614 min

Cybersecurity

Germany's NIS2 Act: The Board-Level Action Plan

Germany's NIS2 Act in force since 06 Dec 2025: the ten obligations, 24h/72h/1M reporting deadlines, and non-delegable management liability as a 90-day roadmap.

Apr 29, 202615 min

IT Governance

Three AI Breaches in Five Weeks — and Why It's Not a Security Problem

McKinsey, BCG, Bain — three MBB firms, five weeks, exposed AI tools. At Bain, 18 minutes and a right-click was enough. Why this is a delivery governance failure, not a security problem.

Apr 26, 20267 min

IT Governance

Cognitive Debt: When AI Code Works but Nobody Understands the System Anymore

Cognitive Debt: How AI code erodes the shared mental model of a system even when the code is flawless. Definition, contrast with technical debt, metrics.

Apr 23, 202614 min

IT Governance

EU AI Act 2026 Update: What the Digital Omnibus Deferral Really Means

The November 2025 Digital Omnibus may push high-risk obligations to December 2027. Scenario logic, no-regret measures, and what actually applies right now.

Apr 20, 202613 min

IT Governance

EU AI Act Compliance Guide: What Organizations Must Do Before August 2026

On August 2, 2026, the EU AI Act's core obligations take effect. This guide explains the four risk tiers, high-risk obligations, deadlines, penalties, and a 10-step compliance roadmap.

Apr 15, 202616 min

IT Governance

DORA Enforcement 2026: From Compliance Paperwork to Real-Time Proof

DORA enters active enforcement in 2026: Register of Information, automated reporting, fines up to 2% of turnover — what financial firms must now prove.

Apr 11, 202614 min

DevOps

DORA Report 2025: AI Amplifies What's Already There

DORA Report 2025: ~90% of devs use AI. AI lifts throughput but harms delivery stability without DevOps maturity. The 7 capabilities + 7 archetypes explained.

Apr 8, 202615 min

IT Governance

DORA vs. NIS2 — Which EU Resilience Rule Applies to You?

DORA or NIS2 — which EU resilience rule applies to your organization? Side-by-side comparison, decision tree, and the distinction from the DevOps DORA metrics.

Apr 3, 202614 min

Cybersecurity

NIST CSF 2.0 Assessment Guide: Evaluate Your Cybersecurity Systematically

NIST CSF 2.0 (February 2024) is the international standard for cybersecurity assessments. This guide covers the 6 core functions, 4 implementation tiers, and a concrete 5-step assessment process.

Mar 31, 202615 min

IT Management

AI Readiness Assessment: How Organizations Measure Their AI Preparedness

AI projects rarely fail because of technology — they fail due to lack of preparation. This guide covers the 6 dimensions of AI readiness, the 5-level maturity model, and how to conduct an assessment.

Mar 29, 202613 min

Agile

Agile Transformation: 10 Signs Your Organization Is Ready

Agile transformation is more than adopting Scrum. These 10 readiness signs, framework comparisons (SAFe, LeSS, Spotify), and anti-patterns help you evaluate your organization.

Mar 19, 202611 min

IT Governance

IT Governance Assessment: How to Evaluate Your Organization

An IT governance assessment uncovers weaknesses, measures maturity levels, and delivers a clear improvement roadmap. Learn how to conduct an assessment systematically.

Mar 13, 202614 min

IT Governance

Technical Debt Management: Measure, Prioritize, Reduce

Technical debt is inevitable — uncontrolled technical debt is not. Learn how to systematically manage tech debt with SQALE, hotspot analysis, and the 20% rule.

Mar 5, 202614 min

Cloud

Cloud Migration Readiness Checklist: 15 Questions Before You Move

Before migrating to the cloud, ask yourself these 15 critical questions. Our readiness checklist helps you minimize risks and ensure migration success.

Feb 26, 202613 min

IT Governance

COBIT vs. ITIL — Which Framework for IT Governance?

COBIT and ITIL are the most important frameworks for IT governance and service management. This comparison shows when each framework is the right choice.

Feb 12, 202614 min

DevOps

DevOps Maturity Assessment: A Step-by-Step Guide

A DevOps Maturity Assessment evaluates your DevOps capabilities across 5 dimensions: Culture, Automation, Processes, Measurement, and Security. This guide covers the 5-level model and how to conduct one.

Feb 5, 202612 min

DevOps

DORA Metrics Explained: The 4 Key Metrics for Software Delivery

Deployment Frequency, Lead Time for Changes, MTTR, and Change Failure Rate — the four DORA Metrics are the gold standard for measuring software delivery performance.

Jan 29, 202612 min

IT Management

What is IT Delivery Management? A Complete Guide

IT Delivery Management ensures that IT projects and services are delivered on time, on budget, and with high quality. This guide covers core processes, KPIs, and frameworks.

Jan 15, 202615 min

Ready for Your Assessment?

Use our interactive templates to measure your IT organization's maturity — with automatic scores, AI-powered recommendations, and professional PDF reports.