This article discusses the IT governance framework of the University of Nairobi (UON) and how it ensures alignment with the school's strategies and requirements. It also highlights the importance of information security in organizations with a case study of a cyber-attack on Kansas County election in 2019. The article provides insights into the different levels of IT governance in UON, including VC/UON Executives, SITC/Advisory groups, and the ITG portfolio office and Communities of practice (COP). Additionally, it explains the role of each team in ensuring the effectiveness of IT strategies. The article also discusses the importance of information security in organizations and provides a case study of a cyber-attack on Kansas County election in 2019. The attack was a denial of service attack (DOS) that denied citizens the service of viewing the tally result online. Despite the attack not being catastrophic, the County government decided to invest more in setting up more security measures to ensure such information security incidents were not experienced again.