Which IT resource management discipline MOST directly reduces the risk of vendor lock-in within an IT governance framework?