What term refers to a holistic approach to IT security including diversification of vendors, controls (both administrative and technical) and user training?
Defense-in-depth is a concept that covers security from many different angles. The idea is to apply security measures wherever possible including physical controls like fences, technical controls like firewalls and administrative concepts like policies and user training. Defense-in-depth is a concept meant to ensure all possible security measures are taken into account.
Wikipedia
Defense in depth is a concept used in information security in which multiple layers of security controls (defense) are placed throughout an information technology (IT) system. Its intent is to provide redundancy in the event a security control fails or a vulnerability is exploited that can cover aspects of personnel, procedural, technical and physical security for the duration of the system's life cycle.