CIO - Productivity Kit
IT and Internet Job Descriptions
Disaster Recovery Template
IT Service Management Template
Sensitive Information Policy -
Salary Survey - Security Template
The CIO productivity kit Standard edition contains
- 243 job descriptions in MS WORD .docx format
- Current IT Salary Survey for US and Canada (by city) PDF
- IT Infrastructure, Strategy, and Charter Template in MS WORD .docx format
- Disaster Recovery Template which is Sarbanes Oxley compliant in MS WORD .docx format
- Security Template which is Sarbanes Oxley and ISO 27000 compliant in MS WORD .docx format
- IT Service Management Template (Change Management, Help Desk, and Service Requests) in MS WORD .docx format
- Sensitive Information Policy (Protect Credit Card Card and Personal Information) in MS WORD .docx format
The CIO productivity kit Metric edition contains
- Practical Guide for Cloud Outsourcing in MS WORD .docx format
- Metrics for Internet and IT (metric kit) in MS WORD .docx format
- Service Level Policy Agreement Policy Template (metric kit) in MS WORD .docx format
The Disaster Recovery Plan template (DRP) can be used for any enterprise. DRP Template is sent to you via e-mail in WORD and/or PDF format. Included is a Business Impact Questionnaire as well as a full Job Description for the Disaster Recovery Manager
The plan is 178 pages and includes everything needed to customize the Internet and Information Technology Security Manual to fit your specific requirement. The electronic document includes proven written text and examples for your security plan.
The 239 Internet and IT Position Descriptions are in Word for Windows format (.docx). Includes positions from CIO and CTO to Wireless and Metrics Managers. All of the positions in the book have been created to reflect the technology world of today.
The Service Level Agreement Policy Template is a nine page policy for a single application, It defines specific SLAs and metrics that are both internally and externally focused. The sample contain over 70 possible metrics presented graphically in PDF format.
IT Salary Survey
The Janco Associates, Inc. survey draws on data collected throughout the year (data as of January 2011) by extensive internet-based and completed survey forms sent to businesses throughout the United States and Canada. Our database contains over 85,000 data points.
CIO - CTO - CSO News
10 factors in making an IT organization that worksMay 21st, 2013
10 factors that impact the reporting structure of an IT organization. The structure must support the goals of the organization and be consistent with its culture and capabilities. Well-defined reporting structures are based on the IT and business direction; take into account organizational barriers; and consider the effect of combining or separating the functions that are targeted for change.more info
Quality Contol Disaster Recovery Survey resultsMay 17th, 2013
Continuity Central survey asked the following question: "Does your organization have clear processes or methods for the quality control of business continuity plans and systems?"
- 66.1 percent of the 218 respondents to the survey answered Yes
- 28.4 percent answered No.
Of those who said that their organization did not have clear processes or methods for the quality control of business continuity plans and systems the top reasons given so far are:
- 28.8% - Are still developing our first business continuity plan
- 20.3% - It is too complex to carry out
- 16.9% - It is not required or necessary
- 8.5% - It is too expensive to carry out
Respondents whose organization did undertake business continuity quality control were asked to list the quality processes and methods that are in place.
- 82.9% - Auditing by an internal audit process
- 74.4% - Align to a business continuity standard
- 55.6% - Defined Key Performance Indicators which we monitor and measure
- 46.2% - Auditing by an external audit process
- 24.8% - Benchmark against a Maturity Model
- 23.1% - Benchmark against industry peers (e.g other companies in the same industry sector)
- 19.7% - Formal certification to a business continuity standard
To achieve these goals for Information Technology Janco has combined some of its most popular products to help CIO and IT organizations to meet the most strigent Quality Asssurance and Contol Standards.
The Quality Assuarance and Quality Control Bundle includes:more info
CIO top 5 hot topicsMay 15th, 2013
Read on - Chief Information Officer(CIO)more info
Disaster Recovery versus Business ContinuityMay 14th, 2013
Disaster Recovery is the process of fixing a failing, degraded or completely damaged infrastructure. For example, the 2nd floor of a building was on fire; the fire is now out so the initial crisis is over. Now the damage caused by fire must be dealt with; there is water and smoke on the 2nd floor, the 3rd floor has damages caused by smoke and the 1st floor has water damage. The cleanup, replacement of furniture, repair of the building and its structure, painting, plastering, etc. are all part of the disaster recovery plan.
On the other hand, Business Continuity is how you continue to maintain critical business functions during that crisis. Back to the example, when the fire started, the alarm went off and people were evacuated from the building. Let say you had a Call Center on the 2nd floor and this just happens to be a critical area of your business. How would you continue to answer calls while people are being evacuated? How would you answer calls while the building is being inspected, repaired or rebuilt? Keeping the business running during this time is Business Continuity.more info
Chief Mobility Officer is challenged to address mobile threatsMay 9th, 2013
One of the reasons why a corporation would want to create an office of the chief mobility officer is to improve coordination of mobile initiatives.
In the past few yeas social media and mobility have become an integral part of our professional and personal lives, and is used for much more than just talking to other people. One study last year found that mobile users spent almost 50 percent more time using their mobile devices for social networking than for phone calls.
Social media applications are more popular than ever, reflecting users preference to access the web on their mobile devices. Data shows that 73.6 percent of iPhone users actively connect to Facebook using the Facebook application for iPhone, and the Android version of the application has a 30 percent higher penetration rate. In January of 2013, the number of total mobile Facebook users was 680 million.
It is clear that those who treat mobile threats, email threats, web threats and other cyberthreats as separate and distinct risks are at greater risk than those who adopt a more holistic and integrated security posture. Security solutions that focus solely on mobile, email, web threats or similarly siloed security approaches can no longer be trusted to defend against complex, multistage attacks that can move between attack vectors.more info
Chief Mobility Officer Job Description ReleasedMay 2nd, 2013 Just released full job description for the Chief Mobility Officer hits all of the targets for this position.
A Chief Mobility Officer is needed to direct the development and revisions to policies and procedures for the general operation of the mobility initiatives and its related activities. Some of the responsibilities of this role include:
- Gaining visibility into the compliance of remote devices
- Managing network security and sensitive information
- Defining OS platforms and devices to support
- Setting mobile policies
- Managing BYOD
- Resolving help desk incidents and problems
- Ensuring compliance and producing audit trails
- Supporting connectivity and Wi-Fi access
- Installing and updating software
- Approving applications available via the firm's application store
- Enforcing mobile policies
- Managing device security
Two factor authentication soon to be a standardApril 18th, 2013
Complex passwords are very difficult to guess or even crack using commonly available code breaking software. Password complexity is often built on the length of the word and the difficulty one has in guessing it. The more complex a password you create, the more secure you are making your data. Passwords that feature uppercase and lowercase letters, numbers, and characters are much more challenging for a hacker to crack. Integrating numbers and characters into phrases also helps guard against dictionary attacks. However that often is not enough.
With two-factor authentication, a user logging in to a service or device supplies a second piece of information in addition to a password, thus making it impossible for another party to gain illicit access to the user's accounts without all the separate pieces of information.
Following similar initiatives by Apple, Google and Facebook, Microsoft is enabling two-factor authentication for its Microsoft Account service, the log-on service for many of its online and desktop products.
Microsoft is implementing additional verification methods such as a short code sent to the user's mobile phone, which is then entered in addition to the password, or by asking the user to supply additional information, such as an alternative email address.
Read more on passwords...- more info
Will Boston Events Impact CISPAApril 16th, 2013
Many organizations fail to realize the benefits of security information management due to the often exhaustive financial and human resource costs of implementing and maintaining the software. However, Janco's' Security Manual Template - the industry standard - provides the infrastructure tools to manage security, make smarter security decisions and respond faster to security incidents and compliance requests within days of implementation. The template provides a framework for evaluating SIM services and shows how they could be applied within your organization.
A statement from the White House National Security Council expressed support for CISPA's broad goals but stressed the importance of having adequate privacy protections built into the legislation.
"We continue to believe that information-sharing improvements are essential to effective legislation," NSC spokeswoman Caitlin Hayden said in an emailed statement on Thursday afternoon. "But they must include privacy and civil liberties protections, reinforce the roles of civilian and intelligence agencies, and include targeted liability protections."- more info
BYOD adds a level of complexity to disaster recovery plansApril 11th, 2013
Assuming security issues associated with a bring your own device (BYOD) policy have been formalized in your disaster recovery policy, the BYOD policy should then include provisions to have the intellectual property contained in the personal device backed up at a prescribed frequency, such as daily or twice per day, using an automated backup tool.
However you need to be aware of what tools do not back. Forexample Carbonite does not backup .exe files -- your executable programs. So if you lose your device you have to either re-install them or get them from another source.
The BYOD policy may stipulate that replacement of approved devices from a disaster is the responsibility of the owner. It may state that the company may capture and retain a full image of the user's system at a secure location (e.g., cloud-based backup service) for recovery if the device is damaged or lost.- more info
Hiring Stalls As CIOs Become More Concerned About RecoveryApril 7th, 2013
The latest BLS data shows a slowing in the rate of job creation in the IT job market. The CEO of Janco Associates said, "According to BLS there were only 5,400 jobs created for IT professionals down from 9,800 created in January. The impact of "sequester" has been felt by many. At the same time more people continue to leave the job market even as the published unemployment rate falls."
Janco's says, "For the first time since the dot com bust Janco's metrics show that hiring by CIOs is at a standstill there is a high degree of uncertainty in the economic climate "