CIO - Productivity Kit

Sarbanes-Oxley Compliant

IT and Internet Job Descriptions 
Disaster Recovery Template 
IT Service Management Template
Sensitive Information Policy - Salary Survey - Security Template 

Order Now SAVE $850 to $1,140


CIO ProductivityThe CIO productivity kit Standard edition contains

  • 243 job descriptions in MS WORD .docx format
  • Current IT Salary Survey for US and Canada (by city) PDF
  • IT Infrastructure, Strategy, and Charter Template in MS WORD .docx format
  • Disaster Recovery Template which is Sarbanes Oxley compliant in MS WORD .docx format
  • Security Template which is Sarbanes Oxley and ISO 27000 compliant in MS WORD .docx format
  • IT Service Management Template (Change Management, Help Desk, and Service Requests) in MS WORD .docx format
  • Sensitive Information Policy (Protect  Credit Card Card and Personal Information) in MS WORD .docx format

The CIO productivity kit Metric edition contains

  • Practical Guide for Cloud Outsourcing in MS WORD .docx format
  • Metrics for Internet and IT (metric kit) in MS WORD .docx format
  • Service Level Policy Agreement Policy Template (metric kit) in MS WORD .docx format

Order Now SAVE $850 to $1,140



Disaster Plan

Disaster Recovery Template (DRP) 

The Disaster Recovery Plan template (DRP) can be used for any enterprise.   DRP Template is sent to you via e-mail in WORD and/or PDF format. Included is a Business Impact Questionnaire as well as a full Job Description for the Download Disaster Recovery TemplateDisaster Recovery Manager

Order Security Manual TemplateSecurity Manual 

The plan is 178 pages and includes everything needed to customize the Internet and Information Technology Security Manual to fit your specific requirement.  The electronic document includes proven written text and examples for your security plan.Download Security Manual Template


Order IT Job DescriptionsInternet and  IT Job Descriptions     

The 239 Internet and IT Position Descriptions are in Word for Windows format (.docx).  Includes positions from CIO and CTO to Wireless and Metrics Managers. All of the positions in the book have been created to reflect the technology world of today.Download IT Job Descriptions


Order MetricsMetrics for the Internet & IT 

The Metrics for the Internet and Information Technology HandiGuide® is over 320 pages, defines 540 objective metrics, and contains 83 metric reports that show over 240 objective metrics.Download IT Metrics


Sevice Level Agreement MetricsOrder Service Level Agreement MetricsService Level Agreement Policy Template

The Service Level Agreement Policy Template is a nine page policy for a single application,  It defines specific SLAs and metrics that are both internally and externally focused. The sample contain over 70 possible metrics presented graphically in PDF format.


Salary SurveyOrder IT Salary Survey

IT  Salary Survey

The Janco Associates, Inc. survey draws on data collected throughout the year (data as of January 2011) by extensive internet-based and completed survey forms sent to businesses throughout the United States and Canada.  Our database contains over 85,000 data points.

Free Summary Of Our Salary Survey







CIO - CTO - CSO News

Mid-Year 2015 IT Salary Survey Released by Janco

June 22nd, 2015

Mid-Year 2015 IT Salary Survey Released by Janco

2015 Mid-Year Salary Survey – Janco Associates, Inc. has just released its 2015 mid-year salary survey.  To read about the salary survey go to

IT Median Salaries Mid-Year 2014 vs. Mid-Year 2015

Historic versus current salaries IT Professionals

Order Salary Survey    Free Salary Survey

- more info

Preliminary observations from mid-year IT Salary Survey are published

June 10th, 2015

Preliminary observations from mid-year IT Salary Survey are published

Staff and staff retention concerns have emerged as the most pressing issue for CIOs according to Janco's latest survey.
In the mid-year 2015 IT Salary Survey by Janco has found that “finding qualified staff” or retaining qualified staff now are a the top concern for CIO.

Recruitment is a key issue today and was not during the recession as firms focused more on cost reduction. What Janco is seeing now is a return to a growth environment, which creates new opportunities and challenges for firms.

Succession planning is a concern for every size of firm. That is both for the CIO and his/her direct reports so that a plan in place for key players if they leave.

IT Hiring IT Job Descriptions IT Salary SurveyIT Salary SurveyJob Descriptions
Order IT Hiring Kit
- more info

IRS breach of 100,000 plus due to outdated software and poor infrastructure

June 2nd, 2015

IRS breach of 100,000 plus due to outdated software and poor infrastructure

Breach of 100,000 plus individuals was due to the fact that the IRS was running Microsoft software that is over 12 years old and no longer supported by Microsoft.  If a private company did the same the CIO and CEO both could be exposed to violations of mandated security requirements.

Order Patch Management PolicyPatch Management PolicyPatch Management Version History

Patch Management RolesNot long ago, patch management was barely a blip on the radar screens of most security and IT personnel. 'Install and forget' was a fairly common practice; once deployed, many systems were infrequently or never updated. Obviously, for a number of reasons, this approach is no longer an option.

The rise of widespread worms and malicious code targeting known vulnerabilities on unpatched systems, and the resultant downtime and expense they bring, is probably the biggest reason so many organizations are focusing on patch management. Along with these threats, increasing concern around governance and regulatory compliance (e.g. HIPAA, Sarbanes-Oxley) has pushed enterprises to gain better control and oversight of their information assets. Add in increasingly interconnected partners and customers and the rise of broadband connections and remote workers with BYOD and company issued devices, and you have the perfect storm that has thrust patch management to the forefront of many organizations' list of security priorities.


- more info

2/3rds of CIO and key IT Pros have altered their vactation plans due to work

May 30th, 2015

CIO and key IT Pros are letting work to get in the way of vacations.

Two-thirds (66.9%) of the more than 143 CIO and key IT Pros surveyed online earlier this month said they had postponed or canceled vacation plans in the past year due to demands at work. While 92% said they planned to take at least some days off this year, 48% did not expect to use all of their available vacation days.

Today's CIOs and key IT Pros are under constant pressure to drive growth, hit deadlines, and deliver on the expectations of various business units. The irony is that individuals who take time off are more productive, have higher morale, and are less likely to make critical mistakes.

Most of the individuals said that they had "too much work to do" or an "increased workload once they returned from vacation" as the primary reason why they did not take a vacation. For those who did take some days off, over 80% still connected with work via email or other forms of electronic communication.

Chief Information Officer - Chief Technology Officer

Order CIO Job Description

The chief information officer's (CIO) role, responsibilities and influence is growing in today's boardroom. And the CIOs job itself is expanding as well. The CIOs of the next decade face many challenges.   

- more info

What is the role of the CIO and the IT function in the future

May 26th, 2015

The role of the CIO and IT in the future is a rapid proactive force ‘joined at the hip’ with the General Manager to make consistently high-quality business decisions through analytical expertise that produces decision-relevant information.

The CIO role is one that requires multi and cross-functional skills sets to lead and manage change using project management enablers. It is a problem-solving function and is visible throughout the organization, a strong can-do attitude with a balance of being the conscience of the company.
The IT applications have moved away from transaction processing and month-end ‘backward-looking’ close processes. Instead strategic information processing is used as a tool to improve and grow the business, while managing risk and controls.

Chief Information Officer - Chief Technology Officer

Order CIO Job Description


- more info

10 actions that a CIO or CSO can take to protect data assets

May 7th, 2015

10 actions that a CIO or CSO can take to protect data assets:

  1. Instill on all employees that they are the first line of defense when it comes to data protection and data security.
  2. Develop and implement specific policies and procedures regarding the handling of proprietary or sensitive information.
  3. Validate that the policies and procedures meet all industry and mandate compliance requirements.
  4. Improve training and require all employees to take.
  5. Maintain a tight control on all data assets and ensure only the minimum necessary access to the information.
  6. Require all passwords be changed frequently and not be repeated.
  7. Communicate, enforce and apply consistent sanctions for information privacy or security violations.
  8. Monitor employee activity both on PCs and mobile devices.
  9. Ensure adequate oversight or governance of information security programs.
  10. Have independent 3rd parties test the data protection and data security compliance practices

Policy and Procedure Manual
Compliance Management Made Easy
ISO 27000 / HIPAA / SOX / CobiT / FIPS 199 Compliant

Supports Meaningful Use Compliant Stage Implementation

Includes PCI DSS Audit Program PLUS 24 Electronic Forms that are ready to use

Order Security ManualTable of Contents
- more info

CIO Management and best practices are defined on the Janco blog

April 27th, 2015

CIO concerns are constantly changing but the solutions are always centered around three factors: technology, infrastructure and people

Threat Vulnerability AssessmentDownload Threat AssessementDownload Threat Assessement

Current CIO Articles and posting on the Janco blog (

  1. Top 10 CIO concerns Top 10 CIO concerns for the New Year Top 10 CIO concerns – Janco Associates has just completed an informal survey of 75 CIOs and...
  2. Top 10 steps to an effective IT organization Top 10 rules of the road for CIOs when creating IT organizations Top 10 rules of the road for CIOs as they build a modern...
  3. Mobilizing Smartphones is a Challenge Mobilizing Smartphones is a very difficult job according to  CIOs Mobilizing applications for employees to use on their Smartphones sure sounds like a fun idea....
  4. Many CIOs have not addressed cloud security issues Less than 50% of all organizations have policies in place that for vetting cloud computing applications for possible security risks before deploying them. The number...
  5. Top 10 indicators that you are about to be fired Top 10 indicators that you are about to be fired Circumstance often make CIO and It Managers oblivious to the clues they are about to be...
- more info

A trick to improve security to software idenitied

April 24th, 2015

A trick to improve security to software idenitied

Security PoliciesA good way to make software more secure is to implement revisions so frequent that attackers don’t have time to figure out where the vulnerabilities are before the potential attack surface has morphed to something else.

Order Patch Management PolicyPatch Management Policy

Also, network defenders need to take advantage of the honeymoon effect, where new software goes unmolested for a period after it is issued while adversaries analyze it for flaws. With frequent revisions, software is never in place long enough to fall prey to exploits and old exploits are less likely to have an impact.

Security Policies - Procedures - Audit Tools

- more info

Proposed legislation will weaken data security and breach notification laws

April 16th, 2015

Proposed legislation will weaken data security and breach notification laws

Security Breach Prevention

The Data Security and Breach Notification Act, approved by the House Energy and Commerce Committee, would pre-empt stronger breach notification laws in several states and would eliminate data protections of telecom account records.

The bill is weaker than the data security and breach notification standards that consumers currently enjoy under stronger state laws and existing federal law.

The legislation would require businesses across the U.S. to notify affected customers after a data breach is headed toward a vote on the floor of the House of Representatives even though the bill will actually weaken protections for consumers.

Order Security ManualTable of Contents

- more info

Many data breaches take over 1 year to fix after the first intrusion

April 14th, 2015

Security Audit Program

ISO 28000, 27001, & ISO 27002 / HIPAA / SOX PCI-DSS Compliant

Severs and coprorate data are breached on a daily basis.  While this is happening most companies are  unaware that their propritary information is being stolen. Janco has found that over 90% of cybercrime victims find out about the compromise only after a 3rd party notifies them.  Then after a cybercriminal gains access to an enterprise's network it takes an average 416 days to detect the intrusion.

OrderTable of Contents

- more info