CIO - Productivity Kit


Sarbanes-Oxley Compliant

IT and Internet Job Descriptions 
Disaster Recovery Template 
IT Service Management Template
Sensitive Information Policy - Salary Survey - Security Template 

Order Now SAVE $850 to $1,140

 

CIO ProductivityThe CIO productivity kit Standard edition contains

  • 243 job descriptions in MS WORD .docx format
  • Current IT Salary Survey for US and Canada (by city) PDF
  • IT Infrastructure, Strategy, and Charter Template in MS WORD .docx format
  • Disaster Recovery Template which is Sarbanes Oxley compliant in MS WORD .docx format
  • Security Template which is Sarbanes Oxley and ISO 27000 compliant in MS WORD .docx format
  • IT Service Management Template (Change Management, Help Desk, and Service Requests) in MS WORD .docx format
  • Sensitive Information Policy (Protect  Credit Card Card and Personal Information) in MS WORD .docx format

The CIO productivity kit Metric edition contains

  • Practical Guide for Cloud Outsourcing in MS WORD .docx format
  • Metrics for Internet and IT (metric kit) in MS WORD .docx format
  • Service Level Policy Agreement Policy Template (metric kit) in MS WORD .docx format

Order Now SAVE $850 to $1,140

 

 


Disaster Plan

Disaster Recovery Template (DRP) 

The Disaster Recovery Plan template (DRP) can be used for any enterprise.   DRP Template is sent to you via e-mail in WORD and/or PDF format. Included is a Business Impact Questionnaire as well as a full Job Description for the Download Disaster Recovery TemplateDisaster Recovery Manager





Order Security Manual TemplateSecurity Manual 

The plan is 178 pages and includes everything needed to customize the Internet and Information Technology Security Manual to fit your specific requirement.  The electronic document includes proven written text and examples for your security plan.Download Security Manual Template

 



Order IT Job DescriptionsInternet and  IT Job Descriptions     

The 239 Internet and IT Position Descriptions are in Word for Windows format (.docx).  Includes positions from CIO and CTO to Wireless and Metrics Managers. All of the positions in the book have been created to reflect the technology world of today.Download IT Job Descriptions

 



Order MetricsMetrics for the Internet & IT 

The Metrics for the Internet and Information Technology HandiGuide® is over 320 pages, defines 540 objective metrics, and contains 83 metric reports that show over 240 objective metrics.Download IT Metrics

 



Sevice Level Agreement MetricsOrder Service Level Agreement MetricsService Level Agreement Policy Template


The Service Level Agreement Policy Template is a nine page policy for a single application,  It defines specific SLAs and metrics that are both internally and externally focused. The sample contain over 70 possible metrics presented graphically in PDF format.

 


Salary SurveyOrder IT Salary Survey

IT  Salary Survey

The Janco Associates, Inc. survey draws on data collected throughout the year (data as of January 2011) by extensive internet-based and completed survey forms sent to businesses throughout the United States and Canada.  Our database contains over 85,000 data points.

Free Summary Of Our Salary Survey


  

 

 

 

 

 

CIO - CTO - CSO News


10 actions that a CIO or CSO can take to protect data assets

May 7th, 2015

10 actions that a CIO or CSO can take to protect data assets:

  1. Instill on all employees that they are the first line of defense when it comes to data protection and data security.
  2. Develop and implement specific policies and procedures regarding the handling of proprietary or sensitive information.
  3. Validate that the policies and procedures meet all industry and mandate compliance requirements.
  4. Improve training and require all employees to take.
  5. Maintain a tight control on all data assets and ensure only the minimum necessary access to the information.
  6. Require all passwords be changed frequently and not be repeated.
  7. Communicate, enforce and apply consistent sanctions for information privacy or security violations.
  8. Monitor employee activity both on PCs and mobile devices.
  9. Ensure adequate oversight or governance of information security programs.
  10. Have independent 3rd parties test the data protection and data security compliance practices

Policy and Procedure Manual
Compliance Management Made Easy
ISO 27000 / HIPAA / SOX / CobiT / FIPS 199 Compliant

Supports Meaningful Use Compliant Stage Implementation

Includes PCI DSS Audit Program PLUS 24 Electronic Forms that are ready to use

Order Security ManualTable of Contents
- more info

CIO Management and best practices are defined on the Janco blog

April 27th, 2015

CIO concerns are constantly changing but the solutions are always centered around three factors: technology, infrastructure and people

Threat Vulnerability AssessmentDownload Threat AssessementDownload Threat Assessement

Current CIO Articles and posting on the Janco blog (blog.e-janco.com)

  1. Top 10 CIO concerns Top 10 CIO concerns for the New Year Top 10 CIO concerns – Janco Associates has just completed an informal survey of 75 CIOs and...
  2. Top 10 steps to an effective IT organization Top 10 rules of the road for CIOs when creating IT organizations Top 10 rules of the road for CIOs as they build a modern...
  3. Mobilizing Smartphones is a Challenge Mobilizing Smartphones is a very difficult job according to  CIOs Mobilizing applications for employees to use on their Smartphones sure sounds like a fun idea....
  4. Many CIOs have not addressed cloud security issues Less than 50% of all organizations have policies in place that for vetting cloud computing applications for possible security risks before deploying them. The number...
  5. Top 10 indicators that you are about to be fired Top 10 indicators that you are about to be fired Circumstance often make CIO and It Managers oblivious to the clues they are about to be...
- more info

A trick to improve security to software idenitied

April 24th, 2015

A trick to improve security to software idenitied

Security PoliciesA good way to make software more secure is to implement revisions so frequent that attackers don’t have time to figure out where the vulnerabilities are before the potential attack surface has morphed to something else.

Order Patch Management PolicyPatch Management Policy

Also, network defenders need to take advantage of the honeymoon effect, where new software goes unmolested for a period after it is issued while adversaries analyze it for flaws. With frequent revisions, software is never in place long enough to fall prey to exploits and old exploits are less likely to have an impact.

Security Policies - Procedures - Audit Tools

- more info

Proposed legislation will weaken data security and breach notification laws

April 16th, 2015


Proposed legislation will weaken data security and breach notification laws

Security Breach Prevention

The Data Security and Breach Notification Act, approved by the House Energy and Commerce Committee, would pre-empt stronger breach notification laws in several states and would eliminate data protections of telecom account records.

The bill is weaker than the data security and breach notification standards that consumers currently enjoy under stronger state laws and existing federal law.

The legislation would require businesses across the U.S. to notify affected customers after a data breach is headed toward a vote on the floor of the House of Representatives even though the bill will actually weaken protections for consumers.

Order Security ManualTable of Contents

- more info

Many data breaches take over 1 year to fix after the first intrusion

April 14th, 2015

Security Audit Program

ISO 28000, 27001, & ISO 27002 / HIPAA / SOX PCI-DSS Compliant

Severs and coprorate data are breached on a daily basis.  While this is happening most companies are  unaware that their propritary information is being stolen. Janco has found that over 90% of cybercrime victims find out about the compromise only after a 3rd party notifies them.  Then after a cybercriminal gains access to an enterprise's network it takes an average 416 days to detect the intrusion.

OrderTable of Contents

- more info

5 Must do task to become a world class CIO

April 6th, 2015

IT Job Descriptions


5 must do tasks that World Class CIO all complete

  1. Align IT efforts around the overall organizations strategy
  2. Provide value added solutions and transform models for IT applications accordingly
  3. Establish metrics to manage and measure performance
  4. Embrace new technologies as they become available
  5. Develop Advanced IT Technology Capabilities

Order CIO Job Description

Other Must Read CIO Articles

 
- more info

What do all of the major system breaches have in common?

March 6th, 2015

All of the major data breaches in the news have in common -- there is total lack of timely detection. In fact, most of the victims had no idea they were breached until the U.S. government’s three-letter-agency watchdogs notifies them.

Typically the attackers operate undiscovered for months before they were discovered. A good security information and event management would have alerted those organizations to the attackers’ activities.  That would include phishing, malware exploits, unauthorized remote access and data exfiltration.

Order Security ManualSample DRP

Other security articles and postings

Security Topics

How to Justify Security Spending
How to Implement Security
ISO Domains & Security Manual Template
HITECH Meaningful Use Implications
ISO 28000
ISO 27008:2011
FIPS 199
Top 10 Security Myths
Top 10 Best Practices for Data Security 
Top 10 Security Management Best Practices
Security Issue Trends
Security Management 
BYOD
BYOD Security Best Practices 
Common User Passwords
User Security Holes
Passwords
Identity Theft 
Top Network 
Security Weaknesses

Malware Impact On Security
IT Related Fraud 
Steps to Detect and Prevent Security Breaches
Insider Data Security Issues
What is HIPAA
SmartPhone & Tablet Security
Digital Copier Risk
Mobile Device Security
Managing Cyber-Attacks 
ID Badges and NFC

- more info

Staff Management Best Practices IT Pros Should Follow

March 2nd, 2015

Staff Management Best Practices IT Pros Should Follow - Articles

  1. Best Practices – 5 keys on how to harness employee creativity  Best Practices – CIOs need to harness employees’ creativity. Here are five ways they can do that Best practices to harness creativity include these 5...
  2. Top 10 Manager Best Practices  Top 10 Manager Best Practices Top 10 Manager Best Practices – In  order to be a successful manager and supervisro there are some core best...
  3. IT Job Families are being reviewed by many CIOs  IT Job Families are being reviewed by many CIOs IT Job Families – As the economy starts to turn around CIOs are beginning to look...
  4. 10 Best Practices for Staffing  10 Best Practices to Staff – Hire and Retain World Class Creative IT Professionals 10 Best Practices  – Janco Associates has found the top ten...
  5. Top 10 best practices for effective risk and reputational management Top 10 Best Practices Best Practices – Reputational risk is the exposure that your company will lose potential or existing business because its trustworthiness  has...

Order Salary SurveyFree Salary Survey

- more info

Top 10 Best Practices to meet IT governance and compliance requirements

February 13th, 2015

Top 10 Best Practices to meet IT governance and compliance requirements

  1. Understand all existing and proposed regulation and compliance requirement
  2. Have clear definition of duties (job descriptions) that meet all infrastructure, security and compliance requirements
  3. Continually assess the internal controls of IT that are in place
  4. Establish a baseline of IT internal controls – include a definition of baseline policies and procedures that need to be in place in IT function
  5. Audit compliance to baseline of IT internal controls and governance requirements
  6. Track access to all “protected” and confidential data
  7. Preserve audit data in secure long term storage
  8. Establish and enforce separation of duties
  9. Implement metrics that support the alignment of IT with enterprise requirements
  10. Implement a function which focuses on implications of new technology on infrastructure and governance of IT
Disaster Recovery Security Cloud DRP Security Position Descriptions IT Salary Survey
- more info

Disaster Recovery and Business Continuity best practices for CIOs

February 10th, 2015

Disaster Recovery and Business Continuity best practices for CIOs lastes articles that are a must read

  1. Top 10 Disaster Recovery Best Practices As requirements for avoiding downtime become increasingly stringent, administrators need tools and platforms that can help them plan, design, and implement disaster recovery strategies that...
  2. 10 Backup Best Practices supplementing a disaster recovery and business continuity solution with the cloud 10 Backup best practices –  supplementing a disaster recovery and business continuity back-up solution with the cloud Backup best practices are used by many CIOs...
  3. 10 Points of CIO focus in Disaster Recovery and Business Continuity Planning Top 10 points of CIO focus in planning 10 points of CIO focus that need to be addressed in Disaster Recovery and Business Continuity Planning...
  4. 10 Commandments of Disaster Recovery and Business Continuity 10 commandments of disaster recovery and business continuity planning As requirements for avoiding downtime become increasingly stringent, administrators need tools and platforms that can help...
  5. Top 10 Predictions for Disaster Recovery and Business Continuity 10 Disaster Recovery – Business Continuity Predictions for 2013 Disaster Recovery vs Business Resilience  – There will be a move from an academic discussion to practical...
Disaster Recovery Security Cloud DRP Security Incident Communication Policy 
 Order Disaster Plan TemplateDisaster Plan Sample
- more info