CIO - Productivity Kit
IT and Internet Job Descriptions -- Disaster Recovery Template -- IT Service Management Template -- Sensitive Information Policy -- Salary Survey -- Security Template
The CIO productivity kit Standard edition contains
- 281 Job descriptions in MS WORD .docx format
- Current IT Salary Survey for US and Canada (by city) PDF
- IT Infrastructure, Strategy, and Charter Template in MS WORD .docx format
- Disaster Recovery Template which is Sarbanes Oxley compliant in MS WORD .docx format
- Security Template which is Sarbanes Oxley and ISO 27000 compliant in MS WORD .docx format
- IT Service Management Template (Change Management, Help Desk, and Service Requests) in MS WORD .docx format
- Sensitive Information Policy (Protect Credit Card Card and Personal Information) in MS WORD .docx format
The CIO productivity kit Metric edition contains
- Practical Guide for Cloud Outsourcing in MS WORD .docx format
- Metrics for Internet and IT (metric kit) in MS WORD .docx format
- Service Level Policy Agreement Policy Template (metric kit) in MS WORD .docx format
Disaster Recovery Template (DRP)
The Disaster Recovery Plan template (DRP) can be used for any enterprise. DRP Template is sent to you via e-mail in WORD and/or PDF format. Included is a Business Impact Questionnaire as well as a full Job Description for theDisaster Recovery Manager
The plan is 178 pages and includes everything needed to customize the Internet and Information Technology Security Manual to fit your specific requirement. The electronic document includes proven written text and examples for your security plan.
The Internet and IT Position Descriptions are in Word for Windows format (.docx). Includes positions from CIO and CTO to Wireless and Metrics Managers. All of the positions in the book have been created to reflect the technology world of today.
The Metrics for the Internet and Information Technology HandiGuide® is over 320 pages, defines 540 objective metrics, and contains 83 metric reports that show over 240 objective metrics.
The Service Level Agreement Policy Template is a nine page policy for a single application, It defines specific SLAs and metrics that are both internally and externally focused. The sample contain over 70 possible metrics presented graphically in PDF format.
IT Salary Survey
The Janco Associates, Inc. survey draws on data collected throughout the year (data as of January 2011) by extensive internet-based and completed survey forms sent to businesses throughout the United States and Canada. Our database contains over 85,000 data points.
CIO - CTO - CSO News
Malware is now not as easy to detect
Security Manual Template key to data protection
Security and compliance are key to maintaining control of sensitive and confidential information. However this a an issue with the wave of attacks that have affected banks and other companies with open-source penetration testing tools loaded directly into memory instead of traditional malware, making their detection much harder.
Researchers started investigating these attacks after the security team from an unnamed bank found Meterpreter in the random access memory (RAM) of a server that acted as the organization's Windows domain controller.
Meterpreter is an in-memory attack payload that can inject itself into other running processes and is used to establish persistency on a compromised system. It is part of the Metasploit penetration testing framework, a popular tool used both by internal security teams and by malicious hackers.more info
Network Security Key to CIO success
CIO Role - CTO Responsibilities
Network are more complex than ever before. Your employees are accessing any application they want, using work or personal devices. Oftentimes, these applications span both personal and work-related usage, but the business and security risks are often ignored. Prospective employees are asking about application usage policies before accepting a job. Adding another layer of complexity is the underlying concern about the effectiveness of your cybersecurity posture. Is your business a target for a cyberattack? Is it a question of when, as opposed to if? And are you as prepared as you could be? The complexity of your network and your security infrastructure may limit or slow your ability to respond to these and other cybersecurity challenges.
Top 10 lists that IT Pros need to review
Top 10 questions and lists created by Janco that IT professionals need to review
- more info
- Top 10 Interview Questions Top 10 interview questions can lead to more specific questions that improve the chances of a successful hire In a review of over 1,000 job...
- 10 Questions on Disaster Planning Every CIO Should Have Answers for 10 questions on disaster planning every CIO should have answers for When the CIO is in the hot seat, will they have the answers to...
- Top 10 questions interviewee should ask Top 10 questions an interviewee should ask Top 10 questions that should be asked before you accept a job offer from a new employer are: How...
- 10 Interview Questions that the interviewee should ask 10 Interview Questions That Should be Asked by the Interviewee In preparing for an interview there are 10 interviewee questions that should be asked either...
- 10 Security Assessment Questions 10 Security Assessment Questions Security Assessment Questions To stop a breach tomorrow, what does the enterprise need to differently today? Does the enterprise know if...
Reservation are at risk as airline booking systems are easily hacked
Airline Booking Systems are Easily Hacked
The airline booking systems used by millions are totally insecure and lack suffficient authentication methods. Thus attackers can easily modify other people's reservations, cancel their flights and even use the refunds to book tickets for themselves.
The three airline booking systemsa are Sabre, Travelport and Amadeus. Together they store PNRs (Passanger Name Records) for millions of travelers at any given time. Any data added or modification made to a booking is stored in their systems and all that's required to access that information is typically a last name and a six-character booking code.
There are multiple access points into these systems and this includes the websites operated by airlines and travel agencies, but also third-party websites like CheckMyTrip. As such there systems are easily hacked and insecure.more info
Best IT Infrastructure topic articles that are must reads
IT Infrasructure - Best IT Infrastructure topic articles that are must reads
- Password Requirements and Management Issues Password Requirements and Management Issues The passwords should not be reused across many accounts, but should preferably be unique to each account. (single-sign-on services & password...
- Two factor authentication soon to be a standard Two factor authentication increases security Two factor authentication in addition to complex passwords are very difficult to guess or even crack using commonly available code...
- 5 tips to improve productivity 5 tips to improve productivity The Internet is full of ways to improve productivity, but in Jeff Hadens latest column for Inc., he offers five...
- CIO challenge how to manage the social media risks CIO challenge how to manage the social media risks CIOs are faced with new social media risks. Analysts are predicting that by 2016 as...
- 10 best practices to improve the value of your blog Blog Best Practices to Improve the Value of Your Blog Blogs can consume a lot of your time. In order to maximize this effort here...
Is the US goverment hiring too many IT Pros?
Is the US goverment hiring too many IT Pros?
The current administration plans to hire 6,500 people with cybersecurity skills before the new admininstration is place. It had hired 3,000 by the first half of this year.
Both HR and IT have a critical role in addressing the expectations that the Executive Management has of HR and the CIO. You need integrated processes with an application/infrastructure backbone to support them. While the CIO may have a systems focus with a lack of sympathy for HR needs, his/her demands actually will enable HR to gain better process focus.- more info
- Chief Security Officer (CSO)
- Chief Compliance Officer (CCO)
- VP Strategy - Architecture
- Director e-Commerce
- Database Administrator
- Data Security Administrator
- Manager Data Security
- Manager Facilities and Equipment
- Manager Network - Computing Services
- Manager Network Services
- Manager Training - Documentation
- Manager Voice and Data Communication
- Manager Wireless Systems
- Network Security Analyst
- System Administrator - Linux
- System Administrator - Unix
- System Administrator - Windows
Metrics for Key Performance Indicators (KPI)
Metrics are the current Critical Success Factors (CSFs) and Key Performance Indicators (KPI)
Metrics are fundamental for measuring performance. But which metrics are really driving companies forward?
Metrics and Key performance indicators (KPIs) are a basic tool for a companys management to measure performance. A number of years ago we called KPIs Critical Success Factors (CSFs). KPIs are more granular and focus managements attention to a finite array of statistics that are indicative of a companys performance They are believed to have explanatory power over the companys desired success and profitability.more info
Wall Street Journal quotes
CEO of Janco quoted in the Wall Street Journal
The CEO of Janco Associates was quoted in the Wall Street Journal several times in the last few months. The articles are listed below:
- Role of the CIO - Compensation Up for Top-Earning CIOs: Analysis
- Economy - IT Job Growth Hit Five-Year Low in April
- Economy - IT Hiring Continues to Slide
- Talent and Management - Global Pressures Take Toll on IT Jobs, Spending
Younger workers are at more risk to taken in by scams
Scams score more with younger workers according to study funded by Microsoft
Younger individuals are most easily duped by technical support scams according to a recent survey.
- Individuals between 25 and 34 were more than three times as likely to fall for the fake-out as those aged 55 to 64.
- Individuals between 18 and 24 -- were little better than their slightly-older cohort; they were tricked by the scams more than two and a half times the rate of the group aged 66 and older.
- Globally, about two-thirds of the respondents had encountered a technical support scam.
- 20% -- allowed the scammer to continue his or her story -- and nearly one in 10 had actually given money to the fraudster
The survey paid for by Microsoft, queried 1,000 adults ages 18 and up in each of several countries, including the U.S., the U.K., Australia, Brazil, Canada, China, Germany and India.
Security Policies - Procedures - Audit Tools
- more info
- Security Manual Template (Policies and Procedures) (ISO Compliant)
- Security Manual Template and Audit Program
- Security Manual Template and Disaster Recovery Business Continuity Template Bundle
- Security Manual Template, Disaster Recovery Business Continuity Template, and Safety Program Bundle
- Security Manual Template and Disaster Recovery Business Continuity Template Audit Bundle
- Security Management Job Description Bundle - 17 full security job descriptions
- USA Freedom Act Security Bundle
- Payment Card Industry (PCI) Data Security Audit Program
- Payment Card Industry (PCI) Data Security Standard PCI-DSS Compliance Kit
- Security Audit Program
- Compliance with HIPAA Standards
- Compliance with FIPS 199
- Threat and Vulnerability Assessment
- Threat Risk Assessment Extended Service
Enterprise operations control strategic IT spending
Enterprise operations control strategic IT spending
The relationship between enterprise operations and the IT department when it came to priorities and strategic spending is less like 'us' versus 'them' and more like 'contentious siblings'.
Fundamentally, the role of the CIO when deciding on IT spending is both to advise business leaders on viable technologies for realizing a project's goals, but to also explain how any new investments would fit with a firm's existing infrastructure.more info