Chief Information Officer
What is the Chief Information Officer (CIO)? The title Chief Information Officer (CIO) was first used inside the information technology department and function to identify the person responsible for all Information Technology functions within the enterprise. At many enterprises, the term CIO is still used in this way.
IT leadership has always been important, but given the challenges facing higher education, it is essential for not only cost-effective operations but long-term strategic success. The CIO is the driver for this.
CIOs and CTOs of the Future
The CIOs and CTOs of face many challenges. The CIOs and CTOs who will succeed will have a common set of skills.
- CIOs and CTOs will be both visionary and pragmatic - It is not enough to plan for innovation, they nees to be perceptive and realistic. As an insightful manager they promots a broad technology agenda to help the business profit from leading-edge initiatives. At the same time as a pragmatist, they deal with the realities of the business. The pragmatist also facilitates the productivity of current IT solutions. The CIO and CTO focuses on minimizing cost and maximizing results, in addition they help to increase the customer and product/service base of the enterprise.
- CIOs and CTOs will be focus on ROI improvement of IT - CIOs and CTOs will find new ways to help customers and the organization profit from how data is used while focusing on managing budgets and processes to eliminate or reduce costs.
- CIOs and CTOs will inspire the enterprise and expand the business impact of IT – CIOs and CTOs will have proven expertise in both business and technical facets of their role. they will interact with the enterprise and its executive team as enterprise leaders and drive new business initiatives and shifts jointly the other members of the executive team.
Role of CIO and CTO
The role of the CIO and CTO is changing as more enterprises more towards a "Value Added" role for the Information Technology function. Those changes are depicted in the detail job descriptions that have been created for all of the functions with IT -- especially for the CIO and CTO. The table below depicts several of those changes.
Responsibility |
CIO & CTO Traditional Role |
CIO & CTO Value added Role |
Strategy and Planning |
Define, update, and implement IT strategy |
Align IT objectives and programs to enterprise objectives and strategies |
Control |
Align the IT team with enterprise performance objectives |
Define metrics based on overall business objectives |
Service |
Acquire software/hardware |
Maximize the mix of in house versus out sourced services Establish strategic service provider partnerships |
Risk Management |
Align IT risk management within IT productivity objectives |
Align IT risk management with enterprise-wide risk management |
Business process |
Defer to enterprise requirements |
Optimize and design enterprise processes via IT |
Strategic IT Initiatives |
Plan and manage strategic IT initiatives |
Shift decision making to enterprise operations |
Enterprise infrastructure and applications |
Define standards and architectures |
Optimize costs of services through a mix of internal and external resources |
CIO CTO in High Growth vs Low Growth Enterprises
Chief Information Officer - Position Purpose
The Chief Information Officer (CIO) is accountable for directing the information and data integrity of the enterprise and its groups and for all Information Technology functions of the enterprise. This includes all data centers, technical service centers, production scheduling functions, help desks, communication networks (voice and data), computer program development, and computer systems operations. He or she is responsible for maintaining the integrity of all electronic and optical books and records of the enterprise.
The CIO reviews all computerized and manual systems; information processing equipment and software for acquisition, storage and retrieval; and definition of the strategic direction of all information processing and communication systems and operations. He or she provides overall management and definition of all computer and communication activities within the enterprise including responsibility for providing a leadership role in the data to day operations of the Information Technology functions as well as providing direction as the enterprise grows through internal growth and external acquisition.
The CIO interacts with the executive management team to monitor and validate the enterprise’s compliance with its security policies, which includes but is not limited to Sarbanes Oxley Section 404. In addition the CIO works closely with the Chief Security Officer of the enterprise
A full 5 page Chief Information Officer (CIO) job description can be found by clicking here
Internet and IT Position Descriptions HandiGuide®
| Format | Modify Source | Cut & Paste | Features |
Cost** | ||
| Yes | No | No | The complete Internet and IT Position Descriptions HandiGuide which includes the 220 Job Descriptions in PDF formats which utilizes the Adobe search and bookmark features. | Less than $4.07 each | |
|
| Word Files |
Yes | Yes | Yes | Individual files for each job description. Long file names are used so each job description can be modified as a simple document (WORD 2003 and WORD 2007) | Less than $4.52 each |
|
| Word Book |
Yes | Yes | Yes | Word Search Fully Bookmarked. All job descriptions are contained in single word book - NOTE this is a complex document and the user needs to know WORD very well to extract and modify the individual job descriptions (WORD 2003 and WORD 2007) | Less than $5.88 each | |
| PDF and Word Files |
Yes | Yes | Yes | The complete Internet and IT Position Descriptions HandiGuide plus individual files for each job description. Long file names are used so each job description can be modified as a simple document (WORD 2003 and WORD 2007) | Less than $6.80 each | |
CIO - CTO Employment News
CIOs and Lawyers Must Communicate
IT chiefs and lawyers must learn to speak the same language if they are to work together to help organisations avoid risk. And although responsibility for IT risk management, the careful balancing act of businesses benefit against liability,must not begin and end with the IT department, it is important to run any policies past the techies.
It is vital the IT crowd is consulted, agrees with and has ownership of any policies that directly affect them, and technical teams must make the effort to try and communicate with legal eagles in a language other than IT speak. It is better to have a legal team which will tell the IT department what we need to be doing. But lawyers being lawyers, it is very difficult to work with them to understand what we want and if they could talk to us in an IT language life would be much easier.
If you express risk in the different languages make sure things are transparent and everyone does understand who is responsible for what.
- more infoFactors to Consider in a Disaster Recovery & Business Continuity Plan
The Janco Disaster Recovery Plan & Business Continuity Template takes into consideration all of the items related to various layers of operations that most enterprises need to consider if they want to continue after a disaster occurs. These include:
-
Strategy - Items related to the strategies used by the business to complete day-to-day activities while enabling continuous operations. Examples include financial, manufacturing and disaster recovery strategies.
-
Organization - Items related to the structure, skills, communications and responsibilities of your employees. Examples include human resources, training, and internal and external communications.
-
Applications and data - Items related to the software necessary which enable business operations, as well as the method used to develop that software. Examples include customer relationship management (CRM) applications, enterprise resource planning (ERP) applications, databases and transaction processors.
-
Processes - Items related to the critical business processes necessary to run the business, as well as the IT processes used to ensure smooth operations. Examples include accounts receivable, accounts payable, change management and problem management.
-
Technology - Items related to the systems, network and industry-specific technology necessary to enable your applications and data. Examples include host systems, workstations and Internet Protocol (IP) networks.
-
Facilities- Items related to the buildings, factories and offices necessary to house your organization and your production or service technologies. Examples include data centers, office buildings and physical security operations.
Where CIOs spend their time
In a survey of CIOs, it was found that they spend most of their time:
- Aligning IT with enterprise goals
- Cultivating the IT and enterprise relationship
- Improving IT operations and system performance
- Leading change efforts
- Implementing new systems and architecture
- Driving business innovation
- Redesigning business processes
- Controlling IT costs
- Developing the business strategy
- Looking for a competitive advantage
- Managing IT crises
- Managing security
- Selecting and negotiating with vendors
- Developing customer market strategies and technologies
- Studying and understanding market trends and customer needs
Some improvement in the job market
A technology job board is seeing a steady uptick in technology jobs for the financial industry. After the economys meltdown in 2008 and 2009, its taken some time to see recovery in this segment. If you have technology experience in the industry, there are jobs to be had.
Programming skills are way up in terms of demand, especially the C languages with C# being the skill most sought after right now, along with skills in C and C++. In New York City and the metropolitan area, financial technology positions garner 20 percent higher salaries than the general technology population.
There is good news on the technology jobs front if you have prior banking or financial industry experience. Salaries are higher than the average tech job, especially on Wall Street.
- more infoNew Policy Templates Can be Customized
Documenting
a clear set of IT policies is a resource-intensive process for IT managers, due
to the research and writing time involved. And once policies are created, the
next step is to communicate and gain acceptance for those policies throughout
the organization. Wouldn't it be nice to start with boiler-plate templates that
require only minor customization?
Janco Associates
is offering you CIO IT Infrastructure Policy Bundle. This updated,
time-saving package will provide you with a stocked library of over 200 pages of
policy templates. Plus, you get the tools, techniques and advice you need to
successfully apply these policies in your
company.
CIO continue to run with tight budgets
Overall server spending in enterprises remains weak in 2010 as companies continue to look for ways to save money following the economic downturn, according to research firm TheInfoPro.
According to the survey, which gathered data from 252 decision makers at Fortune 1000 companies, 38 percent plan to reduce server budgets this year compared to 2009, while 25 percent plan to spend more.
Though demand for server hardware has picked up, spending has flattened due to growing trends like virtualization, which helps manage a larger number of tasks on fewer servers.
- more infoWhat is the Chief Technology Officer's (CTO) Role
The
Chief Technology Officer (CTO) is responsible for overall direction of all
technology functions associated within the enterprise. This includes Information Technology
applications, communications (voice, data, and wireless), and computing services
within the enterprise that impact the both the enterprise, its products and its
customers. As the top technical
architect of the enterprise he or she provides a vision of how technology can be
applied. These areas include
product design, customer interactions with the enterprise, IT operating systems,
communications (voice, data, and wireless), transaction processing and database
administration, compliance with all mandated requirements, the information
center, personal computers, electronic and optical storage, and multimedia
applications.
You can get more by getting the Internet and Information Technology Position Descriptions Handiguide - 2010 version.
- more infoVirtualization improves disaster planning and change control
IT has been reported that organizations implementing
virtualization often experience less server downtime than organizations
not deploying virtualization, and many have taken steps to provide better
disaster recovery than they could have in an unvirtualized environment.
Several surveys show that virtualized environments experience between
35% to 40% fewer server outage hours per year than unvirtualized
environments.
The reasons often given are:
- Simplification - Virtualization allows more OS workloads and more applications per server. This results in fewer servers and more standardization, which results in easier provisioning of new or redeployed applications.
- Independence - Since the OS/application workload does not tie to a specific physical server, IT Management can migrate their workload from server to server thus becoming free a particular server. This facilitates the ability to dynamically migrate applications from an overused or failing server to a healthy server, avoiding outage.
- Flexibility - Virtualization simplifies the process of initiating an OS/application. This enables IT management to have options for locating the OS/application on a particular physical server. In that way IT Managers can easily suspend, relocate, and restart applications that are degrading on a server.
- Better Change Management - Virtualization makes it easier for system administrators to set up a replicate test OS image, which makes it easier to fully regression test new configurations (new application releases, new software versions, etc.). Fuller regression testing of new configurations results in fewer defects encountered in production.
I.T. hiring picks up
Salaries and hiring are both on the rise, Janco reports.
The I.T. jobs outlook is strongest among large companies, where many chief information officers have received the go-ahead to fulfill I.T. positions that were left unfulfilled last year, Janco Associates Inc., a management consulting firm specializing in information systems technology, says in its Mid-Year 2010 IT Salary Survey report.
In contrast, technology executives at smaller companies are being more cautious about hiring out of concern that the economic recovery will not be strong enough to support increased I.T. spending, the survey found.
Nonetheless, most chief information officers who participated in the survey said in post-survey interviews that theyre planning for 2011 with the assumption that the economy will improve early next year. If that holds true, I.T. hiring and compensation should rise for more companies, Janco says
- more infoConsequences of too much social networking
Facebook, MySpace, and other social networking sites make it easy to share information with friends. If you are not utilizing safety features and precautions, however, you are also sharing that information with strangers. Posting too much information on your profile can have consequences that reach all the way from your bank account to your future employment prospects.
According to Consumer Reports, in the last year 9 percent of social network users experienced some form of abuse, such as malware infections, scams, identity theft, or harassment. Many of these incidents are preventable, if you educate yourself about what to do and what not to do on social networking sites.
Similarly, an increasing number of prospective employers are turning to social networking sites to research applicants. Does your profile represent you the same way you would represent yourself in an interview?
- more infoChallenges CIOs face
CIOs are now challenged more than any
time in the past with the economic earthquake around the globe CIOs have to be
smarter, creative and innovative. The only way for CIOs to survive the world
economic reset in a knowledge age is to capitalize on our human capital, put
their staffs creativity to work, stoke our innovative furnace. There are many
ways to fuel the creative fires - from management techniques, to team building,
and effectively leveraging existing and emerging technological investments. However, the key is infrastructure. CIOs that have a one that address
metrics, change management, version control, system development methodology,
service management, and human resources have a better chance to make it through
these tough times.
Preventing Data Breaches
It is
critical that organizations are proactive in their approach to mitigating
insider threats. Week-after week there are disturbing, déjà vu-like stories of
significant data breaches, arrests connected to insider attacks, or
investigation reports emphasizing the necessity to control privileged accounts
that hold highly sensitive data. With no safeguards in place, insider attacks
are often very difficult to detect and block, largely because of excessive
privileges granted to users, users sharing common log-ins and accounts, and
privileged users such as testers, developers and even DBAs having access to
sensitive data.
This Security Manual for the Internet and Information Technology is over 220 pages in length. All versions of the Security Manual template include both the Business & IT Impact Questionnaire and the Threat & Vulnerability Assessment Tool (both were redesigned to address Sarbanes Oxley compliance). In addition, the Security Manual Template PREMIUM Edition contains 16 detail job descriptions that apply specifically to security and Sarbanes Oxley, ISO 27000, PCI DSS, and HIPAA.
- more infoReasons why CIOs and CTOs get Fired
Top ten list of things that fired CIOs do
1. Do not have a disaster recovery and business continuity plan integrated with a backup/archiving program.
2. Ignore warning signs
3. Do not document changes
4. Do not use logging processes
5. Do not install updates
6. Save money by not purchasing upgrades
7. Do not manage passwords well
8. Never say no to anyone
9. Never say yes to anyone
10. Do not train a replacement
- more infoProject Managers are paid well
Companies seem willing to provide solid compensation for project maagers. According to a CIO.com article reporting results of the Project Management Institute's (PMI) 2009 Project Management Salary Survey, the median base salary for a project management professional in the United States is $100,000. Three-quarters of survey respondents take home more than $84,000 a year.
Even during the recession, between fall 2008 and fall 2009, 53 percent of American project managers got a raise. Thirty-four percent had salaries frozen, and 14 percent experienced a pay cut. And project management pros have an optimistic outlook for 2010. Sixty-seven percent of respondents believe their salaries will grow this year, while just 4 percent think their salaries will drop.
You have several options to obtain this study. You can get a summary for free if you participate by providing more than ten (10) data points or you have several option on how to purchase the data.
Summary Results and Changes in Demand for IT Jobs 2010
The Janco Associates, Inc. salary survey draws on data collected throughout the year by extensive internet-based and completed survey forms sent to businesses throughout the United States and Canada. Over 300 companies participate in the survey
- more infoCIO and IT departments are blamed for user shortfalls
Now the CIO not only must be politically correct, but he must also be clairvoyant and understand what can go wrong, be misused, or be abused. The IT Infrastructure must be robust to address this.
When systems are abused the easiest scapegoat is the IT Department. In
the recent school webcam case at the Pennsylvania school district the IT
department was blamed because they not only failed to inform school officials
and administrators of the tracking capabilities of the software, but argued that
telling students about the software's ability to remotely trigger notebook
Webcams would "defeat its purpose" as a way to recover lost or stolen
computers.
Over one third of HR executives ignore unemployment status of employment candidates
Boston
- Results from new research released by Veritude, astaffing services provider,
indicate a positive sign for the New England economy. All surveyed executives in
New England, and across the country, are accepting of the economy as a reason
for an extended unemployment when reviewing candidates. Specifically, when it
came to examining the acceptable length of time for a candidate to be
unemployed, 36 percent of responding executives said they did not believe it
mattered how long a candidate was unemployed given the recessionary conditions,
with 36 percent indicating that six months or less was their ideal length of
unemployment.
The survey also revealed that when making hiring decisions, 44 percent of executives have no preference for a candidate's employment status. In addition, one-third of New England hiring managers and human resources professionals are considering rehiring information technology (IT) employees whom they had laid off.
According to our survey results, it appears that 2010 will be a
better year for IT job seekers in New England, said a senior vice
president of Veritude. With half of employers looking to hire back a portion of their
laid off IT workers either as full time employees or contractors and employers
accepting the economic downturn as a reason for an extended unemployment, IT job
candidates should take heart that their employment status will not significantly
bias a potential employer.
Although in the minority, 19 percent of those surveyed do prefer candidates who are currently employed as regular, full-time employees. Candidates who are either employed full-time or currently employed as temporary or contract workers are preferred by 22 percent.
Of all hiring executives, 53 percent did not care if a candidate was laid off in a first round as opposed to a subsequent round. While the majority did not have an issue with laid off workers, 17 percent of respondents found it more acceptable if a worker was not one of the first to be laid off.
- more infoUS at risk for cyber attacks according to study
A survey released by Lumension Security Inc. states that nearly three-quarters of federal IT decision-makers who work in national defense and security departments or agencies say the possibility is high for a cyber attack by a foreign nation in the next year. Additionally, a third of these respondents say they have already experienced such a cyber attack within the last year.
Of about 200 IT security managers in civilian and noncivilian federal agencies surveyed, 61% said there was a "high" threat of an attack being launched by a foreign nation sometime in the next year.
- 33 percent of respondents who work for departments or agencies affecting national security say they have experienced an attack by a foreign nation or terrorist organization in the last year;
- 61 percent of respondents view the threat of a cyber attack from foreign nations against critical U.S. IT infrastructure in the next year as high;
- 42 percent of respondents believe the U.S. governments ability to prevent or handle these attacks is only fair or poor;
- 64 percent of respondents identified the increasing sophistication and growth in the volume of cyber attacks as the number one IT security risk; and,
- 49 percent of respondents believe that negligent or malicious insiders/employees are the largest IT security risk.
At the same time, more than four out of 10 respondents in the Lumension survey said that they believe the U.S. government's ability to defend against the attacks is "poor" to "fair" at best.
- more infoFeds could learn from private sector IT
The federal government can learn a lot
from the private sector to improve IT program management and customer
service and create a more modern government, concluded attendees of a forum
comprised of both federal and private-sector leaders.
The government should take a more business-minded approach to
how it manages its IT projects, as well as step up efforts already in place to
increase transparency and accountability, according to a recently released
report about the White House Forum on Modernizing Government.
PCI DSS compliance is more than checklist managment
PCI DSS applies to any organization that accepts, stores or processes payment cards of any type and is a comprehensive checklist of actions these organizations must take to improve the security of global payment systems. Although the adoption of PCI DSS by an organization will most likely improve its security posture, being compliant with the PCI DSS does not ensure the organization is secure.
If Enterprises mechanically follow the PCI DSS checklist and our
organization suffers a data securitybreach, they are still held responsible, and
the organization still gets fined, suffers brand damage and may lose its ability
to process credit card transactions. While checklists are useful tools,
following them can lull us into a false sense of security.
To rely solely on
the PCI DSS checklists to secure cardholder data is similar to a pilot relying
only on the pre-flight checklist before takeoff, then colliding with another
plane during takeoff. A checklist
is not enough. In reality, the goal of effective security controls is to
prevent security breaches from occurring, and when they do, to allow quick
detection and recovery. This requires not just following a checklist, but
understanding the organizations compliance and security objectives,
understanding what the top risks to achieving those objectives are, having
adequate situational awareness to identify where we need controls to mitigate
those risk, and then having implementing and monitoring the correct production
controls.
Cost cutting starts with simplifying operations
Complexity produces cost, so IT departments may choose to standardize on a handful of preferred technologies or vendors. The biggest line item in IT budgets is people, so staffing must be addressed. That could mean hiring freezes, cutting back on use of consultants, replacing employees who leave with automation technologies (not another person) and similar measures to limit spending on people.
CIOs should plan proactively for spending cuts before they are mandated. That may involve rebalancing IT initiatives to focus on projects with near-term benefits while keeping momentum on longer-term, strategic projects. They also may need to align IT more closely with the business priorities, which are likely to focus on revenue.
- more infoTax laws hamper IT independent contractors
Section 1706 of the 1986 Tax Reform Act, an obscure law, certain classes of workers, including anyone who engages as a "computer programmer, systems analyst, or other similarly skilled worker engaged in a similar line of work," are considered de facto employees for tax purposes, regardless of whether they claim to operate their own businesses as independent contractors. The IRS can impose significant tax penalties on companies who hire such workers as contractors rather than full employees, a fact that can make it extremely difficult for self-employed programmers to find work.
Section 1706 was originally sponsored by Sen. Daniel Patrick Moynihan of New York, who hoped that forcing highly paid software developers to become employees would limit their ability to take advantage of tax breaks for small businesses. Ironically, it was also Moynihan who, when a study determined the law was not bringing in the desired tax revenue, tried to have it repealed a year later. He failed, and it's still on the books today.
Employees typically do not have to pay for their own health insurance, the way contractors do. Individual health plans generally offer worse coverage than group plans, and they can be incredibly selective about who they allow to join. Those who are accepted can expect their premiums to rise every year, often by double-digit percentages. Given these conditions, developers who have families to support or preexisting medical conditions are well advised to hang on to their salaried jobs for dear life rather than run the gauntlet of the dysfunctional American health insurance industry.
And if the prospect of being bankrupted by medical bills is not frightening enough, add the increasingly hostile legal climate surrounding the software development profession. In response to all-too-common reports of software bugs and security breaches, some organizations have begun lobbying for contractual language that makes software developers accountable for any defects in their code. For example, the SANS Institute has proposed a detailed contract that would require developers to certify that they had received appropriate training, observed any and all security procedures deemed necessary, and that their code was free of defects to the best of their knowledge, among other clauses.
- more infoWindows Live Potential Data Breach
Microsoft is looking into reports that some Windows Live customers may have gotten access to other users' information.
"Microsoft is investigating reports of a limited number of instances in which Windows Live customers may have access to other customers' accounts when accessing their account through mobile Web browser," the company said in a statement Tuesday. "Microsoft takes customers' privacy seriously, and immediately upon learning of these reports, we started an investigation."
The company added that it "will take appropriate action once we have completed the investigation."
- more infoMetrics to Manage Performance Defined by Janco
The performance of the people within an organization determines the success of business outcomes. Without optimal performance an organization can find itself floundering in the market and eventually fizzling out. Measuring the performance of our people and our HR department is a critical function for making sound business decisions and performance management decisions. HR metrics can be valuable tools for ensuring our people practices are aligned with our organizational goals and supporting the effective and efficient use of our most valuable asset, our people.
- more infoOutsouring impact IT Service Management
Lack of proactive monitoring threatens end-user satisfaction and application performance
To operate a cost-effective business in todays highly competitive market, an organisation requires an extremely efficient IT infrastructure to link its data centers, business operations and globally distributed customers. All business-critical applications must run smoothly to satisfy end-users and customers service level expectations. Consequently, an enterprise's IT support services play a vital role. Many international businesses, for example, operate multiple hosted data centers and have communication rooms in many of their overseas locations. These same businesses often outsource some of their IT operations management
However, executives are concerned about poor visibility of IT infrastructure problems, high levels of service disruption, low end-user satisfaction and the impact on application availability. Visibility of an enterprise's infrastructures performance and availability are often inadequate because they have very little monitoring and performance information. Thus, they are a reactive organization. Enterprises must introduce an IT Service Transformation process to improve all aspects of IT Service Management (ITSM) and act as a foundation to monitor the critical business processes, which cover multiple applications and infrastructure integrated incident, problem and asset management.
Key objectives are to manage the infrastructure and applications proactively; generate a centralized system for their outsourced service providers; and link problems to their existing help desk.
- more infoData Breachs Costly
The financial consequences of data breaches can be severe. Many
organizations lose customers and revenue because of the violation of trust
incurred from a breach. Due to the growing number of state privacy laws, most
breaches require that those whose information is compromised must be notified.
Most organizations now pay for credit monitoring services for several years for
all those impacted by a breach -- these services typically cost about $100 per
person per year. And in some cases, organizations are subject to fines for
revealing personal information.
Security Policy Manual (policies and procedures template) is over 240 pages in length. All versions of the Security Manual template include both the Business & IT Impact Questionnaire and the Threat & Vulnerability Assessment Tool (both were redesigned to address Sarbanes Oxley compliance). In addition, the Security Manual Template PREMIUM Edition contains 16 detail job descriptions that apply specifically to security and Sarbanes Oxley, ISO 27000 (ISO27001 and ISO27002), PCI-DSS, and HIPAA. Data Protection is a priority and security myths need to addressed.
- more info