Latest news of interest from the CIO's primary news feed

Disaster Recovery Planning, Job Descriptions, Salary Survey, Business Continuity, ITSM, SOA, Compliance, SOX, and HIPAA

News of interest from CIO's primary news feed - The Janco News feed is an XML news feed that you can subscribe to and re-publish on your web site or blog. The only requirement that you need to meet is that the feed is included with no modifications and that the links within the feed are retained as is.

If you wish to subscribe to this news feed the options that you have are:

  • IT Standard News Feed

  • ISO 28000 Supply Chain Security Audit Program Released

    Tools that the CIO, CSO, CTO, and CFO can use for Infrastructure, Disaster Recovery, Security, Job Descriptions, ITSM, Salary, Change Control, and Help Desk.

    Audit program necessary for Supply Chain Security Management System (SCSMS)

    ISO 28000 Supply Chain Audit ProgramSupply chain shortfalls have impacted companies that have a high reliance on just-in-time delivery.  In many environments aging infrastructure, dependence on remote suppliers, and increased natural and human-made threats have exacerbated delivery and security.  As a result, Supply Chain Security has become a very important item for manufacturing, distribution, and marketing companies.  Companies need to understand the impact on supply change management for record processing and transmission, risk management, information, and asset security.

    Order Supply Chain Audit Program Download sample

    - ISO 28000 Supply Chain Security Audit Program Released

    Supply Chain ISO Mandatesdefined

    ISO 28000:2007 is necessary for support of an organization implementing and managing a Supply Chain Security Management System

    The Security Management Standard (SMS) requirements standard, a specification for an SMS against which organizations can certify compliant.


    Standard specifies the requirements for a security management system, including those aspects critical to security assurance of the supply chain. Security management is linked to many other aspects of business management. Aspects include all activities controlled or influenced by organizations that impact on supply chain security. These other aspects should be considered directly, where and when they have an impact on security management, including transporting these goods along the supply chain.

    ISO 28000:2007 is applicable to all sizes of organizations, from small to multinational, in manufacturing, service, storage or transportation at any stage of the production or supply chain that wishes to:

    ·         Establishes, implements, maintains, and improves a security management system.

    ·         Assures conformance with stated security management policy.

    ·         Demonstrates such conformance to others.

    ·         Seeks certification/registration of its security management system by an Accredited third-party Certification Body.

    ·         Makes a self-determination and self-declaration of conformance with ISO 28000:2007.

    Order Security Manual Template Download Sample

    - Supply Chain ISO Mandatesdefined

    ISO 28000 Supply Chain Security

    ISO 28000 - Supply Chain Security Management System

    With companies that have a high reliance on just-in-time delivery, aging infrastructure and increased natural and human-made threats, Supply Chain Security has become a very important item for them, especially when viewed in relation with Business Continuity Management, Risk Management and Security Management.

    Read On  Order Compliance Management Kit  Download TOC

    - ISO 28000 Supply Chain Security

    How has hybrid work environment impacted IT

    Top 10 challenges WFH - Hybrid work environment

    Initial finding of impacts that the hybrid work enviroment have had on IT organizations:


    • WFH employees are not very happy in having to go back to commuting - It seems that attrition rates are highest among employees that are told to go back to the office and follow vaccine mandates.  Not enough data as of yet to be statistically significant.
    • Training in new technologies has not kept pace with the needs of many organizations.  With many IT Pros working at home for the past several months, many of the employees did not "understand" the opportunities they had for training. Before the pandemic, the "in-office" environment pushed many pros to ask for training.  That did not happen as much in the WFH environment.
    • KPIs for SLAs were not met by many IT functions.  Hold and wait times were and still are elongated.  There was limited visibility of the staffing requirements for service and help desks. Dogs barking and loud noises in the background impacted the "professional image" of the service desks.

    Hybrid Work Environment Challenges

    Read On  Order WFH & Mobility Bundle  Download Table of Contents

    - How has hybrid work environment impacted IT

    Pay grade posting mandate

    California joins New York City, Colorado with madate for postion pay grades

    California lawmakers passed legislation requiring all employers based or hiring in the state to post salary ranges on all job listings. The law will also require California-based companies with more than 100 employees to show their median gender and racial pay gaps. California would join New York City and Colorado if this madate is signed into law.

    Gov. Gavin Newsom, who has until Sept. 30 to sign or veto it. He has not yet expressed a position and did not immediately respond to a request for comment. If he signs it, the law would affect some of the biggest U.S. companies, including Meta Platforms Inc., Alphabet Inc. and Walt Disney Co.Companies.

    Job Classification system is a basis for setting pay ranges

    Over the past three decades Janco Associates and its principles have created a set of 320 IT Job descriptions that are viewed by many as the industry standard. As a natural extension of that offering Janco has documented its IT job classification system.

      Read On     Order Pay Grade System

    - Pay grade posting mandate

    Security Management Best Practices

    Top 10 Security Management Best Practices

    1. Centralize Malware Management
    2. Establish Boundary Control
    3. Centralize Provisioning and Authorization Management
    4. Implement Acceptable Use Policy
    5. Build Security into Applications Starting in the Design Phase
    6. Understand and implement all compliance and audit requirements
    7. Implement Monitoring and reporting processes
    8. Manage security deployment and infrastructure processes
    9. Implement network and host defenses
    10. Constantly validate network and system resource integrity

    Order Security Manual Template Download Sample

    - Security Management Best Practices

    Basic Interview Questions

    Ways to get the best information on a candidate

    Questions that the best recruiters ask are:

    • What is your greatest strength?
    • What is your greatest weakness?
    • How do you handle stress and pressure?
    • Describe a difficult work situation / project and how you overcame it.
    • How do you evaluate success?
    • Why are you leaving or have left your job?
    • Why do you want this job?
    • Why should we hire you?
    • What are your goals for the future?
    • What makes you the best fit for our organization?

    Order IT Hiring Kit  Download IT Hiring Kit TOC

    - Basic Interview Questions

    Ransomware attacks could impact inflation rate

    Ransomware Attacks focus on supply chain

    Ransomware address in Governance InfrasstructureThe FBI is reporting ransomware attacks are ow targeting agriculture. This could disrupt planting and harvesting operations, potentially impacting the food supplies, not only for people, but also for farm animals. In addition, those types of attacks could impact the overall inflation rate

    In the past two years, multiple agricultural cooperatives have fallen victim to ransomware attacks.  The focus has been on the spring planting and autumn harvesting seasons. The FBI reported there were six recorded ransomware attacks against grain cooperatives during the fall 2021 harvest and two attacks early this year.

    Ransomware addressed in IT Governance Infrastructure Strategy Handiguide

    Protection from ransomware attacks drives re-vamped IT Governance Infrastructure. To start, IT Governance moves organizations and C-Level executives to follow five steps to help them better prepare for Ransomware attacks.

    Read On  Order IT Governance Infrastructure Strategy 

    - Ransomware attacks could impact inflation rate