Latest news of interest from the CIO's primary news feed

Disaster Recovery Planning, Job Descriptions, Salary Survey, Business Continuity, ITSM, SOA, Compliance, SOX, and HIPAA

News of interest from CIO's primary news feed - The Janco News feed is an XML news feed that you can subscribe to and re-publish on your web site or blog. The only requirement that you need to meet is that the feed is included with no modifications and that the links within the feed are retained as is.

If you wish to subscribe to this news feed the options that you have are:

• IT Standard News Feed

---

Unemployed IT Pros

Tools that the CIO, CSO, CTO, and CFO can use for Infrastructure, Disaster Recovery, Security, Job Descriptions, ITSM, Salary, Change Control, and Help Desk.

Over 4.18 Million individuals are employed as IT Pros in the US

The unemployment rate in the technology job market in the U.S. is about half that of other fields — just 1.5%.  2022 saw an increase of about 264,500 new jobs to the I.T. job market, according to industry consultancy Janco Associates. Those new jobs came atop the 213,000 I.T. jobs created in 2021.

465 tech companies have fired a total of 126,057 employees in 2023. And, according to  another survey, in 2023 608 tech companies have announced layoffs, affecting 162,541 people (or 2,426 people per day). In 2022, there were 1,535 layoffs at tech companies with 241,176 people let go.



While tech companies have laid off hundreds of thousands of workers over the past six months or so, the majority of those employees did not hold I.T. positions. And even when companies did reduce their headcount through layoffs, the number let go was typically no more than 5% to 6% of the total workforce.

 

- Unemployed IT Pros

---

Compliance Management Kit - 2023 Edition Released

2023 Edition Compliance Management Kit contains ISO 28000 Compliance Tools

Recent cyberattacks focused most C-Level executives on asset security and compliance as more business is conducted on the Internet. In addition, not meeting compliance mandates exposes enterprises to damaged reputations and fines. The Compliance Management Kit provides tools that are properly implemented minimize those risks. The Compliance Management Kit is the must-have tool to meet mandated governmental and industry compliance objectives.

The Kit comes in three versions.  Each version contains the Compliance Management White Paper, ISO 28000 Security Audit Program (Supply Chain Management), a self-scoring Security Audit Program, a PCI Audit Program, and 31 key job descriptions including one for the Chief Compliance Officer which is six pages in length.

Order Compliance Management Kit  Download Selected Pages

- Compliance Management Kit - 2023 Edition Released

---

2023 Edition of IT Infrastructure Policies bundle released

IT Infrastructure Policies and Procedures 2023 Edition

The policies, job descriptions and forms in the 2023 Edition  comply with all mandated requirements and include electronic forms that can be e-mailed, filled out completely on the computer, routed and stored electronically.

CIO IT Infrastructure Policy Bundle (All of the policies below are included as individual MS Word files and a single PDF file. Electronic forms are all individual documents that are easily modifiable)

• Backup and Backup Retention Policy
• Blog and Personal Web Site Policy
• BYOD Policy Template
• Google Glass Policy
• Incident Communication Plan Policy - Includes Pandemic Checklist and considerations
• Internet, e-mail, Social Networking, Mobile Device, Electronic Communications, and Record Retention Policy
• Mobile Device Access and Use Policy
• Outsourcing and Cloud Based File Sharing Policy
• Patch Management Policy
• Physical and Virtual Server Security Policy
• Privacy Compliance Policy - California Privacy Act
• Record Classification, Management, Retention, and Destruction Policy
• Safety Program
• Sensitive Information Policy
• Service Level Agreement (SLA) Policy Template with KPI Metrics
• Social Networking Policy
• Technology Acquisition Policy
• Text Messaging Sensitive and Confidential Information
• Travel, Electronic Meeting, and Off-Site Meeting Policy
• Wearable Device Policy
• WFH & Telecommuting Policy
• IT Infrastructure Electronic Forms

Order IT Infrastructure Policies  Download Selected Pages

- 2023 Edition of IT Infrastructure Policies bundle released

---

ISO 28000 Supply Chain Security Audit Program Released

Audit program necessary for Supply Chain Security Management System (SCSMS)

Supply chain shortfalls have impacted companies that have a high reliance on just-in-time delivery.  In many environments aging infrastructure, dependence on remote suppliers, and increased natural and human-made threats have exacerbated delivery and security.  As a result, Supply Chain Security has become a very important item for manufacturing, distribution, and marketing companies.  Companies need to understand the impact on supply change management for record processing and transmission, risk management, information, and asset security.

Order Supply Chain Audit Program Download sample

- ISO 28000 Supply Chain Security Audit Program Released

---

Supply Chain ISO Mandatesdefined

ISO 28000:2007 is necessary for support of an organization implementing and managing a Supply Chain Security Management System

The Security Management Standard (SMS) requirements standard, a specification for an SMS against which organizations can certify compliant.

 

Standard specifies the requirements for a security management system, including those aspects critical to security assurance of the supply chain. Security management is linked to many other aspects of business management. Aspects include all activities controlled or influenced by organizations that impact on supply chain security. These other aspects should be considered directly, where and when they have an impact on security management, including transporting these goods along the supply chain.

ISO 28000:2007 is applicable to all sizes of organizations, from small to multinational, in manufacturing, service, storage or transportation at any stage of the production or supply chain that wishes to:

·         Establishes, implements, maintains, and improves a security management system.

·         Assures conformance with stated security management policy.

·         Demonstrates such conformance to others.

·         Seeks certification/registration of its security management system by an Accredited third-party Certification Body.

·         Makes a self-determination and self-declaration of conformance with ISO 28000:2007.

Order Security Manual Template Download Sample

- Supply Chain ISO Mandatesdefined

---

ISO 28000 Supply Chain Security

ISO 28000 - Supply Chain Security Management System

With companies that have a high reliance on just-in-time delivery, aging infrastructure and increased natural and human-made threats, Supply Chain Security has become a very important item for them, especially when viewed in relation with Business Continuity Management, Risk Management and Security Management.

Read On  Order Compliance Management Kit  Download TOC

- ISO 28000 Supply Chain Security

---

How has hybrid work environment impacted IT

Top 10 challenges WFH - Hybrid work environment

Initial finding of impacts that the hybrid work enviroment have had on IT organizations:

 

• WFH employees are not very happy in having to go back to commuting - It seems that attrition rates are highest among employees that are told to go back to the office and follow vaccine mandates.  Not enough data as of yet to be statistically significant.
• Training in new technologies has not kept pace with the needs of many organizations.  With many IT Pros working at home for the past several months, many of the employees did not "understand" the opportunities they had for training. Before the pandemic, the "in-office" environment pushed many pros to ask for training.  That did not happen as much in the WFH environment.
• KPIs for SLAs were not met by many IT functions.  Hold and wait times were and still are elongated.  There was limited visibility of the staffing requirements for service and help desks. Dogs barking and loud noises in the background impacted the "professional image" of the service desks.



Read On  Order WFH & Mobility Bundle  Download Table of Contents

- How has hybrid work environment impacted IT

---

Pay grade posting mandate

California joins New York City, Colorado with madate for postion pay grades

California lawmakers passed legislation requiring all employers based or hiring in the state to post salary ranges on all job listings. The law will also require California-based companies with more than 100 employees to show their median gender and racial pay gaps. California would join New York City and Colorado if this madate is signed into law.

Gov. Gavin Newsom, who has until Sept. 30 to sign or veto it. He has not yet expressed a position and did not immediately respond to a request for comment. If he signs it, the law would affect some of the biggest U.S. companies, including Meta Platforms Inc., Alphabet Inc. and Walt Disney Co.Companies.

Job Classification system is a basis for setting pay ranges

Over the past three decades Janco Associates and its principles have created a set of 320 IT Job descriptions that are viewed by many as the industry standard. As a natural extension of that offering Janco has documented its IT job classification system.

  Read On     Order Pay Grade System

- Pay grade posting mandate