Latest news of interest from the CIO's primary news feed
Disaster Recovery Planning, Job Descriptions, Salary Survey, Business Continuity, ITSM, SOA, Compliance, SOX, and HIPAA
News of interest from CIO's primary news feed - The Janco News feed is an XML news feed that you can subscribe to and re-publish on your web site or blog. The only requirement that you need to meet is that the feed is included with no modifications and that the links within the feed are retained as is.
If you wish to subscribe to this news feed the options that you have are:
- IT Standard News Feed
- WFH employees are not very happy in having to go back to commuting - It seems that attrition rates are highest among employees that are told to go back to the office and follow vaccine mandates. Not enough data as of yet to be statistically significant.
- Training in new technologies has not kept pace with the needs of many organizations. With many IT Pros working at home for the past several months, many of the employees did not "understand" the opportunities they had for training. Before the pandemic, the "in-office" environment pushed many pros to ask for training. That did not happen as much in the WFH environment.
- KPIs for SLAs were not met by many IT functions. Hold and wait times were and still are elongated. There was limited visibility of the staffing requirements for service and help desks. Dogs barking and loud noises in the background impacted the "professional image" of the service desks.
- Centralize Malware Management
- Establish Boundary Control
- Centralize Provisioning and Authorization Management
- Implement Acceptable Use Policy
- Build Security into Applications Starting in the Design Phase
- Understand and implement all compliance and audit requirements
- Implement Monitoring and reporting processes
- Manage security deployment and infrastructure processes
- Implement network and host defenses
- Constantly validate network and system resource integrity
- What is your greatest strength?
- What is your greatest weakness?
- How do you handle stress and pressure?
- Describe a difficult work situation / project and how you overcame it.
- How do you evaluate success?
- Why are you leaving or have left your job?
- Why do you want this job?
- Why should we hire you?
- What are your goals for the future?
- What makes you the best fit for our organization?
ISO 28000 Supply Chain Security Audit Program Released
Tools that the CIO, CSO, CTO, and CFO can use for Infrastructure, Disaster Recovery, Security, Job Descriptions, ITSM, Salary, Change Control, and Help Desk.
Audit program necessary for Supply Chain Security Management System (SCSMS)
Supply chain shortfalls have impacted companies that have a high reliance on just-in-time delivery. In many environments aging infrastructure, dependence on remote suppliers, and increased natural and human-made threats have exacerbated delivery and security. As a result, Supply Chain Security has become a very important item for manufacturing, distribution, and marketing companies. Companies need to understand the impact on supply change management for record processing and transmission, risk management, information, and asset security.ISO 28000 Supply Chain Security Audit Program Released
Supply Chain ISO Mandatesdefined
ISO 28000:2007 is necessary for support of an organization implementing and managing a Supply Chain Security Management System
The Security Management Standard (SMS) requirements standard, a specification for an SMS against which organizations can certify compliant.
Standard specifies the requirements for a security management system, including those aspects critical to security assurance of the supply chain. Security management is linked to many other aspects of business management. Aspects include all activities controlled or influenced by organizations that impact on supply chain security. These other aspects should be considered directly, where and when they have an impact on security management, including transporting these goods along the supply chain.
ISO 28000:2007 is applicable to all sizes of organizations, from small to multinational, in manufacturing, service, storage or transportation at any stage of the production or supply chain that wishes to:
· Establishes, implements, maintains, and improves a security management system.
· Assures conformance with stated security management policy.
· Demonstrates such conformance to others.
· Seeks certification/registration of its security management system by an Accredited third-party Certification Body.
· Makes a self-determination and self-declaration of conformance with ISO 28000:2007.Supply Chain ISO Mandatesdefined
ISO 28000 Supply Chain Security
ISO 28000 - Supply Chain Security Management System
With companies that have a high reliance on just-in-time delivery, aging infrastructure and increased natural and human-made threats, Supply Chain Security has become a very important item for them, especially when viewed in relation with Business Continuity Management, Risk Management and Security Management.ISO 28000 Supply Chain Security
How has hybrid work environment impacted IT
Top 10 challenges WFH - Hybrid work environment
Initial finding of impacts that the hybrid work enviroment have had on IT organizations:
- How has hybrid work environment impacted IT
Pay grade posting mandate
California joins New York City, Colorado with madate for postion pay grades
California lawmakers passed legislation requiring all employers based or hiring in the state to post salary ranges on all job listings. The law will also require California-based companies with more than 100 employees to show their median gender and racial pay gaps. California would join New York City and Colorado if this madate is signed into law.
Gov. Gavin Newsom, who has until Sept. 30 to sign or veto it. He has not yet expressed a position and did not immediately respond to a request for comment. If he signs it, the law would affect some of the biggest U.S. companies, including Meta Platforms Inc., Alphabet Inc. and Walt Disney Co.Companies.
Job Classification system is a basis for setting pay ranges
Over the past three decades Janco Associates and its principles have created a set of 320 IT Job descriptions that are viewed by many as the industry standard. As a natural extension of that offering Janco has documented its IT job classification system.Pay grade posting mandate
Security Management Best Practices
Top 10 Security Management Best Practices
Security Management Best Practices
Basic Interview Questions
Ways to get the best information on a candidate
Questions that the best recruiters ask are:
Basic Interview Questions
Ransomware attacks could impact inflation rate
Ransomware Attacks focus on supply chain
The FBI is reporting ransomware attacks are ow targeting agriculture. This could disrupt planting and harvesting operations, potentially impacting the food supplies, not only for people, but also for farm animals. In addition, those types of attacks could impact the overall inflation rate
In the past two years, multiple agricultural cooperatives have fallen victim to ransomware attacks. The focus has been on the spring planting and autumn harvesting seasons. The FBI reported there were six recorded ransomware attacks against grain cooperatives during the fall 2021 harvest and two attacks early this year.
Ransomware addressed in IT Governance Infrastructure Strategy Handiguide
Protection from ransomware attacks drives re-vamped IT Governance Infrastructure. To start, IT Governance moves organizations and C-Level executives to follow five steps to help them better prepare for Ransomware attacks.Ransomware attacks could impact inflation rate