Site icon IT World Canada

Have you started your journey yet?

Getting IT under control is all about consistent and repeatable IT processes. Change and release management has become a defining performance factor in high performing IT shops. Significant research has also been completed which identifies the huge benefits of tackling change management “head on”.

 

Dan Swanson

 

1. Keeping Up Your SOX Compliance And Turning IT into a High Performer by improving Change Control –A Compelling Business Case for Change Management.

There is a substantial and growing body of evidence that “change management” is a key success factor in the implementation of efficient, effective and secure IT Operations. Because every “IT risk” creates some degree of business risk, it is important that executives thoroughly understand change management issues.

http://www.tripwire.com/resources/asset_request.cfm?aid=2184(registration may be required).

 

2. 20 Questions Directors Should Ask About Information Technology Outsourcing

Directors of organizations are expected to satisfy themselves that the information technology function is effective, whether it is outsourced or not. This briefing provides suggested questions for board to ask the Chief Information Officer and others within the organization. http://www.cica.ca/index.cfm/ci_id/20018/la_id/1.htm

 

3. Auditing IT Initiatives “Thought Leadership” – (Because an IT Project Failure is NOT An Option).

Some key questions to consider:

http://www.auditnet.org/articles/DSIA200702.htm

 

4. US Federal Information Processing Standard (FIPS) 200, “Minimum Security Requirements for Federal Information and Information Systems” (PDF)
The minimum security requirements cover seventeen security-related areas with regard to protecting the confidentiality, integrity, and availability of federal information systems and the information processed, stored, and transmitted by those systems. The security-related areas include: (i) access control; (ii) awareness and training; (iii) audit and accountability; (iv) certification, accreditation, and security assessments; (v) configuration management; (vi) contingency planning; (vii) identification and authentication; (viii) incident response; (ix) maintenance; (x) media protection; (xi) physical and environmental protection; (xii) planning; (xiii) personnel security; (xiv) risk assessment; (xv) systems and services acquisition; (xvi) system and communications protection; and (xvii) system and information integrity. The seventeen areas represent a broad-based, balanced information security program that addresses the management, operational, and technical aspects of protecting federal information and information systems.
http://csrc.nist.gov/publications/fips/fips200/FIPS-200-final-march.pdf

 

5. SECURITY BENCHMARK.COM

This web site was created from the very unique and comprehensive list of Information Security related resources Dan has managed to collect. Security benchmark is managed and maintained by Seccuris Inc.http://www.securitybenchmark.com/

 

6. EARLY WARNING SIGNS OF IT PROJECT FAILURE: THE DOMINANT DOZEN

The post mortem examination of failed IT projects reveals that long before the failure there

were significant symptoms or “early warning signs.” This article describes the top 12 people related and project related IT project risks, based on “early warning sign” data collected from a panel of 19 experts and a survey of 55 IT project managers.

http://www.ism-journal.com/ITToday/projectfailure.pdf

 

 

 

Exit mobile version