Tool Kits -- CIO CTO Tools

Disaster Planning is the resource site forService Level Agreements Metrics Information Technology management. This site contains the Information Technology and management infrastructure tools that the CIO, CSO, and CFO can use for Sarbanes Oxley, Disaster Recovery, Security, Job Security AuditDescriptions, IT Service Management,  Change Control, Help Desk, Service Requests, SLAs - Service Level Agreements, and Metrics.  Site includes Browser and Operating System Market Share White Paper and IT Salary Survey Data.

Disaster Recovery Templates are Sarbanes Oxley compliant and the Disaster Recovery Template is included in the Sarbanes Oxley Compliance Kit supports a wide range of industries and enterprises of all sizes.  Our clients include over 2,500 premier corporations from around the world, including over 250 of the Fortune 500.

  IT Hiring KitIT Salary Data IT Job Descriptions

Site Map

 Outsourcing Threat Vulnerability Assessment Business IT Impact - Sarbanes Oxley tool Record Retention and Destruction Policy

Special Offers

IT Service Management
CIO Productivity Bundle
IT Hiring Resource Kit
SOX Compliance Resource Kit
DRP & Security Bundle
Job Description Bundles

Download Salary Survey

NEWS -- The 2017 IT Salary Survey is now available. Study shows that IT salaries have fallen. Companies that participate get a free copy of the next survey when it is released.

Read On..

NEWS - Record Management, Retention, and Destruction Policy Template -  The Record Management, Retention, and Destruction is a detail policy template which can be utilized on day one to create a records management process.  Included with the policy are forms for establishing the record management retention and destruction schedule and a full job description with responsibilities for the Manager Records Administration.

Read on ...

IT Service Management - Service Oriented Architecture  

Follow Us - Get Exclusive
Premium White Papers

Follow Us TwitterFollow Us FacebookFollowu Us Blog Janco RSS Feed

Del.icio.usFacebookCIO Daily

Disaster Recovery Plan Template
Security Manual - Sarbanes-Oxley
IT Infrastructure Strategy Charter ISO
IT Internet Metrics

Interesting Articles

Staffing Issues for CIO concern

Staffing Issues the CIO Needs to be Aware of

Overseeing staffing, a hat that many CIOs wear, may mean having to make crucial decisions about hiring and policy, performance management and discipline, and employee terminations.

Five employment law issues should be on the radar of CIOs who oversee the staffing function.

  1. State and Local Wage and Hour Laws - Laws governing hours of work and payment of wages are a leading source of employee claims.
  2. Federal, State, and Local Leave Laws - Similarly, different states and cities may have medical leave and paid sick-time laws that differ significantly from what CIOs are familiar with under federal law or the law in the the company's headquarters state.
  3. Independent Contractors - Claims by individual contractors alleging that they were misclassified and should have been treated as employees are now very common.
  4. Separation Agreements - Using a one-size-fits-all separation agreement may result in paying an employee severance pay and not getting an enforceable release of all legal claims in return.
  5. Using Contracts to Protect Business Info and Customer Relationships -  CIOs of growth companies may need to be responsible for evaluating whether the company is taking the steps to ensure that, if necessary, restrictive employee contracts will be enforced by courts to the greatest possible extent.

Order IT Job Description

Sample job description

Download Selected IT Job Descriptions

- more info

Poor Network Control Policies

Security Manual Template and Compliance Tools

Using Plain FTP

It’s way too cheap and easy to download a free FTP tool off the Internet,  or even use a command-line for those savvy computer users. Plain FTP is sent “in the clear” across the network, prime for a man-in-the-middle  attack or to assist bad actors with a data breach. Organizations that use  plain FTP open themselves up to attack, giving intruders free reign in  their network.

Not Keeping Systems and Software Up to Date

Microsoft and other software organizations release frequent updates. They don’t release these updates out of the goodness of their hearts;  they do it because security holes were found in their code, in Java, or in  OpenSSL, and they need to patch the software. Not keeping systems  and software up to date is just shooting yourself in the foot. It’s worth  the temporary annoyance to make your data a little more secure. This  includes keeping certificates current.

Not Knowing What’s Happening on Your Network

If you are monitoring what’s coming into and going out of your network,  as well as who is connecting and when, that’s a big step in controlling  your network. Also, if you have multiple systems to manage, it’s much  easier to get a clear picture of what is going on if all of the data is monitored in one location.  You should include in your security policy a requirement for periodic  reports, email alerts, and other real-time indicators of activity on  the network.

Download Selected Pages

- more info

VPNs are not the endall for security

VPN Security an Issue that needs to be addressed

It is a common belief that the best way to protect one's privacy online is to use a VPN (virtual private network). VPNs theoretically let you use the public internet as if you were on a private network. They let you hide and encrypt your online activity, even from your own ISP. And they enable you to spoof your location, so you can say you're going online in another city or country.

However, a recent study found that an alarmingly high number of VPN services offered through Android apps violate your privacy, rather than protect it.

The study found that 38% of Android VPNs are infected with malware, 18% don't have encryption and 75% track user activity. Some Android VPNs inject JavaScript programs for tracking or for redirecting online shopping queries to paid partners of the app creator.

Order Security ManualDownload Selected Pages

- more info

Email Privacy Act would require more warrants

Email Privacy Act would require more warrants by police

A bill reintroduced in the U.S. House of Representatives would require law enforcement agencies to get a warrant before they poke around users’ emails and other communications in the cloud that are older than 180 days.

If the Email Privacy Act becomes law, government agencies will have to obtain a warrant based on a showing of probable cause to compel service providers to disclose emails and other electronic communications of Americans, regardless of the age of the mails or the means of storage. In the original version of the legislation, the government also had to notify the person whose account is disclosed, along with a copy of the search warrant and other information, within a stipulated period.

Order Security ManualDownload Selected Pages

- more info

Tech focus of new administration job creation and repatriation of profits

2017 Tech focus of new administration job creation and repatriation of profits

Job creation for American workers, international trade barriers, U.S. trade and access to the Chinese market, lower taxes, repatriation of profits held overseas, improving U.S. physical and digital infrastructure, cybersecurity, protecting intellectual property rights, government software, technology in education, improved vocational training, reducing government bureaucracy and greater accountability in the government procurement process.

The repatriation of profits has been a hot-button issue, with U.S. tech companies unwilling to bring back profits held overseas because they would have to pay U.S. taxes. New administration signaled some sympathy for corporations by describing the taxes as "prohibitive."

Order IT Job DescriptionSample job description Download Selected IT Job Descriptions


- more info