Sarbanes-Oxley (SOX)Resource Compliance Kit
Mandated Requirements
The SOX kit contains all of the tools that are need to comply with the Sarbanes-Oxley legislation. This tool kit has been used successfully by over 500 publicly traded companies.
ITIL and "Best Practices" are no longer sufficient to conform to the Sarbanes Oxley and COBIT requirements. There are many products on the market that claim they can track changes, that they can control/manage changes or that they can audit the use of products and the changes made to systems.
Almost all of the Change Management products are either "Electronic Paper" (i.e. they cannot prevent unauthorized changes from being made) or they react after the event based on cyclic comparisons of the various data sets. The time between the cyclic comparisons is an open door for anyone trying to manipulate the systems, and paper based systems offer no protection at all.
Sarbanes-Oxley Section 404 requires that:
- Enterprises have an enterprise wide security policy;
- Enterprises have enterprise wide classification of data for security, risk, and business impact;
- Enterprises have security related standards and procedures;
- Enterprises have formal security based documentation, auditing, and testing in place;
- Enterprise enforce separation of duties; and
- Enterprises have policies and procedures in place for Change Management, Help Desk, Service Requests, and changes to applications, policies, and procedures.
To meet these needs the Sarbanes Oxley Kit, which comes in four editions (Standard, Silver, Gold, and Platinum) contains:
- Security Policies (all editions);
- Threat & Vulnerability Assessment Tool (all editions);
- Business & IT Impact Questionnaire Risk Assessment Tool (all editions);
- Safety Program Template (all editions);
- Disaster Recovery Template (all editions);
- Outsourcing guide update to reflect what you vendors need to do (all editions);
- Software tool to monitor key data files (all editions);
- Internet and IT Job Descriptions (Silver, Gold, and Platinum Editions) and;
- IT Service Management Template (Platinum Edition).
The tools provided in these kits address not only the needs of Sarbanes-Oxley, COBIT and ISO -- they also provide a vehicle to comply with the IT Governance requirements.
CIO - CTO - CSO News
Sensitive Information Policy Template released by Janco
The Sensitive Information Policy Template (Version 2.4) has just been released by Janco. This policy applies to the entire enterprise, its vendors, its suppliers (including outsourcers), co-location providers, and facilities regardless of the methods used to store and retrieve sensitive information (e.g. online processing, outsourced to a third party, Internet, Intranet or swipe terminals).
New with this version are updates that specifically define the mandates of most recent federal (Gramm-Leach-Bliley) and state (Massachusetts and California).
- more info
Which skills are in high demand and low demand
IT salaries are determined by the skills that are required. Janco has determined the following are the skills in high demand and low demand.
Skills with a high demand
- Project Management - especially large projects with short time frame for delivery
- Security - focus on mandated compliance issues
- Network Administration - wireless and cloud administration
- Virtualization (Cloud) - new applications and management of the IT infrastructure
- Business and Operational Analysis - focus on business change
- Productivity Improvement Analysis - metrics and operational analysis
- Web 2 - interactive applications that add value
- Database Management - applications that leverage enterprise assets
- System Administration - Windows and UNIX management
- Desktop Support - standardization and change management
Skills with a declining demand
- more info
- COBOL
- HTML
- System Network Architecture - SNA
- Siebel
- Rapid Application Development - RAD
- ColdFusion
- Wireless Application Protocol - WAP
- Visual J++
- Novell NetWare
- Asynchronous Transfer Mode - ATM
IBM outsourcing cost 2,000 US jobs
After shrinking its U.S. workforce by as many as 10,000 employees last year, IBM may be on its way to cutting another 2,000 workers.
As of last October, IBM employed 105,000 workers in the U.S., compared to 115,000 in 2008. In 2007, IBM had 121,000 U.S. employees. It employs about 400,000 globally.
IBM isn't commenting on its latest round of cuts and information about it comes from the Alliance union which gathers its data directly from IBM employees.
"IBM is clearly offshoring things where they can," said one IBM employee who received his notice and spoke on the condition of anonymity because he didn't want to jeopardize his severance. A 10-year veteran and UNIX administrator, this employee said his customer support team once had 15 U.S.-based workers. That staff was reduced over time to just three workers in the U.S., with other members of the customer support team now in Brazil, Argentina and India.
The employee said he was not given a good reason for his layoff. "Higher ups made a decision that a certain percentage had to be cut - it was not performance-based at all," he said. Although the employee said he's uncertain about the job market, "my sense is that it is not horrendous but I'll have to assume that I'll have to take a cut in pay."
- more info
Practical Guide for IT Outsourcing Released by Janco
Practical Guide for IT Outsourcing Released - Version 3.0 of the Practical Guide for IT Outsourcing has just been released. It includes a sample Outsourcing contract, Service Level Agreement with metrics, Risk Assessment - Business and IT Impact Questionnaire, and much more.
The guide is delivered electronically and is available in MS - Word and industry standard PDF.
- more info