Tool Kits -- CIO CTO Tools

Disaster Planning is the resource site forService Level Agreements Metrics Information Technology management. This site contains the Information Technology and management infrastructure tools that the CIO, CSO, and CFO can use for Sarbanes Oxley, Disaster Recovery, Security, Job Security AuditDescriptions, IT Service Management,  Change Control, Help Desk, Service Requests, SLAs - Service Level Agreements, and Metrics.  Site includes Browser and Operating System Market Share White Paper and IT Salary Survey Data.

Disaster Recovery Templates are Sarbanes Oxley compliant and the Disaster Recovery Template is included in the Sarbanes Oxley Compliance Kit supports a wide range of industries and enterprises of all sizes.  Our clients include over 2,500 premier corporations from around the world, including over 250 of the Fortune 500.

  IT Hiring KitIT Salary Data  IT Job Descriptions

Site Map

Provide Salary Survey Data

 Outsourcing Threat Vulnerability Assessment Business IT Impact - Sarbanes Oxley tool Record Retention and Destruction Policy

Special Offers

IT Service Management
CIO Productivity Bundle
IT Hiring Resource Kit
SOX Compliance Resource Kit
DRP & Security Bundle
Job Description Bundles

Download Salary Survey

NEWS -- The 2015 IT Salary Survey is now available. Study shows that IT salaries have fallen. Companies that participate get a free copy of the next survey when it is released.

Read On..

NEWS - Record Management, Retention, and Destruction Policy Template -  The Record Management, Retention, and Destruction is a detail policy template which can be utilized on day one to create a records management process.  Included with the policy are forms for establishing the record management retention and destruction schedule and a full job description with responsibilities for the Manager Records Administration.

Read on ...

IT Service Management - Service Oriented Architecture  

Follow Us - Get Exclusive
Premium White Papers

Follow Us TwitterFollow Us FacebookFollowu Us Blog Janco RSS Feed

Del.icio.usFacebookCIO Daily

Provide Salary Survey Data

Disaster Recovery Plan Template
Security Manual - Sarbanes-Oxley
IT Infrastructure Strategy Charter ISO
IT Internet Metrics

Interesting Articles

Setting the standard for IT Infrastructure

Setting the standard for IT Infrastructure

Infrastructure and governanceInformation infrastructure and governance is not on most our minds every day. Many CIO thing the enterprise operations staff will figure it out. Or maybe that three-ring binder of rules and policies will cover it.

Neither is true. Information infrastructure and governance is an all-in proposition. It requires diligence on the part of employees, oversight on the part of management, direction from the enterprise strategy, and true, firm support from company ownership levels. It ain’t easy.

But it’s mandatory. In this litigious age, the smallest infraction from information management policy can - and will - result in grievous penalty and even business-threatening consequences.

Order IT Infrastructure Kit Download Selected Pages

- more info

Most security breaches are not discovered for over 9 months

Security Breaches - Secrurity BreachesSecurity incidents are rising at an alarming rate every year. As the complexity of the threats increases, so do the security measures required to protect networks and critical enterprise data. CIOs, Data center operators, network administrators, and other IT professionals need to comprehend the basics of security in order to safely deploy and manage data and networks.

Most companies take over 9 months to discover a breach has occurred, often only when notified by outside parties. Surprisingly, a recent research study showed that more than 90% of successful breaches used only the most basic techniques. Today's advanced breaches can work over weeks or months, sending small, innocuous packets to command-and-control servers while
capturing secure or regulated information from your systems.

Order Security Manual Download Selected Pages 


- more info

10 Commandments of Disaster Recovery and Business Continuity that guarantee success

10 Commandments of Disaster Recovery and Business Continuity that guarantee success

 Order Disaster Plan TemplateDisaster Plan Sample

Following  the 10 commandments of disaster recovery and business contunity are the keys to a successful planning and execution of those plans.

  1. Analyze single points of failure: A single point of failure in a critical component can disrupt well engineered redundancies and resilience in the rest of a system.
  2. Keep updated notification trees: A cohesive communication process is required to ensure the disaster recovery business continuity plan will work.
  3. Be aware of current events: Understand what is happening around the enterprise – know if there is a chance for a weather, sporting or political event that can impact the enterprise’s operations.
  4. Plan for worst-case scenarios: Downtime can have many causes, including operator error, component failure, software failure, and planned downtime as well as building- or city-level disasters. Organizations should be sure that their disaster recovery plans account for even worst-case scenarios.
  5. Clearly document recovery processes: Documentation is critical to the success of a disaster recovery program. Organizations should write and maintain clear, concise, detailed steps for failover so that secondary staff members can manage a failover should primary staff members be unavailable.
  6. Centralize information – Have a printed copy available: In a crisis situation, a timely response can be critical. Centralizing disaster recovery information in one place, such as a Microsoft Office SharePoint® system or portal or cloud, helps avoid the need to hunt for documentation, which can compound a crisis.
  7. Create test plans and scripts: Test plans and scripts should be created and followed step-by-step to help ensure accurate testing. These plans and scripts should include integration testing— silo testing alone does not accurately reflect multiple applications going down simultaneously.
  8. Retest regularly: Organizations should take advantages of opportunities for disaster recovery testing such as new releases, code changes, or upgrades. At a minimum, each application should be retested every year.
  9. Perform comprehensive recovery and business continuity test: Organizations should practice their master recovery plans, not just application failover. For example, staff members need to know where to report if a disaster occurs, critical conference bridges should be set up in advance, a command center should be identified, and secondary staff resources should be assigned in case the event stretches over multiple days. In environments with many applications, IT staff should be aware of which applications should be recovered first and in what order. The plan should not assume that there will be enough resources to bring everything back up at the same time.
  10. Defined metrics and create score cards scores: Organizations should maintain scorecards on the disaster recovery compliance of each application, as well as who is testing and when. Maintaining scorecards generally helps increase audit scores.

Order Disaster Plan TemplateDisaster Plan Sample


- more info

Security issues that CIOs need to manage

Security Manual

Security is a critical issues as related in several posts:

Order Security ManualTable of Contents

- more info

SEC requires security threats to be reported in 10-Ks

SEC now requires Companies now have to report cybersecurity risks in their 10-Ks, and asdvises them to include even possible threats whose disclosure are not currently mandated by state breach-notification laws.

The SEC feels that it is better to make disclosures if a company has had a number of incidents, even if they are not individually material.

Security Policies - Procedures - Audit Tools

- more info