Most CIOs fired for missing budgets or time lines

CIO Infrastructure ToolkitIn a brief survey that Janco completed the firm found that:

34 percent of CIOs are fired for major application failure or mismanaging change - missing budgets and or initiative time lines

  • 29 percent are fired for ignoring not being focused on how the operates
  • 28 percent get fired for ignoring customers
  • 27 percent get fired for key project never gets finished or goes too far over budget

Janco suggests that CIOs focus on the following areas to ensure that their tenure on the job is a long one:

  1. Be aligned with business executives - the CIO must be able in fit it with other executives and other influential leaders within the organization. IT is more than a service department which ensures that the network and computers work and stay online. Companies count on IT for new technologies that will give the business an edge against competitors.
  2. Be a strategic direction setter - The core mission of IT is less about implementing technology and more about implementing business strategy in the form of new technologies.
  3. Develop and display management and leadership skills - CIOs have to manage multiple groups (staff operating within the IT department, as well as extended across other departments, outside vendors, projects, and, of course nowadays, the performance of outsourced contract workers, as well)

Top Security Weaknesses and Defects Identified

Janco has review the detail results of 138 security audit programs conducted between September 15, 2008 and June 15, 2009 and identified the top eight defects mentioned in the audit reports.  Victor Janulaitis the CEO of Janco said, "We did not find a single company that had no security weaknesses or defects reported in their audit reports. The security weakness and defects Janco found were:

  1. Single level verification use on sensitive data (53%;
  2. public workstations connected into secure network (45%);
  3. Shared login used (25%);
  4. Client-side data validation only used for sensitive data(21%);
  5. Access point weak encryption (21%);
  6. Login not encrypted for sensitive data access (17%);
  7. Back-end encryption not utilized (12%); and
  8. Sever Management encryption not utilized (6%). 

Janco has published a summary of its findings at The data was captured by reviewing the detail findings of the audit reports. If there was a single occurrence of the defect it was counted. Janulaitis added, "What was striking was that there are still over one quarter of all enterprises where users share logins. Interestingly, those enterprise that utilize double levels of verifications the number of shared logins drops to a value that is not statistically significant."

Security Policies and Procedures read on  Order Security Manual Template  Download Sample Security Manual