Helpful Tips
Get to the information you want quicker by selecting a category name or a popular tag.

Posts Tagged ‘Risk Management’

If most everyone agrees that information, not data ( http://blog.engagedconsulting.com/?p=268 ),  is critical to the health of a business, why does information not get protected in accordance with this importance?  Cost containment is absolutely important ( http://blog.engagedconsulting.com/?p=356 ), but at the feet of enormous risk? I have seen  a lot of robbing Peter to pay Paul in enterprise environments big and small throughout my years; however, it seems to be getting worse instead of better.  For instance, one organization prioritizes their financial databases as mission critical.  In so doing, the operational recovery (backup) solution was designed with deduplication.  Sounds fundamental, right? Read the rest of this entry »

Much debate has occurred over the priority order of information confidentiality, availability, or integrity.  Which one is more important than the other? It depends. Typical consultative answer right? You cannot blindly say which is more important.  The business situation changes the priorities, albeit minor in altitude.  Not all information is created equal; thus, we cannot blatantly say that it should be treated with the utmost availability, integrity, or confidentiality. Read the rest of this entry »

Outsourcing, co-location, leasing, COO / CFO absorption of the CIO role, cloud computing and so on are the topics littered across the landscape of today’s IT world.  Reading an article recently (http://bit.ly/e80vBP) sparked a long running exposed nerve I have endured painfully throughout my career in this industry, IT.  While it is absolutely true that we should not bind ourselves within the boarders of our thought, nor our physical location.  The truth resounds in a deafening roar, “Do not forget the human element!”  People are still a part of this technological world.  Processes certainly support people and are automated by technology; however, this does not take the place of the communion that occurs between people. Read the rest of this entry »

We really need to transform what the American IT workforce is made up of. Instead of teaching COBOL, Pascal, C++, and other elements of technology, we really need to teach how to align business and IT to take advantage of innovation and creative thinking. The way to align business and IT is to focus on the customer experience and the value that they live in that experience.

Read the rest of this entry »

Technology is not a Plan.  Technology enables a Plan.  A Plan coordinates the people and processes that are then enabled by the technology.  A replication package only “copies” (I realize it does more than copy, but for simplification purposes that’s what we will call it) bits from one location to another one.  How do you decide what to replicate?  How do you decide whether there is corruption?  How do you handle a hardware failure on one or both of the arrays which are involved in the replication during a disaster?  Who declares disaster?  Who makes the decision to purchase an array, if necessary?  How do you communicate between team members if cell phones and land lines are down?  Where do you go to connect if the normal location is inaccessible (blocked off by police, etc.)? Read the rest of this entry »

What ROI does the CIO provide the business?  What is the next step for the CIO?  What is the evolutionary development path for IT?  All of these are daunting questions to which many have opinions and thoughts.  So, let me give my two cents.  Business and IT Alignment is necessary.  The CIO must play a significant role in this, not to mention develop beyond the role that he/she has been fulfilling for the last few decades within business and organizational constructs. In so doing, the elements of risk management, due diligence, and efficiency reverberate throughout most of the comments and thoughts that are going through your head at this very instant.  Not to mention the ironic and funny coincidence that a Chief Information Officer and a Chief Investment Officer both share the same acronym and, albeit abstract, similar function. Read the rest of this entry »

All too often, organizations that do have Business Continuity Plans (BCP) in place rarely test them.  Those that do, go through a typical tabletop exercise.  Organizations that have Disaster Recovery Plans (DRP) generally test them, but why?  I ask why because it has been my experience that the “tests” are an exercise in futility.  I say futility because they are tests to satisfy an audit that prove very little. Read the rest of this entry »

Read the rest of this entry »

If we take examples from history, we can at least see a potential path to what is going to happen moving forward.  Not that history is a perfect predictor of the future, it is simply a context to guide what might happen.  When governance issues were addressed in the issuance of NYSE Rule 446, EEOC, and others, we see that vagueness crept into the repercussions of failing to comply.  It may have been fear of adoption or public relations nightmares that allowed the impeachment of clarity in compliance.  Nonetheless, we have learned that there are ways to address compliance that take many forms. The clear message is that we can no longer look at every regulation individually to achieve compliance.  We must create a program that addresses compliance broadly and adjust as new issuances occur. Read the rest of this entry »

Investors’ confidence in corporate America has been shaken to the core, affecting the culture in which we live at the most basic level— for we are all investors in one way or another. Regulations governing information policy, process, and recovery are continuing to litter the radar screen of business strategy. It may be a leap of faith to see the correlation between regulations, whether civil or criminal; however, it is not as clear when comparing human resources issues and corporate governance issues. However, it will become clear that the correlation lies in the approaches organizations must take to comply with and survive an audit of human resources issues such as Equal Employment Opportunity and corporate governance issues such as Sarbanes- Oxley. Read the rest of this entry »

Close
loading...