Offering regional and national programs, CIO (and CSO) events bring together some of the most respected names and thought leaders in information technology and security. Presented by CIOs and other senior level executives, these invitation-only programs offer timely topics and strong networking. Learn More »
Webcast: In the Google Apps Cloud: How to Achieve Your Business Objectives
Dec 3rd, '09, 1 - 2 pm US/Eastern (GMT-5)
Join Council member Brent Hoag, Director, Global IT, at JohnsonDiversey, as he discusses the adoption of Google Apps which has helped meet four corporate goals; sustainability, simplification, increased employee productivity and global collaboration.
Webcast: Collaboration Initiatives: Benchmarks & Best Practices
Dec 15th, '09, 4 - 5 pm US/Eastern (GMT-5)
Join Council members Ruth Thorpe, VP & CIO at the U.S. Pharmaceutical Operations of Sanofi-Aventis, and Gary Kuyper, CIO at Bethany Christian Services, as they speak about their collaboration initiatives and experiences in how and why they chose the social networking and collaboration tools they are using and their business goals for collaboration, and facing culture change challenges.
Data Overview: Collaboration Initiatives Field Guide: Benchmarks & Best Practices
This appendix to the Council Field Guide provides an analysis which discusses benchmarks for collaboration IT implementation costs, adoption rates and payoffs. The overview identifies top IT and business goals and satisfaction rates for collaboration initiatives as well as best practices and lessons learned for implementing collaboration IT.
Learn more about the CIO Executive Council »July 01, 2005 — CIO —
1. Failure to segregate duties within applications, and failure to set up new accounts and terminate old ones in a timely manner. This was the biggie. Most companies didn’t have processes in place to make sure that when people switched divisions, their access to applications changed to reflect their new responsibilities. The CIOs interviewed for this article all reported establishing manual controls to address this problem for the first audit. Even Microsoft.
2. Lack of proper oversight for making application changes. In most organizations, a system administrator was responsible for all the changes to an application. But in order to pass the IT audit, CIOs had to appoint a person to make a change and another to perform quality assurance on it. And it had to be demonstrated that this procedure was being followed.
3. Inadequate review of audit logs. Most CIOs assigned someone to review application audit logs to make sure that systems were running smoothly. But with Sarbanes-Oxley, just performing the check no longer cuts it; you have to prove that it was done. In other words, you have to create an audit log of your audit log.
4. Failure to identify abnormal transactions in a timely manner. This is a classic IT problem that can often be fixed by making changes to the application so that it notifies you when there is a transaction that doesn’t conform to preestablished rules.
5. Lack of understanding of key system configurations. It turned out that many IT departments weren’t as smart as they thought they were. The solution to this weakness is simple: better training.