
Board and management responsibilities for information security
Only 37% of corporate directors are confident with their organizations’ cyber security plans. What responsibilities do corporate and public-sector boards have for oversight of cyber and information security and what resources are...

Information governance in the federal government
Inexcusable mismanagement of classified data, secret e-mail accounts and wanton destruction of public information demonstrate that there isn’t any information governance happening in the federal government.

5 things J. S. Bach can teach you about information security
What can a centuries-old classical music composer teach today's CIOs about infosec? Plenty, it turns out...if you'll only listen.

For tech's sake! Another government tech plan?
The best technology plan ever? Pouring a bucket of tech on dysfunctional managers and business processes doesn't solve business problems.

What's new with ISO/IEC 20000?
ISO/IEC 20000-1:2011 is the international standard for IT service management. Is it just for large organizations or does it work for very small organizations as well? How can it help your organization provide better service?

How Nebraska successfully consolidated state IT services
Ed Toner, CIO of the state of Nebraska deployed ITSM to consolidate state IT services and improve quality while reducing costs and risk.

Risk assessments for local governments and SMBs
Does your organization have a mature risk management program or are your just crossing your fingers and hoping for the best? Risk assessments are an essential part of your information and IT governance programs.

Municipal shared services agreements for information technology
Are shared IT services for municipalities a good deal? What are the risks and do they really save money or will you be stuck with a nightmare scenario from which you can never extricate your organization?

County/municipal IT customer service and the RACI model
Do you assume that your managers and staff members will apply common sense to daily operational activities? If so, you may be in trouble. Let's look at how you can use the RACI model and other IT governance tools to address the...

Information governance for counties and municipalities
Most county and municipal governments don't have formal information governance programs, but adoption of IG would reduce risks, lower costs and vastly improve quality of services in these organizations.

HIPAA as an umbrella for county/municipal cybersecurity
Many county governments have departments or divisions that qualify as "covered entities" under HIPAA. For those organizations, it makes a great deal of sense to cover the entire enterprise under the umbrella of HIPAA rather than...

County and municipal cybersecurity, Part 2
This is Part 2 of a two-part series for municipal executives and managers on cybersecurity. Included is a discussion of information governance (IG) and a look at frameworks, standards and regulations, including NIST, HIPAA, ISO27000...

County and municipal cybersecurity, Part 1
This is the first part of a two-part series on cybersecurity for county and municipal organizations. In Part 1, I define major issues and obstacles specific to municipal government. In Part 2, I will offer solutions. This article was...
Is naked truth part of your business model?
Are truth and honesty part of your organizational culture Or does your management team prefer to live in a bubble and make their own truth?

Voodoo project management
You're fired! Bogus management mumbo jumbo doesn't get projects done. Project management is a complex set of real skills that you can't learn in a 35-hour class.

On the nature of 'IT' projects
Confusing IT projects with business projects is common – and the results are often catastrophic. Unfortunately, managers, end users and even IT professionals frequently fail to understand the distinction.

Here's why your EHR doesn't work
“I hope you’re not going to show me a bunch of flowcharts." This EHR project was doomed to fail from the beginning.
May I see your comprehensive security policy please?
Lack of compliance with the HIPAA security rule is common in county and municipal covered entities (CE). I provide some essential, primary source tools and documents for HIPAA security rule compliance.
-
Case Study
Sponsored -
eBook
Sponsored -
White Paper
-
eGuide
Sponsored -
eBook
Sponsored