Board and management responsibilities for information security

Board and management responsibilities for information security

Only 37% of corporate directors are confident with their organizations’ cyber security plans. What responsibilities do corporate and public-sector boards have for oversight of cyber and information security and what resources are...

02/09/18

Information governance in the federal government

Information governance in the federal government

Inexcusable mismanagement of classified data, secret e-mail accounts and wanton destruction of public information demonstrate that there isn’t any information governance happening in the federal government.

02/02/18

Digital transformation in the public sector

Digital transformation in the public sector

Let’s rename it management transformation.

01/11/18

Keep your dirty, stinkin’ hands off my Internet

Keep your dirty, stinkin’ hands off my Internet

A reading list on net neutrality.

01/02/18

5 things J. S. Bach can teach you about information security

5 things J. S. Bach can teach you about information security

What can a centuries-old classical music composer teach today's CIOs about infosec? Plenty, it turns out...if you'll only listen.

12/07/17

For tech's sake! Another government tech plan?

For tech's sake! Another government tech plan?

The best technology plan ever? Pouring a bucket of tech on dysfunctional managers and business processes doesn't solve business problems.

08/01/17

What's new with ISO/IEC 20000?

What's new with ISO/IEC 20000?

ISO/IEC 20000-1:2011 is the international standard for IT service management. Is it just for large organizations or does it work for very small organizations as well? How can it help your organization provide better service?

07/27/17

How Nebraska successfully consolidated state IT services

How Nebraska successfully consolidated state IT services

Ed Toner, CIO of the state of Nebraska deployed ITSM to consolidate state IT services and improve quality while reducing costs and risk.

06/16/17

Risk assessments for local governments and SMBs

Risk assessments for local governments and SMBs

Does your organization have a mature risk management program or are your just crossing your fingers and hoping for the best? Risk assessments are an essential part of your information and IT governance programs.

05/23/17

Municipal shared services agreements for information technology

Municipal shared services agreements for information technology

Are shared IT services for municipalities a good deal? What are the risks and do they really save money or will you be stuck with a nightmare scenario from which you can never extricate your organization?

05/15/17

County/municipal IT customer service and the RACI model

County/municipal IT customer service and the RACI model

Do you assume that your managers and staff members will apply common sense to daily operational activities? If so, you may be in trouble. Let's look at how you can use the RACI model and other IT governance tools to address the...

05/09/17

Information governance for counties and municipalities

Information governance for counties and municipalities

Most county and municipal governments don't have formal information governance programs, but adoption of IG would reduce risks, lower costs and vastly improve quality of services in these organizations.

04/27/17

HIPAA as an umbrella for county/municipal cybersecurity

HIPAA as an umbrella for county/municipal cybersecurity

Many county governments have departments or divisions that qualify as "covered entities" under HIPAA. For those organizations, it makes a great deal of sense to cover the entire enterprise under the umbrella of HIPAA rather than...

04/11/17

County and municipal cybersecurity, Part 2

County and municipal cybersecurity, Part 2

This is Part 2 of a two-part series for municipal executives and managers on cybersecurity. Included is a discussion of information governance (IG) and a look at frameworks, standards and regulations, including NIST, HIPAA, ISO27000...

04/03/17

County and municipal cybersecurity, Part 1

County and municipal cybersecurity, Part 1

This is the first part of a two-part series on cybersecurity for county and municipal organizations. In Part 1, I define major issues and obstacles specific to municipal government. In Part 2, I will offer solutions. This article was...

03/27/17

Is naked truth part of your business model?

Is naked truth part of your business model?

Are truth and honesty part of your organizational culture Or does your management team prefer to live in a bubble and make their own truth?

01/31/17

Voodoo project management

Voodoo project management

You're fired! Bogus management mumbo jumbo doesn't get projects done. Project management is a complex set of real skills that you can't learn in a 35-hour class.

01/20/17

On the nature of 'IT' projects

On the nature of 'IT' projects

Confusing IT projects with business projects is common – and the results are often catastrophic. Unfortunately, managers, end users and even IT professionals frequently fail to understand the distinction.

11/17/16

Here's why your EHR doesn't work

Here's why your EHR doesn't work

“I hope you’re not going to show me a bunch of flowcharts." This EHR project was doomed to fail from the beginning.

11/10/16

May I see your comprehensive security policy please?

Lack of compliance with the HIPAA security rule is common in county and municipal covered entities (CE). I provide some essential, primary source tools and documents for HIPAA security rule compliance.

10/31/16

Load More