Category Archives: IT Risk Management

IT risk management also known as technology risk management is a part of enterprise risk management and deals with the issues and risk associated with information technology systems and services. Areas of discussion include IT risk assessments, IT audit, IT risk mitigation, and IT controls along with IT security and privacy. IT compliance is covered as it relates to HIPAA, HEAOA, P2P, PCI, FERPA, GLBA, Export Controls, ITAR, EAR, FDA, AND Red Flag Rules. Particular attention is applied to vendor risk management and IT outsourcing.

Managing a Growing IT Department

Can any of you imagine being the CIO of a growing IT department? Maybe you imagine it to be the land of endless candy, rainbows, and pastel glitter. A land where there are no IT budget cuts or hassles getting an additional FTE. Funny … Continue reading

Posted in IT Risk Management, IT Strategy | Tagged , , | 6 Comments

4 Steps to Improving IT Value Realization

Improving IT value realization is clearly top of mind for many executives these days. Sadly, IT value realization is more of a focus among CEO’s and CFO’s than it appears it is for CIO’s. The reasons I am hearing for the interest … Continue reading

Posted in CIO Job, IT Financial Management, IT Risk Management | Tagged , , , , , , , , | 2 Comments

What’s Your Risk Appetite?

I just finished a great article on risk appetite. Now that isn’t something you here everyday, but you may here someone mention risk appetite or risk tolerance fairly regularly these days. The article was in the current issue of CSO … Continue reading

Posted in IT Risk Management | Tagged | Comments Off on What’s Your Risk Appetite?

Book Review: Ethics in IT Outsourcing

Ethics in IT Outsourcing by Tandy Gold is a surprisingly great read on the ethics in IT outsourcing as well as IT ethics and business ethics more generally. The reason it was a surprise is that the Gold tackles the … Continue reading

Posted in IT Outsourcing, Reviews | Tagged , , , , | Comments Off on Book Review: Ethics in IT Outsourcing

Book Review: Information Technology Control and Audit Fourth Edition

Information Technology Control and Audit, Fourth Edition is one of a handful of books I think of as a must have reference book on every CIO’s bookshelf or in the IT department library. Now in its fourth edition, Information Technology Control … Continue reading

Posted in CIO Job, IT Risk Management, Reviews | Tagged , , , , , , , | 2 Comments

Monitoring Ellucian Layoffs Using LinkedIn Is Getting Harder

Monitoring Ellucian layoffs and other personnel changes using LinkedIn since the Datatel SunGard merger is getting harder no thanks to changes made by LinkedIn. You may recall my post back in March which shared some insights into the Ellucian layoffs and other … Continue reading

Posted in IT Risk Management | Tagged , , , , | 2 Comments

Cyber Security Awareness Month Planning

National Cyber Security Awareness Month is fast approaching and every CIO and CSO should already have their Cyber Security Awareness Month planning well underway. Just in case you haven’t begun your planning or you simply decided to dust off the tired … Continue reading

Posted in CIO Job, Privacy | Tagged , | Comments Off on Cyber Security Awareness Month Planning