Being prepared and in control

Continuing last week selections from my various columns for Jim Kaplan, this week I highlight resources that have a “governance” focus. In addition, I want to enforce the importance of being prepared (e.g. implementing a security incident response capability) and being “in control” (i.e. we must have have effective change management). It really is endless!


Have another great week.


Dan Swanson


Board Oversight of IT Is Needed

Traditionally, and rightfully so, the board has focused on governing the organization, that is, the board is ensuring the right CEO is in place, that the right business strategies have been developed, that performance is reported regularly and trending properly, and that the right questions are being asked of management. Nowadays, the board also needs to ensure that the organization's human resources are being positioned for future requirements, that digital information and assets are being appropriately protected, and that the organization is always progressing!


Performance Measurement and Reporting is a Silver Bullet!

Steven Covey, author of The Seven Habits of Highly Effective People, and many others quite rightly recommend that when you start any kind of new project, you should begin with the end in mind. What does that involve? 1) Deciding where you want to be in the future (that is, what your “end state” will be); 2) Defining your key goals and objectives in getting there (to guide your various efforts along the way); and 3) Building and then implementing your plan to get there (the means to reach your desire end state).


This planning cycle works for all individuals, in both their professional and personal lives. It is even more important for organizations, where an understanding across the whole enterprise is vital in obtaining broad support across a workforce faced with numerous, and many times conflicting, priorities.


Is Governance Effective Within Your Organization?
What dialogue is occurring within your organization regarding organizational governance? Is everyone on the same page re what organizational governance is and what we are trying to accomplish? I believe its time for all stakeholders to discuss and agree to the many roles and responsibilities that are involved with organizational governance. See below for some leading resources to assist in your discussion.
Auditing Change Management
IT Compliance Institute has published a new IT Audit checklist covering Change Management. This paper, “IT Audit Checklist: Change Management,” supports an internal audit of the organization's change management policies in order to verify compliance and look for opportunities to improve efficiency, effectiveness, and economy. The paper includes advice on assessing the existence and effectiveness of change management in project oversight, development, procurement, IT service testing, and IT operations; guidance for management and auditors on supporting change management; and information on ensuring continual improvement of change management efforts.


Have you assessed your information security program lately?

Does your organization’s information security program reflect the business environment it operates in? Have you reviewed the latest guidance – to improve your information security program. Its time – to assess the improvement opportunities.  Click here for leading resources.


Creating a Computer Security Incident Response Team

Safeguarding assets has been an important objective of all organizations for centuries. Protecting an organization’s assets has evolved from mainly physical and personnel safeguards, to a combination of physical, personnel, procedural, and software-based asset management that must be clearly and completely stated in the organization policies, standards and guidance, and monitoring of asset values. With a high percentage of market value now accounted for by intangible assets such as intellectual property, reputation, brand, and electronic records, information continues to be (ever more so) a vital business resource.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

IT World Canada in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Latest Blogs

Senior Contributor Spotlight