---

 

Sarbanes-Oxley Compliance Kit

Mandated regulations impact IT

The audit spotlight now shines on IT. After years of regulation and embarrassing data breaches, the highest levels of management now comfortably discuss IT controls and audit results. However, their quality expectations are rising. Where IT once performed audits annually, many now support quarterly, monthly, and ad hoc exercises. Each audit expands the scope of the technologies assessed, measured, and proven compliant. Broader scope means more complexity and more work. With the Sarbanes Oxley Compliance Kit you can increase timeliness and accuracy of audit data while reducing IT audit effort, disruption, and cost.

Sarbanes-Oxley Section 404 requires that:

• Enterprises have an enterprise wide security policy;
• Enterprises have enterprise wide classification of data for security, risk, and business impact;
• Enterprises have security related standards and procedures;
• Enterprises have formal security based documentation, auditing, and testing in place;
• Enterprise enforce separation of duties; and
• Enterprises have policies and procedures in place for Change Management, Help Desk, Service Requests, and changes to applications, policies, and procedures.

SOX adopted the COSO model of controls, which is the same model that SAS 70 audits have utilized since inception. SOX heightened the focus placed on understanding the controls over financial reporting and identified a type II SAS 70 report as the only acceptable method of obtaining third-party assurance regarding the controls at a service organization. Security "certifications" are excluded as acceptable substitutes for a type II SAS 70 audit report.

In addition the ISO 27000 standard is used in SAS 70 reports.  The Security Manual Template contains an ISO 27000 Security Process Audit Checklist.  These two items directly address a service organization's descriptions of controls.  The auditor can use these to help them in the evaluation of the service organization's control framework.

Preparation for Disaster Recovery / Business continuation in light of SOX has two primary parts. The first is putting systems in place to completely protect all financial and other data required to meet the reporting regulations and to archive the data to meet future requests for clarification of those reports. The second is to clearly and expressly document all these procedures so that in the event of a SOX audit, the auditors clearly see that the DR plan exists and will appropriately protect the data.

To meet these needs the Sarbanes Oxley Compliance Resource Kit, which comes in four editions (Standard, Silver, Gold, and Platinum) contains:

• Security Policies (all editions);
• Threat & Vulnerability Assessment Tool (all editions);
• Business & IT Impact Questionnaire Risk Assessment Tool (all editions);
• Safety Program Template (all editions);
• Disaster Recovery Template (all editions);
• Outsourcing guide update to reflect what you vendors need to do (all editions);
• Internet and IT Job Descriptions (Silver, Gold, and Platinum Editions) and;
• IT Service Management Template (Platinum Edition) includes
  • Service Request Policy and Standard
  • Help Desk Policy, Procedure, Standard, and Service Level Agreement
  • Change Control Standard, Quality Assurance Standard, and Management Workbook
  • Documentation Standard
  • Version Control Policy and Standard
  • Sensitive Information Standard
  • Blog and Personal Web Site Policy
  • Travel and Off-Site Meetings Security Policy
  • Internet, e-mail and electronic communication Policy

See Table Below for a summary of the contents of each of the versions of the Sarbanes-Oxley Compliance kit

 

Download Componets Table of Contents

Once you get to the download page just bookmark it and you will be able download all of the components without having to re-register.

 

 

---

 

 

 

 

Sarbanes Oxley Compliance News

---

Most firms have not defined mobability policies

Policies defined the rules of the road for mobile computing yet only one in five organizations have them defined and implemented according to Janco Associates.  This lows rate of definition is driven by smaller to mid-sized firms as almost half of all large firms have mobility policies defined.

When a CIO or an IT Executive takes over a new job one of the greatest challenges is to quickly validate that the infrastructure that is in place. Would it not be nice to have some tools that could be use to quickly put proven world class policies in place with minimal effort. That is what the CIO IT Infrastructure Policy Bundle does.

The mobility policy template address all areas related to mobility: mobile devices (including procedures for lost devices), mobile applications including consideration for approved applications for business use), and data in mobile environments (including policy for using public Wi-Fi networks).

- more info

---

Mobile workers to drive IT

By 2015, the world's mobile worker population will reach 1.3 billion, representing 37.2 percent of the total workforce, according to an updated forecast from an IT analytics firm. The report projects the most significant gains will again be in the emerging economies of Asia/Pacific thanks to continued, strong economic growth. The Americas will experience a slower growth rate due to a protracted economic recovery and high rates of unemployment, the  analysts concluded.

This bundle contains the following policies:

• CIO IT Infrastructure Policy Bundle
• Backup and Backup Retention Policy
• Blog and Personal Web Site Policy
• BYOD Policy
• Incident Communication Policy
• Internet, e-Mail, Social Networking, Mobile Device, Electronic Communications, and Record Retention Policy
• Mobile Device Access and Use Policy
• Outsourcing Policy
• Record Management, Retention, and Destruction Policy
• Sensitive Information Policy (HIPAA Compliant)
• Service Level Agreement (SLA) Policy Template with Metrics
• Social Networking Policy
• Telecommuting Policy
• Travel and Off-Site Meeting Policy
• Electronic Forms

- more info

---

More workers stop looking for work

Industries and occupations related to health care, personal care and social assistance, and construction are projected to have the fastest job growth from now until 2020. Total employment is projected to grow by 14.3 percent over the decade, resulting in 20.5 million new jobs. Despite rapid projected growth, construction is not expected to regain all of the jobs lost during the 2007-12 recession. The bad news is that the number of individuals dropping out of the job market continues to increase and the Labor Participation Percentage continues to fall.

- more info

---

http://www.ejobdescription.com/IT_Salary_Survey.html

IT pros are reeling from a one-two punch brought on by the sustained economic crisis: Organizations of all stripes have reported deep cuts to their training budgets in recent years, and they have held off on initiatives that would have given workers a way to learn new technologies.

   

At the same time, technological evolution continued at its breakneck pace. Janco and eJobDescription 2012 Salary Survey found that the skills related to emerging technologies, such as mobile, wireless and communications systems, cloud computing and Web security, enjoyed the biggest year-over-year increases in demand among IT managers who plan to hire in the next 12 months.

On top of that, hiring managers say they want people with the basic tech skills that have always been required, as well as business acumen, communication skills and customer service abilities.

- more info

---

Finding a job - social media implications

The process of finding a job has changed in the digital age, and human resources managers and other hirers are using new tools to screen potential job candidates, according to recent research. While resumes and other traditional means of candidate-employer interaction remain standard, many hiring managers want a more complete picture of their applicants. That could include job-fitness assessments to determine whether you fit in with the company culture - and maybe even probing your world view.

   

So it is wise to make sure you've got your social media ducks in a row before you begin a job search. What you say on Twitter could haunt you. Organizations are recognizing that their attraction and retention of top talent is what will propel them to the top. There is a tremendous opportunity for companies worldwide to put their people intelligence to work to create positive, profitable business outcomes.

- more info

---

What is the jobs picture?

The Bureau of Labor Statistics (BLS) has released its biennial employment forecasts, and this year's report has some good news for IT workers. The agency predicts that employment in all computer-related fields will grow 22 percent through 2020. Some job titles will do even better, for example software developers (28-32 percent growth), database administrators (31 percent growth), and network and systems administrators (28 percent growth).

While the forecast looks good, some experts say the U.S. IT job growth isn't as high as it needs to be. Victor Janulaitis, CEO of research firm Janco Associates, characterized the IT job growth as "anemic," saying, "When you consider the overall demand for systems and applications in high-growth markets like China and India, [the BLS projections] mean the U.S. will be doing a diminishing portion of the development and implementation work. If that's the case, the U.S. will no longer be the leader in IT."

He added, "The BLS projections are a bad sign for the U.S. IT graduates from universities. Those numbers do not cover the net growth necessary to give all of the graduates jobs."

 

- more info

---

BLS forecast is for anemic IT job growth

The U.S. Bureau of Labor Statistics (BLS) forecasts that offshoring will hurt the growth of U.S. programming jobs in over the rest of this decade, though expansion of healthcare IT and mobile networks will in turn increase demand for software developers, support technicians and systems analysts.

By 2020, employment in all computer occupations is expected to increase by 22%, but some IT fields will fare better than others, according to the BLS biennial update of employment projections.

Demand for software developers will be the strongest in this period, with increases ranging from 28% to 32%, depending on the type of software development.

The agency's forecasts, particularly for technology-related jobs, are often controversial because they can't account for rapid market changes and tech disruptions. But its estimates are often cited in various policy debates on issues ranging from education to immigration.

The IT employment growth rate projected by the BLS was characterized as "anemic" by Victor Janulaitis, CEO of Janco Associates, a research firm that analyzes IT wage and employment trends.

   

"When you consider the overall demand for systems and applications in high-growth markets like China and India, [the BLS projections] mean the U.S. will be doing a diminishing portion of the development and implementation work," said Janulaitis. "If that's the case, the U.S. will no longer be the leader in IT.

"The BLS projections are a bad sign for the U.S. IT graduates from universities. Those numbers do not cover the net growth necessary to give all of the graduates jobs," Janulaitis added.

 

- more info

---

Outsourcing via offshoring is costing jobs in the US and Europe

Offshoring continues to shrink the number of IT jobs, but in 10 years companies will run out of jobs to offshore, study says
Offshoring is negatively impacting the number of IT jobs in large corporations. A management consulting firm examined services occupations in  finance, human resources, procurement, and IT. They found that only 4.5 million of the 8.2 million jobs in these fields that existed in the U.S. and Europe at the start of 2002 will still exist in 2016.

   

Of the 1.8 million IT jobs at the companies represented in survey about 270,000 jobs in the U.S. and Europe will be moved offshore between now and 2016. The U.S. share accounts for about half of the total jobs lost, or 135,000. By 2016 the firm estimates that 1.8 million IT jobs in North America and Europe at large companies today will have declined to about 1.5 million, despite the growth of many of these companies.

This decline in IT jobs reflects decisions to buy IT services, in the form of cloud-based services. But the IT industry, which has been seeing employment growth, will still move some of those jobs moved offshore.

- more info

---

Microsoft say cloud will generate 14 million job internationally

Implementation of cloud services will create 14 million jobs internationally by 2014, with the greatest increases occurring in emerging markets, which are not constrained in deploying cloud systems by legacy infrastructure, according to a new study from Microsoft.

   

China and India alone could create up to 6.8 million new jobs related to the cloud, the study found. Because many of the businesses in these emerging markets are young, they aren't bound by the "Legacy lag" -- as the study calls it -- that could be holding back cloud adoption at larger enterprises around the world.

- more info

---

IBM lays off over 1,200 employees in US and Canada

According to an IBM employee organization, reports and independent sources, IBM has laid off more than 1,000 employees with some estimates going as high as 1.200 or more in the U.S. and Canada

According to an IBM employee organization, reports and independent sources, IBM has laid off more than 1,000 employees with some estimates going as high as 1.200 or more in the U.S. and Canada.

Some industry experts say that the layoffs in the U.S. are part of an IBM strategy to limit the number of Big Blue employees in the U.S. in favor of lower-cost workers in emerging countries.

IBM, which employs more than 425,000 people around the world, in 2009, stopped releasing figures on the number of employees it has in each country. In 2009, IBM listed 105,000 employees in the U.S., down from nearly 134,000 in 2005. Now, Alliance@IBM estimates that in 2011 IBM employed 98,000 workers in the U.S.

- more info

---

Younger workers are different

A recent study discovered some key trends about millennials and how they view technology and workplace IT departments. The study found that younger workers:

• Have very high expectations when it comes to getting a response regarding support calls
• Prefer interactions with IT beyond just calling the helpdesk, including email, chat, and texts
• Will typically research problems on their own (either before calling IT or while waiting for a response)
• Tend to work outside of typical business hours and off premises
• Will develop their own solutions and processes with the tools at their disposal, including consumer-oriented cloud services and personal devices
• Value working collaboratively with colleagues within their organization and beyond it
• Are often willing to share knowledge about solutions provided to them by IT and solutions and processes they develop on their own

   

- more info

---

Certifications are not highly valued by CIOs

While some staffing firms report that IT salaries are growing according to Foote Partners, has been observing a different trend.  They are in agreement with data that has been publsihed by of Park City, UT  and eJobDescription.com.

Foote says pay premiums for 82 specific technical skills and 88 different technical certifications have been dropping for a year. Premiums are the extra cash companies sometimes pay to full-time employees or contractors on top of their annual salaries or hourly rates in order to acquire a specific, desired skill or certification.

The value of IT certifications has been sliding for five years. Meanwhile, pay premiums for technical skills began falling at the end of 2010, after 20 consecutive months of increases. The dip in demand for technical skills and the corresponding drop in pay premiums for them represents a "correction" in the way IT leaders are structuring their IT organizations, and consequently, in the way they value various skills.

In short, according to Foote's assessment of the market, IT leaders see technical skills and certifications as a dime a dozen, and thus, not worth paying premiums to acquire. Moreover, IT leaders are not necessarily looking for pure technical skills as they re-staff their IT departments, undertake new projects and focus on innovation. Tech skills are third, fourth, and fifth on their lists of desired skills according to Foote.

- more info

---

IT hiring trends

As the economy's recovery and corporate earnings improve, business across North America are reinvesting in IT projects that were put on hold through the recession. The industries with the strongest growth, including technology and health care, are adding the most IT jobs today, and the IT positions in demand today are a combination of those directly related to profit drivers (product and service development) and back-office operations (such as networking and database administration), a positive indicator for the economy overall.

The distribution of the employment opportunities metro areas across the country confirms that IT job growth is not confined to those areas traditionally considered IT job markets such as Silicon Valley. The Metro areas with the greatest opportunities for IT professional are:

• Minneapolis (Overall Unemployment: 5.1%)
• Salt Lake City (Overall Unemployment 5.4%)
• McLean, Va. (Overall Unemployment: 5.5%)
• Boston (Overall Unemployment: 5.7%)
• Houston (Overall Unemployment: 7.6%)
• San Francisco (Overall Unemployment: 7.6%)
• Walnut Creek, Calif. (Overall Unemployment: 7.6%)
• Denver (Overall Unemployment: 7.9%)
• Toronto (Overall Unemployment: 8.5%)
• New York City (Overall Unemployment: 9.0%)
• Jacksonville, Fla. (Overall Unemployment: 9.5%)
• Orlando (Overall Unemployment: 9.7%)
• Detroit (Overall Unemployment: 10.7%)

- more info

---

IT drives company success

Top-performing companies are top performers in IT, too. Enterprises ranking in the highest quartile for annual revenue, growth, profitability and innovation, and with revenue growth of more than 5% in the past year are better at measuring data, interacting with customers via mobile tools, and mobilizing applications to the cloud, among other things.

   

"Raising a firm's digital IQ means improving the way it leverages technologies and channels to meet customer needs," says a principal at PwC. "The core of the ecosystem for innovation has moved from inside the firm to out in the marketplace. Customer and employee expectations are being shaped by this environment -- if you miss this trend you will be increasingly irrelevant to the market."

- more info

---

Participate in IT Salary Survey

Janco is just starting it data gathering for the 2012 Mid-Year IT Salary Survey.  Everyone who participates will get a copy of the summary data and those who provide at least ten (10) data points will get a copy of the full study.  In addition anyone who provides data within the next 30 days will be entered in a drawing for a fifty percent (50%) discount on any product in the eJobDescription.com catalog.  Just click here and follow the link to participate or cut and paste the link below into your browser. - more info