Information Security for Executives and Managers

Information Security for Executives and Managers

Who: Non-IT Executives and Managers – public, private and non-profit sectors.

What: Information Security Training

When: Tuesday, December 12, 2017, 12:00 PM eastern time.

How long: The training is 30 minutes, but I am leaving an extra 30 minutes for questions and discussion.

Where: https://global.gotomeeting.com/join/614306101

Cost: Free! There is nothing to buy, no sales pitch, and no upsell.

Click on the link below to register! Attendance is limited to 25 on a first come, first served basis. When you register, I will send you a calendar invitation.

 

 

What you will learn.

  1. What is the single, deadly assumption executives and managers make about their information security programs?
  2. What free resources are available to build a rock solid information security program?
  3. What are the required building blocks of an information security program?
  4. Who should be on your information security team? It’s not who you think!
  5. What’s the difference between Cybersecurity and Information Security?

Register now for the live, web seminar – December 12, 12:00 PM Eastern time.

 

Facebooktwittergoogle_plusredditpinterestlinkedinmailby feather
Tags : , , ,

Is your organization practicing voodoo infosec?

 

Information Security – Cybersecurity Training for Executives and Managers

Is your organization practicing voodoo information security? Would you like to learn how to build a solid information/cybersecurity program for your organization?

In this free, live web training session we show you how to build an Information Security Program from the point of view of non-IT executives and managers. The training is applies to County and Municipal Government executives and managers, small and medium business owners, and non-profit managers. There is no technical knowledge required and there is no sales pitch or upsell – just high-quality training where we show you how to build a comprehensive information security program from the ground up.

The class is limited to 25 attendees on a first come, first served basis. Can’t make it at this time? e-mail jmorgan@e-volvellc.com and I will send you a schedule of additional times the training will be held in December.

This is a GoToMeeting session and details are contained in the calendar link below.

Wednesday 11/29 12:15, Eastern time.

Add to your calendar now!

 

 

 

How to join the training session:

Join the meeting from your computer, tablet or smartphone.
Wednesday 11/29 12:15, Eastern time.

https://global.gotomeeting.com/join/897255061

You can also dial in using your phone.

United States: +1 (872) 240-3412

Access Code: 897-255-061

First GoToMeeting? Let’s do a quick system check: https://link.gotomeeting.com/system-check

 

 

Facebooktwittergoogle_plusredditpinterestlinkedinmailby feather

Information Security for Executives & Managers

 

Information Security – Cybersecurity Training for Executives and Managers

Do concerns about information security keep you awake at night? Would you like to learn how to build a solid information/cybersecurity program for your organization?

In this free, live web training session we show you how to build an Information Security Program from the point of view of non-IT executives and managers. The training is applies to County and Municipal Government executives and managers, small and medium business owners, and non-profit managers. There is no technical knowledge required and there is no sales pitch or upsell – just high-quality training where we show you how to build a comprehensive information security program from the ground up.

The class is limited to 25 attendees on a first come, first served basis. Can’t make it at this time? e-mail jmorgan@e-volvellc.com and I will send you a schedule of additional times the training will be held in December.

This is a GoToMeeting session and details are contained in the calendar link below.

Wednesday 11/29 12:15, Eastern time.

Add to your calendar now!

 

 

 

How to join the training session:

Join the meeting from your computer, tablet or smartphone.
Wednesday 11/29 12:15, Eastern time.

https://global.gotomeeting.com/join/897255061

You can also dial in using your phone.

United States: +1 (872) 240-3412

Access Code: 897-255-061

First GoToMeeting? Let’s do a quick system check: https://link.gotomeeting.com/system-check

 

 

Facebooktwittergoogle_plusredditpinterestlinkedinmailby feather
Tags : , , ,

Webinars for behavioral health executives and professionals

Signup for one of our new, live web workshops for behavioral health executives and professionals!

These live, informative 6o-minute workshops are tailored for behavioral health professionals in public and private sector clinical practices. Up to 3 of your team members may attend for one low price and each workshop is tailored for your organizational requirements.

HIPAA Security Rule Compliance for Behavioral Health Professionals – $250

Does your organization’s security policy contain all 37 policies required by the HIPAA Security Rule, 45 CFR Parts 160, 162 and 164? Most county and smaller clinics are not compliant and a large part of compliance requirements fall on your IT staff. Are they doing their part?

We begin with an open discussion about your HIPAA concerns and walk you through the major components of HIPAA Security Rule compliance in order to identify your organization’s risks. We work directly from the authoritative primary source – the regulation text, address your questions about requirements and make specific recommendations you can use to get compliant.

Bring your information security policy to the webinar and we will address specific policies in your organization.

Information Risk Management for Behavioral Health Professionals – $250

Have you ever conducted an information risk assessment? It is required component of HIPAA and other regulations, and it is a recommended best practice for organizations of all sizes and types. We walk you through a high-level risk assessment, identify threats and vulnerabilities specific to your business and provide you with tools to continue the assessment on your own.

Managing Behavioral Health IT Services – $250

Are the IT services you receive spectacular and perfectly aligned with your business and clinical requirements? Or are there constant fires to put out?

We discuss basic best practices for IT management from the point of view of non-IT executives, describe basic components of IT service management, cover SLAs, OLAs service catalogs, and more. We address your concerns and propose solutions you can begin to implement immediately in order to align IT services with your business and clinical objectives, industry standards and improve the quality of services. If you are not satisfied with the IT services you receive, we can show you how to improve them.

Electronic Health Records Procurement and Implementation – $250

Are you planning an EHR Procurement project? These projects have a high failure rate and organizations are frequently unhappy with the return on investment (ROI) and the total cost of ownership (TCO). Huge budget overruns are common and implementations can be years behind schedule.

We provide strategies for the procurement, migration and implementation of an EHR so you can increase the probability of a successful project.

 

 

 

 

Ask about our onsite workshops for your entire staff.

Don’t see what you need? Ask us for custom training or consulting!

 

 

 

 

Facebooktwittergoogle_plusredditpinterestlinkedinmailby feather
Tags : , ,

Workshops for county and municipal executives


New web workshops. These five team workshops are designed for county and municipal executives and SMB managers. Register Now!

Facebooktwittergoogle_plusredditpinterestlinkedinmailby feather

How Nebraska successfully consolidated state IT services

By Jeffrey Morgan


Consolidating government IT services

If you read my post, Municipal shared services agreements for information technology, you know that I am skeptical about consolidation of multiple county and municipal IT operations. Because they are separate, independent business operations, the potential for unintended consequences, political meddling and perverse incentives is enormous. Another core problems is that very few counties or municipalities operate IT shops using widely accepted standards and frameworks for ITSM (Information Technology Service Management).

State governments, however, more closely resemble large corporate enterprises and there is a strong business case for the consolidation of IT services in such organizations. Elimination of redundant services, lower costs, and a smaller head count are essential goals, but consolidation can also provide uniform governance as well as enhanced quality and customer service if managed correctly.

Culture shock

During Ed Toner’s first week as CIO for the state of Nebraska in June of 2015, he found silos, duplication of tools and services, competition between IT groups and a culture that desperately needed change. A dearth of documentation and metrics presented significant challenges, but his education at Texas A&M in process improvement, ITIL and Six Sigma provided him with the tools to take on this type of task. Moreover, his previous ITSM experience with TD Ameritrade and First Data Corporation gave him the practical experience required for the job.

Ed reports directly to Governor Pete Ricketts and he began his consolidation of the state’s IT services in March of 2016. Six months of analysis lead him to the conclusion that a classic ITIL (IT Infrastructure Library) model was the best approach to lowering the cost of state-level IT services. Ed has taken what he describes as a soft-sell, carrot-without-a-stick approach to the project.

During my research, I discovered that Ed and I have a single, irreconcilable philosophical difference, but I will discuss that at the end. First, let’s take a look at how Ed implemented some essential ITIL components.

The rollout

The project was rolled out in three phases in the following order:

  1. IT Infrastructure (Network)
  2. Server Admins
  3. Desktop support

In the first phase, the Nebraska OCIO (Office of the CIO) brought everyone into a single domain and in the second phase they migrated 6000 square feet of remote data closets into the data center. Phase three is in progress and will be completed within a few weeks, so Ed has achieved remarkable results in only 16 months.

Enterprise applications were also included in the consolidation. OCIO manages the infrastructure and largely leaves the application functions up to the Line of Business (LoB) to manage. This is an admirable model because it doesn’t put IT in the line of fire for determining and managing LoB application features and functionality.

The service catalog (SC)

Since Ed and his team entered into the project with neither documentation nor metrics, they opted to grow the service catalog organically from incoming calls.

The service level agreement (SLA)

When Ed started, no one could tell him how many IRs (incident records) and SRs (service requests) were coming in, but that has been completely turned around. “In terms of the user community, I think for the first time, they’re seeing that we’re being accountable. We’re posting metrics and we just started sending out surveys.” Ed’s team also publishes statistics on availability and their goal is 99.9 to 99.99.

Ed and his team meet weekly to analyze stats and their internal SLA is to satisfy 80% of IRs within 24 hours. They routinely meet that objective and report the data to the governor on a monthly basis. Their goal for SRs is to complete them within 24 hours 65% of the time.

As they mature, they are working on categorizing and prioritizing different classes of IRs to provide an SLA with resolution of specific IRs within 4 hours or less.

Change management

“We are seeing a huge uptick in changes, which means to me that we’re not making more changes in the state, we’re seeing more and more compliance every month.”

In terms of adoption of change management, Ed related, “I can tell you from my vantage point that the state of Nebraska adopted it much more easily than in my past in private industry. If something happens that causes some type of outage, even momentarily, we’re going to come in with problem management. The problem management template we created clearly asks, was this caused by a change? Did you validate? How did you validate? We have built in those fail-safe checkpoints that will indicate if a group has done a change that wasn’t sanctioned.”

Problem management and Root Cause Analysis

Every PR (problem record) is reviewed by the OCIO. ”We have a defined process for escalating issues. Those go into PR and no one wants to have a PR against their group. A problem record means we’re going to have a root cause analysis and were going to find out they made a change that didn’t go through change management. Problem management has helped to enforce change management because they know there’s another level of irritation from my office if the change didn’t go through change management.”

Cost savings

The Nebraska CIO’s office has been able to realize annual savings in excess of $2.8 million on payroll and contracts by eliminating all contractors in infrastructure and desktop support as well as by eliminating staff positions by attrition. “I have no IT infrastructure contractors at the state . . . No contractors doing server admin or desktop support.”

Server consolidation has helped realize $3.2 million annually in hardware savings. For instance, in one division they reduced 90 servers to four virtual servers and have eliminated over 70 physical servers in DHHS so far.

The state initially had three ITSM tools with multiple contracts for those tools, so Ed deployed an unused tool which they were already paying for in their application bundle and eliminated the redundant contracts.

The last word

Nebraska has done all the right things when it comes to building a solid IT service management program. Critical components include executive support and oversight from the CEO, a solid ITSM framework, transparency, and a CIO who is committed to the delivery of exceptional service and quality. Extraordinary managers all have one thing in common – they know that improving quality using rigorous processes reduces costs. How is your state doing?

I told you earlier that Ed and I have one irreconcilable difference of opinion, but it’s a whopper! Ed is an Aggie and I am a Longhorn. Hook ‘em horns, Ed.

 

 

© Copyright Jeffrey Morgan, 2017

 

Facebooktwittergoogle_plusredditpinterestlinkedinmailby feather
Tags : , ,

Security Policy Checkup

Security Policy Checkup Service

For county and municipal government.

By Jeffrey Morgan


Is your security policy up to current standards? Here’s how we can help for a low fixed rate:

This fixed-fee service is designed for counties and municipalities and includes:

  • Initial web workshop with management and key stakeholders.
  • Completion of a survey to identify your organization’s procedures, practices and specific security requirements.
  • Review of your security policy and acceptable use policy against best practices and your organization’s requirements.
  • Web workshop to discuss results.
  • Written report with specific recommendations for improving your policies.

How to get started

  1. e-mail us for a quote/SOW.
  2. We’ll send you a Statement of Work with an NDA (Non disclosure agreement). Sign it and return with a purchase order.
  3. We will promptly schedule a web workshop to gather information.
  4. We will discuss your concerns and complete a brief survey in order to understand your organization’s requirements.

Who should be involved?

We can perform this study for an authorized executive. However, we believe that working with a cross-functional workgroup consisting of Legal, HR, IT and executive management, and possibly other departments will help build a foundation for a more solid information security program in the long term.

Don’t have a security policy?

We can help. e-mail us to schedule a time to discuss the development of a custom security policy tailored to fit your organization.

Read more about this service at: http://www.e-volvellc.com/security-policy-checkup/
© Copyright Jeffrey Morgan, 2016

Facebooktwittergoogle_plusredditpinterestlinkedinmailby feather
Tags : ,

Risk assessments for local governments and SMBs

By Jeffrey Morgan


Next week, I am scheduled for a semi-annual risk assessment with my dentist. He performs a very specific, highly focused type of risk assessment that is totally worth the $125 it will cost. In addition to performing specialized maintenance (hypersonic cleaning), he will provide a threat assessment (for oral cancer, cavities, periodontal disease and other anomalies). I’ll leave his office confident that my mouth is in a low-risk situation for the next six months as long as I continue to follow best practices and perform daily maintenance procedures. I am only vulnerable to these threats if I fail to follow a daily program of brushing and flossing.

I could always choose to save the small fee for these risk assessments and wait for a major dental disaster to occur. The problem with this approach is that a single incident may cost thousands of dollars if I need a root canal or some other type of procedure. Ten years of checkups are less costly than even a single disaster.

Enterprise IT risk assessments

Unfortunately, in the world of local government and SMBs, the most common approach to risk management is to allow a major catastrophe to occur before realizing the value of an enterprise risk management program.

I am at a loss to explain it. Incidents or problems involving your information and IT infrastructure are far more costly than risk management programs. Data loss, breaches, major downtime, malware, lawsuits and fines for compliance violations may cost hundreds of thousands or millions of dollars. They can permanently shut down your small business or really irritate your board of directors in a corporate environment. In the public sector, constituents pay for major screw-ups through increased taxes while the events are often covered up and the culprits skirt the blame and keep their jobs.

When was your organization’s last risk assessment? Can you put your hands on the report? If you haven’t had a risk assessment recently, it’s a safe bet that your policies are sorely lacking. Defining an organizational policy for risk assessment is an essential component of any comprehensive suite of security policies. Both HIPAA and GLBA require periodic risk assessments, but it is a sound practice for all types and sizes of organizations.

Where to start?

If you haven’t previously conducted an enterprise IT risk assessment you should carefully consider your starting point. For example, if you have few or no security policies, it may be wise to form an IG (information governance) committee and begin by developing of a comprehensive set of policies, procedures, standards and guidelines. On the other hand, your management team may benefit from the kind of wake-up call that a devastatingly thorough risk assessment can produce. A 100-page report that says you suck at security and risk management on every page may be just what you need to get everyone’s attention.

The results of a risk assessment should be used to reduce your organization’s risk exposure, improve CIA (confidentiality, integrity and availability), initiate positive change, and begin building a security culture. While using risk assessments as a punitive device isn’t the best approach, such reports often expose malfeasance and incompetence of proportions so vast that appropriate consequences are in order. In other words, if you have been paying a CIO $200,000 and the assessment uncovers gaping policy, security and privacy holes, you should certainly replace the CIO with one who has the required skill set.

Scope the project carefully

Risk assessments come in a lot of flavors and the specific purpose and scope must be worked out with the auditors in advance. A few years ago, a client of mine released an RFP for a risk assessment after we worked extensively on the development of their information security policies. The proposals ranged from $15,000 to well over $150,000. This can happen even with a pretty clear scope. Big 4 firms, for instance, have hourly rates that may be several times what a local, independent practitioners may charge. NIST SP 800-30 provides valuable information on how to perform risk assessments, including some information on scoping.

Risk assessments may be qualitative or quantitative. You may be able to do some of the quantitative work in-house by gathering cost data for all your assets in advance of the assessment. Regardless of the scope and approach, the auditors will ask to see lots of documentation.

Positive outcomes

One positive outcome of a risk assessment is that it may force your management team to rethink EVERYTHING – in-house application development, infrastructure support, IT staffing & responsibilities, LOB (line of business) staffing & responsibilities, budgets, and just about everything else related to the manner in which your organization is run.

Risk assessments are way cheaper than disasters, so go schedule your checkup.

 

© Copyright Jeffrey Morgan, 2017

Facebooktwittergoogle_plusredditpinterestlinkedinmailby feather
Tags : , , , , ,

Municipal shared services agreements for information technology

Pixabay
Pixabay

By Jeffrey Morgan


In New York State, Governor Andrew Cuomo’s Countywide Shared Services Initiative “requires counties to assemble local governments to find efficiencies for real, recurring taxpayer savings… by coordinating and eliminating duplicative services and propose coordinated services to enhance purchasing power.”[i] New York is currently offering substantial financial incentives to municipal organizations that “create savings.”

According to a 2013 study[ii], about 8 percent of municipalities participate in IT shared services programs. Considering the financial incentives, I suspect that the percentage has increased significantly since that time.

In theory, shared services agreements among municipal entities appear to be a great deal for everyone involved, and especially for taxpayers. In reality? I am not only skeptical; I have seen the negative consequences of such agreements in the form of low-quality IT services that cost far more than similar services delivered by commercial vendors.

One possible scenario

A common scenario for shared IT services might take the form in which a county IT department becomes a service provider for cities, towns and villages in its jurisdiction. This may include email, infrastructure services, help desk services, software, printing of tax bills, break/fix services, hardware procurement and much more.

In this type of scenario, the county’s management may view such a deal as an opportunity to turn their IT operation from a cost center to a profit center. However, the differences in performance and productivity between the private and public sectors can be stark. Running a successful commercial IT services business is a tough, highly competitive undertaking that requires excellent management skills and continuous improvement.

For many municipal managers and elected officials, the one-time financial incentive may blind them to the necessity of examining the long-term consequences of such an arrangement. In other words, they will want to build the airplane in the air and the basis for the deal may be something that is not much more than a handshake deal, devoid of reality and details.

Get it right!

It is possible for a municipal shared services agreement to be successful, but success won’t be accidental. If you are involved in negotiating such an agreement, I provide the following suggestions to ensure that you make the best deal possible.

Use rigorous procurement methodology

A shared services agreement should be treated exactly the same as a deal with a commercial vendor. A few examples of documentation required for the evaluation should include the following:

  • Service level requirements. This is a document that precisely defines your requirements. Before entering into any service agreements with outside agencies, your organization should thoroughly understand and document your business needs, goals and objectives.
  • Service level agreement. This agreement is an essential part of any professional services contract. It defines requirements, responsibilities and accountability and includes financial penalties if the provider fails to meet agreed-upon service level targets.
  • Catalog of services. What is the universe of services offered by your service provider? How much does each service cost, and when are such services available? How do you obtain services not covered in the agreement?
  • PSA (professional services automation) system. An automated, auditable system for tracking incidents is a requirement for managed service providers. The system should be configured to send alerts to management and executives when the provider fails to meet agreed-upon service levels. Daily or weekly status reports should be available to the customer.

The agreement framework

Will this be a simple agreement using an MOU (memorandum of understanding) or some sort of BPA (business partnership agreement)? Regardless of the format recommended by your attorney, a clear exit path must be part of the agreement in case the relationship doesn’t work out. Agreements with commercial vendors always spell out how the relationship may be dissolved, but I have seen municipal shared services agreements that have no such escape clauses for the “customer.” Make sure you can get out of the deal if it isn’t working out.

Comingle infrastructure resources carefully

A significant risk of a shared services deal is that IT infrastructure built between the parties may become intertwined to an extent that may be difficult and expensive to unravel. Clear boundaries should be established that will allow the parties to simply unplug if the deal doesn’t work out. Also, who owns infrastructure and data? How do you get your data back once the relationship is dissolved?

Information security, governance and policy

Whose governance policies will apply? Acceptable use policies, security policies, regulatory compliance policies and personnel policies as well as organizational culture should all be considered. How will sanctions for policy violations be addressed between agencies?

Is the provider using best practices for ITSM (information technology service management) and ISMS (information security management systems). Are they in ITIL or ISO 20000 shop? How will security be managed? Do they follow any generally accepted frameworks for information security?

Quality control

Who will define quality standards? In the commercial world, the customer determines quality. In the public sector, the provider often defines quality — the DMV being a perfect example. What recourse do you have if the provider fails to meet quality standards? With a commercial vendor, you simply terminate the deal. In a shared services scenario, terminating the deal may require political capital that is not available. These arrangements present the real risk that you could be stuck with a bad deal for years or even decades.

Summary

These are only a few examples of the processes required to evaluate and negotiate a successful shared services agreement.

The great advantage of democratic local government is that citizens have the ability to address poor municipal management through the democratic process. If we’re not happy with the decisions and actions of management, city council or a county commission, we can simply vote them out of office. The problem with the trend toward regionalization of government functions and services is that we lose that ability to control it through elections. Don’t lose your ability to control your information technology operations by making a bad shared services deal.

References and endnotes

Shared Services Among New York’s Local Governments,” research brief, Office of the New York State Comptroller, Division of Local Government and School Accountability, November 2009

Shared Services: Establishing a Competitive Business Within a Business,” NDMA Inc.

[i] Shared Services Initiative, State of New York.

[ii]Shared services in New York State: A Reform That Works,” George Homsy, Bingxi Quian, Yang Wang and Mildred Warner, August 2013.

This article first appeared on CIO.com at http://www.cio.com/article/3196248/leadership-management/municipal-shared-services-agreements-for-information-technology.html
© Copyright Jeffrey Morgan, 2017

Facebooktwittergoogle_plusredditpinterestlinkedinmailby feather
Tags : , , ,

County/municipal customer service and the RACI model

skydiver-1442719_1920
Pixabay

By Jeffrey Morgan


Because Mother Nature is so stingy when she doles out the gene for common sense, frameworks and standards for IT governance had to be invented.

An example

Recently, I heard about an incident in which a municipal IT director was planning and executing significant changes to a department’s critical infrastructure without informing the customer — the department personnel. After being confronted, he insisted that he wasn’t required to inform the stakeholders because it was routine and he didn’t need departmental approval. Huh! To make matters worse, the changes involved significant risks that were far beyond the understanding of that IT director and his staff.

This behavior is appalling on many levels, but it is representative of the service provided by many municipal IT managers who believe IT is a dictatorial, rather than collaborative, profession. A few of the things this scenario tells us about the organization include the following:

1. The organization isn’t using a framework for IT governance and IT Service Management (ITSM).

2. Executive oversight of IT is inadequate.

3. The organization lacks a risk management program with change-control policies and procedures.

I will address the first two items below, and we can address item No. 3 in a subsequent article, so don’t forget to check back.

Sacred cows and your executive legacy

Municipal IT operations tend to be monopolies, and the customer service they provide is all too often in keeping with what one would expect from any monopoly. There is no good reason for this state of affairs, and you can fix it with relative ease. Enabling deplorable IT services doesn’t have to be one of your executive legacies.

Municipal IT often operates on a charge-back model, where customers (internal departments) are forced pay a flat annual fee or an hourly rate for IT services. The customers are unable to pursue competitive services from external vendors that may provide considerably better quality at a significantly lower cost. In the bubble of government IT, market forces never apply the pressure required to initiate change, and the IT department remains a sacred cow trapped in outmoded thinking and ancient processes.

Solutions, tools and techniques

In previous articles[i], I have discussed several management tools, techniques and processes that will significantly improve IT performance and customer service in your organization. Here, I will add one more concept: the RACI (Responsible, Accountable, Consulted and Informed) model.

The RACI model is an excellent tool for clarifying roles and responsibilities within a process. Using RACI can increase transparency and address the lack of oversight, so that all the players clearly understand their roles in the grand scheme. Let’s take a look at an example of how it might be used to identify appropriate roles for the operation and maintenance of a county clerk’s software application.

County clerk ERMS system responsibility matrix
Credit: Jeffrey Morgan, e-volve
An example of how the RACI approach might be used to identify appropriate roles for the operation and maintenance of a county clerk’s software application.

Although your matrix may be different, what won’t be different is that multiple stakeholders are involved. If there are a significant number of public users of the system, such as attorneys and title researchers, you might want to add them to the matrix as well.

While the RACI model is an important component of frameworks and standards such as COBIT, ITIL and ISO 20000, undertaking a full implementation of any of these programs isn’t necessary to make significant performance improvements to your IT operations and customer service.

Don’t count on common sense as a reliable management tool; use IT governance instead.

For further reading

How to Design a Successful RACI Project Plan,” by Bob Kantor, CIO.com, May 22, 2012

[i]Improving IT Customer Service with Service Level Agreements (SLA),” by Jeffrey Morgan, e-volve Information Technology Services

What Is the Biggest Threat to Internal IT Departments?” by Jeffrey Morgan, CIO.com, Oct. 3, 2016

High Crimes and Misdemeanors of CIOs,” by Jeffrey Morgan, CIO.com, Oct. 17, 2016

Improving IT Customer Service, Part 2: Using a PSA System,” by Jeffrey Morgan, e-volve Information Technology Services

This article was first published on CIO.com at http://www.cio.com/article/3195073/leadership-management/county-municipal-it-customer-service-and-the-raci-model.html

© Copyright Jeffrey Morgan, 2017

Facebooktwittergoogle_plusredditpinterestlinkedinmailby feather
Tags : , , , ,