IT Manager's Handbook: Getting Your New Job Done (86 page)

cost overruns,
125

identification,
108–109

information sharing,
266

IT governance,
238

leadership
vs.
management,
13
t

meeting costs,
129

off-track projects,
123

project charter,
110

sponsorship,
108

summary updates,
121

Project teams

candidates,
126

project management,
126

Proportionality principle, Data Protection Directive,
234

Protected Health Information (PHI),
229

Public cloud,
vs.
private,
149–150

Public Company Accounting Reform and Investor Protection Act (2002),
See
Sarbanes–Oxley (SOX)

Public Key Infrastructure (PKI),
222

Q

Qualitative risk analysis, security management,
210

Quality of work

employee performance review,
44

outsourcing agreements,
185

Quantitative risk analysis, security management,
210

Qwest Communications,
226

R

Rackspace,
148

Radio Frequency Identification (RFID),
207

Real estate, disaster recovery,
254–256

Records retention, compliance,
242

Recovery Point Objective (RPO),
249
,
249
f

Recovery Time Objective (RTO),
249
,
249
f

Recruiters

basic considerations,
79–82

current usefulness,
81
b

multiple recruiters,
82

pros and cons,
80
t

selection,
81–82

technical abilities,
82

Recruiting fairs, PD advertising,
79

Red indicators, project progress tracking,
121

Reference checks

candidate selection,
97–98

common hiring mistakes,
99

Referrals, as hiring starting point,
68

Regional disaster, DR plan,
259

Relationship issues

with boss/peers,
17–18

first 100 days,
24

vendor management,
173–174

Remote control

Help Desk,
279–280

mobile user support,
274

Remote Control (Dameware),
279–280

Remote interviews, candidate selection,
91–92

Remote workers,
37–38
,
37
b
,
See also
Mobile workforce
Telework programs

Renewal licensing,
146

Request for Information (RFI),
174

Request for Proposal (RFP),
174
,
175

Request for Quotation (RFQ),
174

Resource management,
239

Resources, as project component,
111
,
111
f
,
113–114

Résumé reviews, candidate selection,
83–84

Return on Investment (ROI)

cloud computing,
151

consumerization of IT,
271

PMO,
106

project cost justification,
132

VDI,
140

RFI,
See
Request for Information (RFI)

RFID,
See
Radio Frequency Identification (RFID)

RFP,
See
Request for Proposal (RFP)

RFQ,
See
Request for Quotation (RFQ)

Risk analysis

security management,
210

tool options,
211

Risk management

BYO policies,
273

IT governance,
239

project management,
109–110

security management,
210
,
211

T&M contracts,
172

Risk mitigation, security management,
212–213

ROI,
See
Return on Investment (ROI)

Rootkits,
224

RPO,
See
Recovery Point Objective (RPO)

RSS feeds, as connectedness technology,
289

Rule 17a-3, Securities and Exchange Act (1934),
232

Rule 17a-4, Securities and Exchange Act (1934),
232

Rule 342, NYSE,
232

Rule 440, NYSE,
232

Rule 3010, NASD,
232

Rule of Least Privilege,
215

S

SaaS,
See
Software as a Service (SaaS)

Safeguards Rule, GLB,
231

Salary range

candidate selection,
99–101

making offer,
99

non-monetary compensation,
100–101

sharing with agencies,
99–100

Salary review, employee performance,
53–54

Salesforce.com,
148

Sales incentives, benefits of Web,
293

Sales and Marketing Department

candidate selection,
96

capital
vs.
operating expenses,
167

customer identification,
12

IT for business value,
181

IT manager duties,
1
,
2

“people to know,”,
24

user identification,
264

SAP

enterprise applications,
136

ERP,
157

OS selection,
138

Sarbanes, Paul S.,
227

Sarbanes–Oxley (SOX),
46
,
155
,
226
,
227–228
,
233

SB-1386,
230

Scalability, vendor evaluation matrix,
178

SCAMPI,
See
Standard CMMI Appraisal Method for Process Improvement (SCAMPI)

SCCM,
143
,
279–280

Scheduling demands

employee training,
40

kick-off meeting,
116

off-track projects,
124–125

progress tracking,
117

Schmidt, Eric,
290
t

Scope Creep

call tracking software,
278

Project Charter,
110

project management,
106–107

Scope determination

disaster recovery

application assessment,
250–252
,
251
f
,
252
f

basic considerations,
248–252

data value,
252

key questions,
248–249

RPO,
249
,
249
f

RTO,
249
,
249
f

project management

basic considerations,
106–111

constraints, interdependencies, risks,
109–110

defined objectives,
106–107

department
vs.
company objectives,
107

historical perspective,
110–111

project charter,
110

sponsorship,
107–108

stakeholders,
108–109

technical environment,
190

Scrums, Agile Meetings,
34

Secure Sockets Layer (SSL),
222

Securities and Exchange Act (1934)

Rule 17a-3,
232

Rule 17a-4,
232

Security audit, basic considerations,
209–210

Security Breach Information Act (SB-1386),
230

Security defenses

common solutions,
220–223

encryption, keys, certificates,
222

firewalls,
220

IDS/IPS,
220–221

incident response,
223–224

malware prevention,
221

network access control,
222

ongoing maintenance,
221–222

staffing issues,
223

Security Incident Response Team (SIRT),
223

Security issues

assessing intentions,
208

basic considerations,
205

breach examples,
225
b

CIA,
208

common themes,
207–209

connectivity impact,
206–209

consumerization of IT,
273

importance of close examination,
208–209

perspective,
206