JonJon Shende is the Director of IT Services at EBSL Technologies. He ensures optimal performance from vendors by having clear policies and procedures understood by all participants, and integrating event management across systems using event correlation and root cause analysis to improve resolution times. He keeps his management informed of department efforts by separating notifications into critical and non-critical categories, emailing managers within an hour for critical issues to assess severity and find solutions first before notifying.
White Paper: Six-Step Competitive Device EvaluationIxia
This paper presents a six-step methodology for conducting competitive product evaluations that provide advance insight into the performance, security, and stability of devices within production network and data center environments.
InfTo improve the quality of network performance through advanced communication
services and authorized users in equal access to state-of-the-art technology.
Businesses are rapidly expanding beyond their traditional data center boundaries into the cloud, with hybrid cloud architectures becoming the new norm. As business-critical workloads and data get increasingly run on diverse platforms across multiple data centers, private and public clouds, it is imperative for IT business continuity solutions to keep pace with the transformation and to continue meeting business Service Level Agreements (SLAs).
Veritas Resiliency Platform makes it simple for organizations to innovate without compromising on critical business SLAs. Organizations can confidently adopt hybrid cloud architectures and predictably meet critical SLAs in spite of growing IT complexity. With a unified approach to IT Service Continuity, Resiliency Platform enables IT operations to deliver predictable service levels to the business while ensuring location independence, platform choice, and operational simplicity.
White Paper: Six-Step Competitive Device EvaluationIxia
This paper presents a six-step methodology for conducting competitive product evaluations that provide advance insight into the performance, security, and stability of devices within production network and data center environments.
InfTo improve the quality of network performance through advanced communication
services and authorized users in equal access to state-of-the-art technology.
Businesses are rapidly expanding beyond their traditional data center boundaries into the cloud, with hybrid cloud architectures becoming the new norm. As business-critical workloads and data get increasingly run on diverse platforms across multiple data centers, private and public clouds, it is imperative for IT business continuity solutions to keep pace with the transformation and to continue meeting business Service Level Agreements (SLAs).
Veritas Resiliency Platform makes it simple for organizations to innovate without compromising on critical business SLAs. Organizations can confidently adopt hybrid cloud architectures and predictably meet critical SLAs in spite of growing IT complexity. With a unified approach to IT Service Continuity, Resiliency Platform enables IT operations to deliver predictable service levels to the business while ensuring location independence, platform choice, and operational simplicity.
How temenos manages open source use, the easy way combinedWhiteSource
The extensive use of open source in commercial software requires engineering executives to set processes and measures that will enable their organization and their customers to make the most of what open source can offer without assuming the accompanying risks.
See how Temenos manages their open source components.
NEMEA Compliance Center - the most powerful survey creation, management, and reporting solution available. It intuitively collects responses, writes, and produces standardized regulatory compliance reports. In fact, it even supports the use of many different standards at once. Our compliance software has a fully featured user-interface that lets you rapidly compare the laws and regulations that govern your industry and business.
Faster, easier deployment of Dell PowerEdge servers helps it and your businessPrincipled Technologies
Saving IT deployment time has a number of benefits, including reducing setup hassle and complexities, freeing up time of administrators, and reducing costs. By choosing Dell PowerEdge servers with pre-installed OEM software, specifically Microsoft Windows Server 2012 R2 and Hyper-V, you’re saving time and effort compared to buying the server without the software. We found you could save over 3.5 hours by purchasing the server with pre-installed software. Deploying more servers can save time too, as our findings can scale up to meet IT resource needs of your business. What’s more, choosing the Dell server with pre-installed software can save you 24 percent of additional licensing costs per server.
In this presentation from IVT's Qualifying and Validating Cloud and Virtualized IT Infrastructures, Chris Wubbolt and John Patterson focus on current trends in cloud computing environments, including aspects of cloud computing and Software-as-a-Service (SaaS) providers that may be of interest to US Food and Drug Administration investigators during an FDA inspection. Important compliance related points to consider for software vendors as they shift to becoming SaaS providers are discussed. The presentation also reviews the pros and cons of cloud computing from a business and compliance perspective, including differences between traditional computing environments and private/public clouds. Examples of issues to consider when using cloud computing environments and SaaS providers are also discussed.
Infrasructure As Code: Fueling the Fire For Faster Application Delivery - Whi...David J Rosenthal
To achieve success in today’s digital age, enterprises mustbe customer-obsessed and systematically reinvent themselves to serve informed and empowered customers. Leading companies rely heavily on software applications to win, serve, and retain these customers. Software creates better customer experiences, and delivering innovative software faster gives companies a distinct competitive advantage.
But faster delivery of applications is challenging for both infrastructure and operations (i.e., Ops) professionals and application development and delivery (i.e., Dev) teams. Both are under pressure to increase speed without compromising quality. To maximize their efforts, neither team can go it
alone — they must work together to find a common set of processes and tools that help them both. This is the core of the DevOps movement.
Unsustainable Regaining Control of Uncontrollable AppsCAST
The ever-growing cost to maintain systems continues to crush IT organizations robbing their ability to fund innovation while increasing risks across the organization. There are, however, some tactics to reduce application total ownership cost, reduce complexity and improve sustainability across your portfolio.
Norman Patch and
Remediation Advanced
provides:
• Rapid, accurate and secure
patch management
• Automated collection, analysis
and delivery of patches
• Security for your organization
from worms, trojans, viruses and other malicious threats
• Single consolidated solution
for heterogeneous environments
provides effective management
at a significantly reduced TCO
Project Business Case and Capital Justification for Implementation of Applica...Duane Bodle
Business Case and Capital Justification Presentation For
Application Performance Monitoring and Retrospective Network Analysis Implementation. *** This Presentation Has Been Sanitized of IP Information ***
Symantec Control Compliance Suite 11, February 2012Symantec
Symantec Control Compliance Suite 11 is the latest version of its enterprise-class IT governance, risk and compliance (GRC) solution. It will feature the new Control Compliance Suite Risk Manager module which enables security leaders to better understand and communicate risks to the business environment from their IT infrastructure. Risk Manager translates technical issues into risks relevant to business processes, delivers customized views of IT risk for different stakeholders, and helps prioritize remediation efforts based on business criticality rather than technical severity.
Speed up system deployment with Dell Connected Configuration servicesPrincipled Technologies
The days of administrators going through lengthy system provisioning procedures to update and patch client images on new employee systems are gone. With Dell Connected Configuration service, your organization can get any number of systems delivered to your door with the latest company image loaded and customized for your employees’ needs. Dell Connected Configuration Service lets customers using management software such as SCCM integrate existing software and processes securely into the Dell manufacturing process at the factory using a secure VPN with your own network/firewall standards, so you can change configurations from your location in real time, on your time. From your headquarters, you can complete a number of tasks on new systems, including imaging, updating BIOS settings, partitioning and encrypting hard drives, and installing user-specific software.
As we found, using Dell Connected Configuration Service could save significant time for a laptop deployment, allowing your administrative staff to focus on other ways to improve your business IT. Additionally, your employees can receive their new systems more quickly, potentially avoiding days of waiting for a system to be ready. These time saving advantages of Dell Connected Configuration services can mean a more efficient process for deploying new systems, and can boost productivity by putting the up-to-date tools employees need to do their jobs into their hands more quickly.
IT Outsourcing: Business Continuity by Design by OneNeck IT Servicesoneneckitservices
OneNeck provides a comprehensive, flexible suite of IT outsourcing solutions designed specifically for mid-market companies. Visit http://www.oneneck.com/ today.
Dear students get fully solved assignments
Send your semester & Specialization name to our mail id :
help.mbaassignments@gmail.com
or
call us at : 08263069601
How temenos manages open source use, the easy way combinedWhiteSource
The extensive use of open source in commercial software requires engineering executives to set processes and measures that will enable their organization and their customers to make the most of what open source can offer without assuming the accompanying risks.
See how Temenos manages their open source components.
NEMEA Compliance Center - the most powerful survey creation, management, and reporting solution available. It intuitively collects responses, writes, and produces standardized regulatory compliance reports. In fact, it even supports the use of many different standards at once. Our compliance software has a fully featured user-interface that lets you rapidly compare the laws and regulations that govern your industry and business.
Faster, easier deployment of Dell PowerEdge servers helps it and your businessPrincipled Technologies
Saving IT deployment time has a number of benefits, including reducing setup hassle and complexities, freeing up time of administrators, and reducing costs. By choosing Dell PowerEdge servers with pre-installed OEM software, specifically Microsoft Windows Server 2012 R2 and Hyper-V, you’re saving time and effort compared to buying the server without the software. We found you could save over 3.5 hours by purchasing the server with pre-installed software. Deploying more servers can save time too, as our findings can scale up to meet IT resource needs of your business. What’s more, choosing the Dell server with pre-installed software can save you 24 percent of additional licensing costs per server.
In this presentation from IVT's Qualifying and Validating Cloud and Virtualized IT Infrastructures, Chris Wubbolt and John Patterson focus on current trends in cloud computing environments, including aspects of cloud computing and Software-as-a-Service (SaaS) providers that may be of interest to US Food and Drug Administration investigators during an FDA inspection. Important compliance related points to consider for software vendors as they shift to becoming SaaS providers are discussed. The presentation also reviews the pros and cons of cloud computing from a business and compliance perspective, including differences between traditional computing environments and private/public clouds. Examples of issues to consider when using cloud computing environments and SaaS providers are also discussed.
Infrasructure As Code: Fueling the Fire For Faster Application Delivery - Whi...David J Rosenthal
To achieve success in today’s digital age, enterprises mustbe customer-obsessed and systematically reinvent themselves to serve informed and empowered customers. Leading companies rely heavily on software applications to win, serve, and retain these customers. Software creates better customer experiences, and delivering innovative software faster gives companies a distinct competitive advantage.
But faster delivery of applications is challenging for both infrastructure and operations (i.e., Ops) professionals and application development and delivery (i.e., Dev) teams. Both are under pressure to increase speed without compromising quality. To maximize their efforts, neither team can go it
alone — they must work together to find a common set of processes and tools that help them both. This is the core of the DevOps movement.
Unsustainable Regaining Control of Uncontrollable AppsCAST
The ever-growing cost to maintain systems continues to crush IT organizations robbing their ability to fund innovation while increasing risks across the organization. There are, however, some tactics to reduce application total ownership cost, reduce complexity and improve sustainability across your portfolio.
Norman Patch and
Remediation Advanced
provides:
• Rapid, accurate and secure
patch management
• Automated collection, analysis
and delivery of patches
• Security for your organization
from worms, trojans, viruses and other malicious threats
• Single consolidated solution
for heterogeneous environments
provides effective management
at a significantly reduced TCO
Project Business Case and Capital Justification for Implementation of Applica...Duane Bodle
Business Case and Capital Justification Presentation For
Application Performance Monitoring and Retrospective Network Analysis Implementation. *** This Presentation Has Been Sanitized of IP Information ***
Symantec Control Compliance Suite 11, February 2012Symantec
Symantec Control Compliance Suite 11 is the latest version of its enterprise-class IT governance, risk and compliance (GRC) solution. It will feature the new Control Compliance Suite Risk Manager module which enables security leaders to better understand and communicate risks to the business environment from their IT infrastructure. Risk Manager translates technical issues into risks relevant to business processes, delivers customized views of IT risk for different stakeholders, and helps prioritize remediation efforts based on business criticality rather than technical severity.
Speed up system deployment with Dell Connected Configuration servicesPrincipled Technologies
The days of administrators going through lengthy system provisioning procedures to update and patch client images on new employee systems are gone. With Dell Connected Configuration service, your organization can get any number of systems delivered to your door with the latest company image loaded and customized for your employees’ needs. Dell Connected Configuration Service lets customers using management software such as SCCM integrate existing software and processes securely into the Dell manufacturing process at the factory using a secure VPN with your own network/firewall standards, so you can change configurations from your location in real time, on your time. From your headquarters, you can complete a number of tasks on new systems, including imaging, updating BIOS settings, partitioning and encrypting hard drives, and installing user-specific software.
As we found, using Dell Connected Configuration Service could save significant time for a laptop deployment, allowing your administrative staff to focus on other ways to improve your business IT. Additionally, your employees can receive their new systems more quickly, potentially avoiding days of waiting for a system to be ready. These time saving advantages of Dell Connected Configuration services can mean a more efficient process for deploying new systems, and can boost productivity by putting the up-to-date tools employees need to do their jobs into their hands more quickly.
IT Outsourcing: Business Continuity by Design by OneNeck IT Servicesoneneckitservices
OneNeck provides a comprehensive, flexible suite of IT outsourcing solutions designed specifically for mid-market companies. Visit http://www.oneneck.com/ today.
Dear students get fully solved assignments
Send your semester & Specialization name to our mail id :
help.mbaassignments@gmail.com
or
call us at : 08263069601
By focusing on organizational enablers and robust software engineering practices, e-commerce companies can shorten the development lifecycle, outmaneuver the competition and remain relevant in the eyes of customers.
HI Team,
I am looking for a job change. I am having 5+ years of development and 1 year of Pen testing Experience. I am looking for Hyderabad location. Details below
Relevant IT Experience: 5.7 Years
Web application security testing Exp : 1 year
Contact number: 9742855955
Notice period: 90 days (Negotiable)
Current Location: Bangalore
Preferred Location: Hyderabad
Thanks,
Raju
Agile and continuous delivery – How IBM Watson Workspace is builtVincent Burckhardt
Journey and transformations that we have been taking at IBM to implement Cloud Native application. Covers culture, architecture and pipeline changes. This presentation was given at IBM Connect 2017 in San Francisco in Feb 2017.
Businesses involved in mergers and acquisitions must exercise due di.docxdewhirstichabod
Businesses involved in mergers and acquisitions must exercise due diligence in ensuring that the technology environment of the future organization is robust and adequately protects their information assets and intellectual property.. Such an effort requires time and open sharing to understand the physical locations, computing environment, and any gaps to address. Lack of information sharing can lead to a problematic systems integration and hamper the building of a cohesive enterprise security posture for the merged organization.
Often the urgency of companies undergoing a merger and acquisition (M&A) impedes comprehensive due diligence, especially in cybersecurity. This creates greater challenges for the cybersecurity engineering architect, who typically leads the cybersecurity assessment effort and creates the roadmap for the new enterprise security solution for the future organization. However, the business interest and urgency in completing the merger can also represent an opportunity for CISOs to leverage additional resources and executive attention on strategic security matters.
In this project, you will create a report on system security issues during an M&A. The details of your report, which will also include an executive briefing and summary, can be found in the final step of the project.
There are nine steps to the project. The project as a whole should take two weeks to complete. Begin with the workplace scenario and then continue to Step 1.
Deliverable
Cybersecurity for a Successful Acquisition, Slides to Support Executive Briefing
Step 1: Conduct a Policy Gap Analysis
As you begin Step 1 of your system security report on cybersecurity for mergers and acquisitions, keep in mind that the networks of companies going through an M&A can be subject to cyberattack. As you work through this step and the others, keep these questions in mind:
Are companies going through an M&A prone to more attacks or more focused attacks?
If so, what is the appropriate course of action?
Should the M&A activities be kept confidential?
Now, look at the existing security policies in regard to the acquisition of the media streaming company. You have to explain to the executives that before any systems are integrated, their security policies will need to be reviewed.
Conduct a policy gap analysis to ensure the target company's security policies follow relevant industry standards as well as local, state, and national laws and regulations. In other words, you need to make sure the new company will not inherit any statutory or regulatory noncompliance from either of the two original companies. This step would also identify what, if any, laws and regulations the target company is subject to. If those are different from the laws and regulations the acquiring company is subject to, then this document should answer the following questions:
How would you identify the differences?
How would you learn about the relevant laws and regulations?
How would .
Cometari Dedicated Solutions General OfferJakub Hajek
Cometari Dedicated Solutions is a technology company based in Cracow, Poland.
We have knowledge and competence in designing, developing and maintaining complex information systems. We specialise in developing advanced server systems as well as soft web and mobile solutions. If you are looking for a reliable IT partner, Cometari Dedicated Solutions
is the right choice. Website: www.cometari.com
Windows XP to Windows 7 Migration WhitepaperLori Witzel
Microsoft will discontinue extended support for Windows XP April 2014, yet more than half the organizations that plan to migrate off Windows XP to Windows 7 have not done so. In this brief whitepaper, you’ll learn more about the “state of migration,” the issues that have slowed migration, and the significant risks incurred by those organizations that fail to migrate from an unsupported operating system. This report reviews the high-level stages in a migration process, and then identifies ways to cut time and costs from migration even if your teams have already started the migration process. These leverage points are clearly identified, and will be useful for all who are not in the very last stages of a Windows XP migration.
Best Practices for Integrating Applications DevelopmentKovair
Enterprise application integration remains an age-old challenge. If done properly with the right choice of technology and best practice considerations, Application integration can deliver immense strategic and technical value. How enterprises pursue application integration can make the difference between pitfalls and positive possibilities.
Culture Is More Important Than Competence In IT.pptxmushrunayasmin
The DevOps implementation will simplify the current support structure inside operations by automating environment build and application release management tasks.
This would guarantee the quicker delivery of online software items of greater quality, increasing client satisfaction.
Learn More: https://bjitgroup.com/agile-software-company
A portion of an internal training session at EBSL Technologies Int\'l
Principles of IT Operations, to include ISO 27001, COBIL ,ITIL,IT Security, IT Frameworks.
Model Attribute Check Company Auto PropertyCeline George
In Odoo, the multi-company feature allows you to manage multiple companies within a single Odoo database instance. Each company can have its own configurations while still sharing common resources such as products, customers, and suppliers.
Introduction to AI for Nonprofits with Tapp NetworkTechSoup
Dive into the world of AI! Experts Jon Hill and Tareq Monaur will guide you through AI's role in enhancing nonprofit websites and basic marketing strategies, making it easy to understand and apply.
Honest Reviews of Tim Han LMA Course Program.pptxtimhan337
Personal development courses are widely available today, with each one promising life-changing outcomes. Tim Han’s Life Mastery Achievers (LMA) Course has drawn a lot of interest. In addition to offering my frank assessment of Success Insider’s LMA Course, this piece examines the course’s effects via a variety of Tim Han LMA course reviews and Success Insider comments.
Acetabularia Information For Class 9 .docxvaibhavrinwa19
Acetabularia acetabulum is a single-celled green alga that in its vegetative state is morphologically differentiated into a basal rhizoid and an axially elongated stalk, which bears whorls of branching hairs. The single diploid nucleus resides in the rhizoid.
A Strategic Approach: GenAI in EducationPeter Windle
Artificial Intelligence (AI) technologies such as Generative AI, Image Generators and Large Language Models have had a dramatic impact on teaching, learning and assessment over the past 18 months. The most immediate threat AI posed was to Academic Integrity with Higher Education Institutes (HEIs) focusing their efforts on combating the use of GenAI in assessment. Guidelines were developed for staff and students, policies put in place too. Innovative educators have forged paths in the use of Generative AI for teaching, learning and assessments leading to pockets of transformation springing up across HEIs, often with little or no top-down guidance, support or direction.
This Gasta posits a strategic approach to integrating AI into HEIs to prepare staff, students and the curriculum for an evolving world and workplace. We will highlight the advantages of working with these technologies beyond the realm of teaching, learning and assessment by considering prompt engineering skills, industry impact, curriculum changes, and the need for staff upskilling. In contrast, not engaging strategically with Generative AI poses risks, including falling behind peers, missed opportunities and failing to ensure our graduates remain employable. The rapid evolution of AI technologies necessitates a proactive and strategic approach if we are to remain relevant.
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdfTechSoup
In this webinar you will learn how your organization can access TechSoup's wide variety of product discount and donation programs. From hardware to software, we'll give you a tour of the tools available to help your nonprofit with productivity, collaboration, financial management, donor tracking, security, and more.
Macroeconomics- Movie Location
This will be used as part of your Personal Professional Portfolio once graded.
Objective:
Prepare a presentation or a paper using research, basic comparative analysis, data organization and application of economic information. You will make an informed assessment of an economic climate outside of the United States to accomplish an entertainment industry objective.
1.4 modern child centered education - mahatma gandhi-2.pptx
Jon shende fbcs citp q&a
1. Q&A with
JonJon Shende FBCS CITP
CRG Shende FBCS CITP
jon.shende@gmail.com 954-263-6269
Director IT Services
Examples of my duties (questions Int'l responses)
EBSL Technologies and
1. How do you ensure your Applications Systems & Associated Vendor relationships are being managed in the
most cost effective manner assuring optimal performance from vendors?
This is a process and company specific question that is dependent on current and future operation of an enterprise.
However what is standard for any organization/vendor relationship is a clear understanding of organizational policies,
processes and procedures by all participants.
Experience has taught me that by using separate tools, time critical events can be difficult to prioritize and analyze
across several domains.
A better solution can be to integrate event management across system platforms which leverage event correlation and
root-cause analysis of issues (inclusive of systems monitoring) which in turn improves resolution times. Taking into
consideration proper management of Applications Systems & Associated Vendor relationships, integrating event and
performance management across all IT disciplines and system platforms under a single point of control will reduce
cost and improve performance.
By implementing such as system we can also ensure the availability of business services that cross these domains,
reduce customer complaints, reduce the cost to monitor and manage each system separately, meet compliance, manage
our vendor relationships and improve productivity.
This process ensures (especially when signing a Service Level Agreement with a vendor) that efficiency is prioritized
and that service performance & service management delivers to meet our expected levels of service. Services directed
at internal users as well as customers.
Typically IT Management tend to over spend in three direct-cost areas as follows: -Disaster Recovery testing
operations
-Cost of avoidable downtime -High Availability-Disaster Recovery resource utilization
Implementing processes directed by Six Sigma or COBIT ensures and enables more evolved levels of project and
process planning with our specifics defined and mapped out for the vendor's direction. As such with Application
Systems and vendors, budgets and processes can be defined with no option for “financial surprises” at any point in an
implementation.
With Six Sigma we define where we are and where we expect to be at any particular time, with an expected outcome.
This outcome is defined by our data, functional metrics and management directions within a set time period.
Implementing a Plan-Do-Check-Act to our Applications Systems & Associated Vendor can map relationships, security
and functions as well as enable a vendor's function to be mapped, monitored and managed for efficiency and to meet
management's requirements.
Once approved and implemented such a system assures optimal performance. Written within a SLA can also be
conditions based on compliance and business requirements (operational Continuity, DR and risk mitigation) to be met
without requirements. This if not met can result in a penalty or penalties for the vendor.
2. Describe your most recent experience with recommending applications improvements to existing software?
(Details)
Generally for any vendor off the shelf software system there are regular patches or software update to mitigate defects
or security holes in an implemented system. Lately attackers are taking advantage of zero day attacks where software
systems are exploited before the vendors are aware of the issues in the systems and have started working on patches.
Of importance is that we cannot ensure software security by adding on some “security” features.
That being said in January 2010 we all read about the impact of the flaw in internet explorer. As a result I had my
team lock down our systems and users who were utilizing internet explorer had their systems isolated from our
general network, scanned, patched and independently tested before letting them go online again after re-integrating
into our local network. I took these precautions as a precaution, for once malware is downloaded and installed; the
potential for opening a back door that allows an attacker to browse and/or gain complete control over a compromised
system was high. In turn a covert attacker could identify high value targets and start to siphon off valuable data that
could be damaging to our clients data on site.
After this incident I updated our company Security Policy to reflect an update to our response plan detailing a
patching and updating process following on NIST recommendations as follows.
2. 1)Prior to patching patches must be tested, implemented in a controlled small, localized, and reversible environment.
2) On patches no reboots should be needed, any registration methods must be consistent and support diverse
deployment methods with no new features required that may compromise the system by requiring additional effort to
secure other areas now made vulnerable by the new patch.
For known issues I recommended that we create a threat ranking and mitigation chart, ranking threat by levels of
disruption and cost to the company. If the threat rank was high and would cost the company more than a certain limit
we act to resolve the issue. If however the cost of resolving a known issue was negligible and would not affect
operations, we leave it as is.
I also implemented a process for our software developers and software vendor contractors building on the STRIDE
model. This includes processes in the software development life-cycle to increase our threat modelling processes and
where we can measurably reduce software specification, design and implementation defects and build security testing
into development by mandating developer's notes when writing code. This was to be added to a mandatory security
knowledge base database to be shared between our in-house team any all vendors, with expected vendor contributions.
Additionally I recommended greater detail for requirements gathering and sand-boxing. In terms of programming
language, I asked for a move away from C, C++ for any new applications.
Finally I also proposed a security validation and verification program to evaluate different software development
processes and practices for effectiveness in producing secure software as development progressed. This was
standardized to apply to any software system and was added to augment our existing assurance and testing automated
processes.
3. Describe your most recent experience with research & development for proposed product or service
enhancement. (Details)
I had to present a proposal justifying the purchase of a new server for an Oracle upgrade to a senior management
team.
We decided on Oracle 11g Standard Edition One as it suited the need of our smaller enterprise and an upgrade
migration rather than an in-place migration. As a result I had to source a suitable new server.
Of importance for me were the fact that this version of the software
1) Simplified our database maintenance across several platforms
2) Had additional metrics to improve security and compliance
3) Did not require a major improvement in hardware in terms of costing
My research consisted of
1) Sitting down with my IT Team to determine the system requirements that would meet our needs
2) Reviewing servers from manufacturers I used in the past. I compared hardware specifications against the
requirements for the current system upgrade.
3) Speaking to Technical Engineers from the vendor companies
4) Speaking with my peers in the industry who have rolled out similar upgrades
5) Reviewing technical data sheets for each server and comparing it's specifications with the estimated need for my
system.
6) Sitting down with my IT Team to eliminate the systems that would not meet our needs after I drafted my findings
7) Presenting my report to senior management
Factors I considered were
1) the needs of the department which will be accessing resources on the new system
2) the ROI on this upgrade based on (1), as well as deployment and upgrade costs.
3) Unique features for each server with deployment specific benefits as it impacts use.
4) After sale support from the vendor and warranties.
5) The Server's components such as its Processors, Storage, Drives, Peripherals, Networking, Form Factor (Tower
Case vs. Rack) and its Final Price. 6) Ease of use for online server configuration tools from the respective vendors
7) The individual servers CPU performance, memory performance and disk performance against our established
benchmark.
Once the system was approved I created three proposed training segments to familiarize end user with the new system
once installed, tested an approved for roll out. These training segments will allow users to practice utilization within a
controlled environment on a live test system that was segmented away from the network.
4. Which core IT systems and software applications are you familiar with? Linux, Unix, Windows, SAP, Oracle,
Blade Systems, Sugar CRM, Active Directory, Kerberos, RSA, Amazon EC2, VMware, SAS IT Management, Snort,
Wireshark, Foundstone.SQL query,IBM-Z OS,MS Office suite
3. 5. Give some examples of ISD Projects you’ve driven or managed and also describe the major challenges you
faced with this project and how did you handle it?
Some projects I handled are – new hardware center upgrade, software upgrade, network security testing and patching,
data center migration, call center training programs, web-portal development for service organization to tie into a SQL
back-end database system and Compliance and Disaster Recovery for financial and services companies to conform
with ISO 27001/2, GLBA, Sox 404, PCI -DSS and SAS 70 requirements.
Currently I am on a data center migration project responsible for managing vendors, in house personnel and my
compliance, disaster recovery and continuity teams.
I had 2.5 months lead time for preparing for the move however with any co-location or relocation I would have
preferred more time to properly implement the move but implemented as follows: I commenced with two random
"power down" weekends at our current location - to make sure the data center shut down scripts/plans enabled my
team to stop and restart all our servers / applications / environments in the correct order. I had to coordinate the timing
to ensure that all testers (vendors and in house) were involved in the power down – This to trial run their test scripts
and ensure a smooth transition for our move and test phases. I also coordinated with our vendor (3rd party
applications and hardware) suppliers as testers in the trials, just in the event of any issues with their kit or applications
occurred. Having them on site meant I would have on hand to help recovery as well as rapidly diagnose issues (e.g.
our Business Intelligence vendors on site responded rapidly when we found missing/erroring databases and resolved
the issue with two hours rather than 24).
Issues and Resolution
1)One major issue I had with the first trial was that some of our engineering team was located at a location 4 hours
away and this caused time delays in specific portions of our testing. From this I adjusted the live move by ensuring
that spares and engineers were on call or on site avoiding a 4 hour call out delays.
As a result of hardware taking longer than expected to power on after a trial shutdown during the trial; in the live
move, I planned for hardware failure - on both power down and the move as a result an ensured that all licenses were
checked for expiration – to avoid false negatives there. Also as a precaution I had my engineers two at a time move
one server each rather than roll them on trolleys to reduce vibrations affecting our hardware.
2) During the trial delays were caused from teams located at different areas not communicating properly.
In order to ensure seamless communication in the live move, I implemented a backup communication plan that didn't
involve the corporate email/Blackberry system, by adding a backup two way radio system and external secured
website with live updates which enable all involved parties to see status of move and testing. (The updates also
included some for our business leadership team to ensure they were aware of progress).
This reduced unnecessary communications / status updates. I maintained this through the move - the effort of updating
it was worth it. This system proved very valuable as we had an 8 hour delay for User Acceptance Testing to
commence, however all parties involved were aware of the circumstances and the proposed resolutions within 20
minutes.
This helped manage the test teams expectations and saved me having to send out lots of emails and progress reports.
Our test teams were all testing remotely (via citrix or VPN) - so we didn't have co-location for sharing of news and
progress.
3) One of my technicians decided to get a jump on the upgraded by starting to upgrade select portions of systems
during the first trial. This caused several delays and interruptions at the new site as we encounter configuration errors
and false positives.
In order to ensure that what we were moving from location A to its counterpart location in the new system for the real
move, I imposed change freezes from the power down period onward. This to facilitate a like with like comparison,
ensuring no unintended alterations in data, as well as for compliance and functionality. I also had everyone involved
document all known incidents they encountered before the move and based on their input created a formal risk
assessment. This listed everything that could go wrong, the chances of it going wrong (for example the likelihood of a
disk failure is high) and how we would mitigate it. I also prioritized resource towards the more likely failures. By
doing this, the list of unexpected problems that we had to solve on the fly was a little shorter -saving on time and cost.
For documentation I assigned a very solid technical person to be in charge of the documentation and change control.
4)Finally I had my team check any time critical business events (e.g. accounts, finance payroll) to ensure those areas
of business have contingency; this also included a check for scheduled data extracts that are going to be missed due to
outage of systems and a process to ensure they are re-run asap at the new location.
4. 6. Describe your experience managing a budget and business plan goals and objectives?
I have managed budgets for over 14 years as well as contributed to business planning.
For budgeting, typically I use the five step SMART planning as a baseline to which I add aspects of six sigma
planning. I always ensure that my budgeting and objective planning are in sync with the corporate business plan and
the needs of the business. E.g. I try to stay within my department's equipment purchasing budget by using RFPs for
larger buys or negotiations. Negotiating with suppliers can be for equipment based on a five year purchasing forecast
to elicit discounts or free after sale service and extra warranties beyond the standard offering.
In terms of goals and objectives, as goals typically express the physical and emotional outcomes that we seek to
achieve, whereas, an objective is a specific description of what is required to be achieved.... When defining objectives
I focus on the following questions: What business we in? What does the company do for its customers? What benefits
do we offer? - this is a main factor in growing our business. Typically I conform to a strategy formation process where
identified goals are converted into effective action plans, by implementing a checklist or format to handle all of the
"how to” issues from goals to objectives. Once my objectives are defined I ensure that all objectives specify their
expected results and objective activities that are easily tracked.
From an IT view I try to focus on a high availability perspective drawing from ITIL, by driving proactive and on-
going improvement of IT operations. My focus is on minimizing people, technology and process issues that can cause
downtime and by extension impact revenues and the P&L of my employer. Following on this, I work with my team to
refine or update processes for improving and maintaining appropriate service levels, in-conjunction with software
tools that automate business processes.
For me Business Continuity is a key component of my business objective and comprises of an enterprise-wide and
preventive-focused solutions, with contingency plans that can provide appropriate levels of continuity regardless of
circumstances. This allows us to effect a quick and efficient recovery in the event of an unplanned interruption of
operations.
7. Give examples of how you ensure that your department is within compliance of data processing regulations
such as GLBA, PCI and/or Sarbanes Oxley?
Keep in mind that beyond compliance there is a fundamental requirement to protect proprietary data with applied
access controls, especially for deployed systems that are implemented for web facing services. This follows mandates
that are defined in our policy that addresses information security.
If I have a new compliance audit to do, I start with a gap analysis to identify areas of risks and areas where additional
remediation actions should be taken. Then I implement a self-assessment checklist for GLBA, PCI and SOX 404
compliance.
Some processes I have implemented to ensure compliance is met are
1) Separation of roles and responsibilities across IT personnel
2) Ensuring that access is based on documented business requirements and logged controls. 3) Implementation of
access controls to sensitive data and systems by limiting access based on business requirement and user role
4) Separation of roles and responsibilities at the business application and data access layers
5) Hardened controls for Internet facing systems and systems used to manage the companies books and records
6) For a PCI DSS, I ensure that the infrastructure network is segmented and video cameras or other access control
mechanisms are in place to monitor the entry/exit points to pertinent and classified areas. For our 3rd party vendors, I
ensure a review of the Report on Compliance (ROC) is completed. By securing the server room for limited physical
access per the rules of least privileges for personnel, as well as ensuring said personnel have rights group and roles
assigned by my assigned data owner via whatever access control mechanisms in place (swipe card, login, RSA
module and swipe card) satisfies physical/logical access requirements and requirement 7 of PCI DSS. Any customer
data and/or related sensitive information are encrypted for transmission across public networks.
I also employ mitigation methods which ensure compliance with the self-assessment and annual network scans or
Annual on-site PCI Data Security assessment with a quarterly network scan.
8. How do you typically keep your management team informed of your department efforts?
I separate management notification into two categories, critical and non-critical. For critical notifications, I email the
appropriate senior manager or managers on an issue that will impact the business within one hour of receiving notice
of an incident.
This will give me time to assess the severely of an incident and find an appropriate solution or start the search for an
appropriate solution before notifying senior management. If however I have been previously instructed by my direct
manager to notify immediately of a specific incident regardless of finding a solution I send out the notification
5. immediately, then follow up with the solution process.
This is then formalized in a standard weekly report consisting of a summary of daily operations, which is submitted to
my manager at the end of the business week.
For non-critical issues I submit a hard copy monthly, quarterly, semi-annual and annual report on the department's
operations.
Finally I refresh these reports in our weekly or monthly status meetings depending on urgency, and try to get
management's input and commitment where is required at that time.
9. How do you stay current with best practices with in your industry and continuing education?
I stay current with best practices by attending relevant trade shows, webinars and webcasts; read industry publications
and white papers as well as maintain membership in a series of professional associations.
In terms of continuing education in the company approves study, I attend specialized vendor training as well as online
education from accredited Universities that will improve my job performance.
Most recently I was given approval to complete a Masters Degree as its focus on Compliance, Continuity and Disaster
Recovery would add to my field expertize.
10. Please indicate your experience negotiating with consultants, technical personnel, and vendors for services
and products.
I have over 14 years of negotiating experience ranging my experience as an executive where I led negotiations for
acquiring smaller firms to my current position where I negotiate contracts, terms, costing and contribute to Service
Level Agreements (SLAs) with our clients, vendors and sub-contractors /consultants.?
11. Give me an example of a time when you were able to successfully manage an issue with an employee when
there was a disconnect. What obstacles or difficulties did you face and how did you deal with them? Were you
able to resolve the issue?
It is often the case that a disconnect among leaders and team members is a direct result of poor communication and/or
lack of recognition of the contributions performed by said employees. Typically this is contradictory to my
management style; therefore, I do not encounter these types of issues now but will cite one from my earlier career.
Issue
In my early years as a manager, there was an instance when an employee assigned to a warehousing system who also
worked within the in house sales team, started to fall behind on performance. An initial meeting was non-committal
with the employee giving me the standard, “yes I am happy working here, I have no problems with my co-workers,
the salary is fine etc. When I asked well tell me what I can do for you that will help you grow, he paused then replied
that he was ok.
His responses were not acceptable to me and my manager as his lag in performance was starting to affect operations
as we were in the peak season of business. Firing him was not an option for me as I valued him and he maintained his
required performance metrics.
Resolution
In order to better able to assess this person’s needs so that he would perform better in the organization I decided to
spend a day with him in his workspace with no notice.
I arrived early just as the sales team were conducting their inventory an observed that he seemed to know more about
our products, client purchasing volumes and forecasts than the actual sales team.
What I gathered over the course of two more hours with him was that he worked on auto pilot and only came alive in
the times he was interacting with the sales team and our customers, however during these times he spent too much
time socializing with the reps and customers which was a factor affecting his performance.
On the plus side his product knowledge was superior to both the in-house and field sales teams.
After a discussion on my findings based on his personality and knowledge with my manager I sat with this employee
and spoke to him about becoming a field account executive for the company, which he accepted.
In short within the first quarter he became the highest grossing field representative, made presidents club in his first
year and his area saw a 33% increase in revenues.
12. How do you keep your staff informed about information that affects their jobs?
I firmly believe that disseminating information to staff regarding company policy, goals, projects, etc. is essential for
employees to function as a team built on camaraderie and mutual respect. There are various methods that I utilize for
keeping my team abreast of issues within an organization. They are email, team, group and individual meetings as
well as memoranda.
6. It is of course important that all communication whether verbal or nonverbal reflect clarity, congruence, and proper
etiquette. I have found that my team responds well to my ability to be open and available to them. However I try to
tailor any method of information based on the situation and it's appropriateness to the given situation.
For instance, it would not be appropriate to discuss budget cuts via email. I believe that management and appropriate
staff must be able to discuss such information through verbal questioning and feedback.
13. Tell us about a specific development plan that you created and carried out with one or more of your
employees. What was the specific situation? What were the components of the development plan? What was
the outcome?
In my mid-twenties, I was able to obtain a position for an up and coming manufacturer in the logistics and operations
department.
In order to get a thorough understanding for the business I worked after hours with the night shift and spent extra
hours in the company library studying manuals and product guides.
It wasn't long before my work ethic and commitment was recognized affording me a position as department manager.
In this capacity, I was in a position to effect the future operations and success of the company.
At a bi-weekly meeting of the owner and department managers, I addressed the need for the company to implement an
electronic data interchange (EDI) system. With my research in hand and previous experience, it was determined after
a few informational meetings, that I would be given the opportunity to proceed with two members of my team
assisting.
Serving in this transformation leadership capacity, I created an information pamphlet and submitted it to everyone in
the company. Then I created a time line and conducted meetings with individual departments to gain their input on
how the process might affect them.
After soliciting their ideas and gauging feasibility, my team and I adjusted processes to meet the departmental
business needs. We also met with vendors to understand their practices and establish a communication basis. Once all
the internal and external factors were aligned, my department spearheaded the project through initiation, testing, and
finalization phases, while maintaining and ensuring a commitment to our current responsibilities.
As with most organizationally changing projects, there were a few hiccups along the way. However, the openness with
which I conducted myself in the initiation phase allowed for vendors and members of the company to communicate
freely with me about concerns or issues they were experiencing.
As I needed to raise awareness of the need for EDI by making the owner and team members understand the benefits of
such change, I was supportive of feedback, and considered trustworthy because I encouraged the company to work
together to facilitate a smooth adjustment that would meet everyone's needs. It was important for my team and myself
to conduct ourself with the emotional intelligence necessary to manage this project and others without becoming
frustrated. My excitement and vision for the project were unwavering and I maintained a positive outlook even during
setbacks.
Throughout the project I conducted surveys to determine if the project was on target with expectations and testing. I
found for the most part individual departments and members were competent and committed to the project. They met
their deadlines and were thorough in their assignments.
Results : The company was able to realize an increase in additional sales and new accounts through “big box”
retailers, such as, Wal-Mart and Target were obtained (it is mandatory to operate an EDI system to do business with
these companies).
Incorrect orders due to operator error decreased exponentially. Shipping information was communicated to vendors in
a timely fashion improving customer service, and electronic remittance insured the company received payment for
product on average of twenty days sooner than previously.
14. What have you done to develop your subordinates where the employee had gained a new skill and your
company was able to improve their performance? Give an example and be specific.
It is my belief that a key element in employee development is access to a mentor who is able to guide and influence
the individual’s growth through knowledge, experience, and emotional support.
It was within this relationship that one of our employees was able to seek out and pursue his interest in Disaster
Recovery Planning. As this is an area of my specialty I acted as his mentor and we sat down and drafted a course of
study and field assignments that would complement his interests as well as aid in his growth and knowledge. In terms
of formal training I was able to get management approval for paid training for the employee based on our need and
additional requirements on the part of the employee upon completion of the company paid training.
By obtaining this skill, he became a point of contact for the company. This aided the organization in procuring
7. necessary contracts thereby increasing the company's financial growth. The employee was able to further hone his
skills while on this contract as the lead Project Manager.
15. Describe your management philosophy and practices. Tell us about a time when you really had to put these
practices to a test?
I do not believe that an effective manager/leader can have one set style. The manager must be able to adapt a variety
of styles based on the needs at hand. I also believe that a leader should focus on accomplishments rather than on
personal characteristics regarding his or her relationship with team members.
Generally, I am viewed as a leader who has an open door policy, encourages staff to participate and express their ideas
and views with respect to daily work processes as well as projects. This encourages employee self-worth by showing
consideration of others. However, while consultation/feedback is important, and I believe final authority in decision
making should be left to the team manager responsible and his superiors if they are to be involved in a decision that
will affect the company.
I believe in creating inspiration and visibility, in addition to facilitating a trusting environment as an essential part of
my management philosophy and practices. Ideally, these concepts foster a further productive environment by means
of employee satisfaction. Unfortunately, there are times when perceptions are not viewed similarly and I have to
resolve to conflict management by weighing the good of the company over an employee's needs.
8. 18. What methods have you used to gain commitment from your team? Give me an example of where this
method was successful and one where it was unsuccessful-be specific?
To establish commitment from a team you must first have a team that is motivated. Stimulating interest can be
accomplished by supplying rewards in addition to higher-level responsibility and advancement. One must then
express the relevance in tasks, provide coaching, solicit feedback, and yes, allow employees to take risks and make
mistakes (within reasonable limits, of course). Being a leader who can communicate effectively, is supportive,
facilitates change when necessary and is clear and concise in designation of members responsibilities will earn
admiration, constructive productivity, and commitment from his team.
It is of personal satisfaction to me when I am able to guide the initiative of promising team members. I applied these
principles while working on a project to overhaul a small retail chain's information systems. This was a big client for
the company and top notch attitudes and results were essential for potential company growth. I assigned the team in
charge realistic but extremely challenging goals to accomplish the project. One member in particular spoke with me
after successfully completing the project. He told me that he viewed himself as a person who is driven and appreciated
being given the opportunity to challenge himself.
In contrast, I afforded these same opportunities for skill development as well as bonuses for meeting milestone
objectives to another individual while on a data management project. Unfortunately, despite my thorough
communication and coaching, the employee failed to meet our requirements and had to be removed from the project
despite having received both verbal and written warning notices as well as a mentoring session.
19. How have you influenced employees to follow your strategic vision for the organization?
First it must be said that to ensure an employee’s commitment to a strategic vision, a leader must be viewed as
trustworthy.
I subscribe heavily to the school of thought that for every issue there is a solution. As a result a key focus of my
leadership style is to present myself as a trustworthy leader. I have an open door policy and will not cast blame, but
rather tend to sit with my team as a problem solver; encourage and invites feedback, and honor their confidences.
While I operate within the mandate of our senior management team and the company's vision which is far-reaching
and reflects our long term goals, I try to be realistic to change, provide ambitious yet achievable goals and integrate
my work ethic into our everyday work processes.
20. Describe a time when you had to communicate a management decision to your staff that you did not agree
with. How did you prepare for this undertaking?
I firmly believe that a leader should not express discontent with management's decision regardless of personal
opinion. Doing so will breed disgruntled workers and result in a negative impact of moral and productivity. In
addition, employees are likely to lose respect for a manager who complains out of turn.
During a previous expansion management decided to cross train some employees for a potential transfer to the new
and untried business segment. This meant select staff would report to new supervisors, some of whom would be hired
external to the company rather than following on the company's protocol of promoting from within.
Unfortunately, a few individuals were not pleased about this move. I anticipated this would be the case as I had
recommended a few for promotions during our last annual personnel review. Therefore, prior to communicating the
changes to them, I secured a meeting with the president for a brief question and answer session. This meeting
provided answers on the expansion, future direction of the company, and how staff would be affected directly. Gaining
this knowledge and insight helped to spearhead any potential issues and my staff appreciated that I had made the extra
inquiries that they would have felt necessary. With some agreed upon adjustment, the result was a seamless
transition.