Group items tagged

When I initially speak with clients about, or lecture on the need for a structured organizational change management (OCM) program, a common question is whether simply having a communication plan to broadcast news about the change is a good substitute.

Today's post provides an example of an organizational change being discussed in many firms contemplating the use of social media, and its evolution to social business in a global economy. Adoption of "social" introduces new risks and opportunities to US corporations. The likelihood of doing business

Last week I introduced the underlying concepts and premises for two theories of organizational change - from John Kotter and Black & Gregersen-  based on the influence and value of individual commitment to new behaviors, practices and attitudes.

To start off the week, I dive a bit deeper int

Today's post discusses the relationship between strategy, leadership, and vision, 3 processes normally associated with senior organizational members. The majority of employees in mid to large sized corporations spend their time in tactical pursuit of short-term goals set by managers. Rather than

At last, my summer reading list is complete!

In what it described as an historic document, the National Institute for Standards and Technology issued a special report entitled Recommended Security Controls for Federal Information Systems and Organizations. Special Publication 800-53, Revision 3, is historic in nature. For the first time, and as part of a continuing initiative to develop a unified information security framework for the federal government and its contractors, NIST has included security controls in its catalog for national security and non-national security systems in its latest revision, No. 3, of Special Publication 800-53. "The important changes described (in the publication) are part of a larger strategic initiative to focus on enterprise-wide, near real-time risk management; that is, managing risks from information systems in dynamic environments of operation that can adversely affect organizational operations and assets, individuals, other organizations, and the nation," Ron Ross, NIST's Federal Information Security Management Act implementation project leader, said in a message incorporated into the 220-page report. According to the document, the updated security control catalogue incorporates best practices in information security from the Department of Defense, intelligence community and civilian agencies to produce the most broad-based and comprehensive set of safeguards and countermeasures ever developed for information systems.

Several years ago I was helping firms prepare for their first SOX (Sarbanes-Oxley) compliance audits. Following is one of the experiences I had training corporate executives, staff and even auditors about the benefit of selling change...

I walked into the Chief Information Officer's office, not k

One of the things that always surprised me while working with corporate information over the years is the lack of a data classification program in the majority of firms. Working with many well-known corporations around the world, I get to see the inner-workings of how IT is practiced.

One item I

This post is one in a series on Privacy & Security, and covers some of the intersections of these domains for those who are not practitioners with in-depth understanding of the associated disciplines.
History Points to Privacy's Future
Today's post explores the history of privacy a bit mor