Jay Heiser

A member of the Gartner Blog Network

Archives for February, 2013


Including, but not limited to

by Jay Heiser  |  February 28, 2013  |  Comments Off

Any time your internal policies include the lawyerly language “Includes, but not limited to…”, it should be a sign that somebody needs to reexamine the text.  This is often a sort of cop out, an admission on the part of the policy writer that they actually do not know what the rules should be—but a […]

Comments Off

Category: IT Governance Policy     Tags:

If you don’t know how to do it, WHY do you want to do it?

by Jay Heiser  |  February 27, 2013  |  2 Comments

“We have decided to do this new thing. We think it has risks. What should we to to make sure that it doesn’t have any risks. This new thing that we’ve decided to do. Without knowing what the risks are, or whether the best practices for risk mitigation have matured.” Exactly

2 Comments »

Category: risk management     Tags:

Cruise Ships and Cloud Computing

by Jay Heiser  |  February 15, 2013  |  1 Comment

As 4,200 disgruntled holiday goers, trapped on the ironically named cruise ship Triumph, finally end their 5 day ordeal, it serves as a reminder that the eggs can have more stake in the state of the basket than the basket holder does. From the point of view of the cruise line, each booked up ship […]

1 Comment »

Category: Cloud risk management     Tags: , , , , , ,