The following are the 2007 Top Technology Initiatives. Those new to the list are noted.

1.     Information Security Management: A systematic approach to encompassing people, processes and IT systems that safeguards critical systems and information, protecting them from internal and external threats. Incorporates the preservation of confidentiality (information is not available or disclosed to unauthorized individuals, entities, or processes), integrity (safeguarding the accuracy and completeness of key data) and availability (systems and data are accessible and usable upon demand by an authorized entity) of information. Other properties such as authenticity, accountability, non-repudiation and reliability may also be involved.

 

2.      Identity and Access Management: Identity and access management consists of the hardware, software and processes used to authenticate a user’s identity, i.e. ensure users are who they say they are; then provide users with appropriate access to systems and data based pre-established rights and privileges.  Identity management may utilize one, two or three factor authentication and include passwords, tokens, digital certificates (for web sites and e-mail systems), PKI, biometrics and other emerging technologies.

 

3.      Conforming to Assurance and Compliance Standards: Creating formalized strategies and systems to address organizational goals and statutory requirements. These strategies and systems may include collaboration and compliance tools to monitor, document, assess, test and report on compliance with specified controls. It encompasses risk assessment standards, risk management and continuous auditing/continuous monitoring.

 

4.      Privacy Management: The rights and obligations of individuals and organizations with respect to the collection, use, disclosure and retention of personal information. As more information and processes are converted to a digital format, this information must be protected from unauthorized users and from unauthorized usage by those with access to the data, including complying with local, state, national and international laws, and the convergence of security and privacy.

 

5.     Disaster Recovery Planning (DRP) and Business Continuity Management (BCM): A holistic management process that identifies potential threats to an organization and the impact those threats may have on business operations. Resources can include IT equipment, data records, the physical space of an organization, and personnel. Threats to these resources may include theft, virus infestation, weather damage, accidents or other malicious destruction. A well defined, documented, and communicated plan can help provide structure and stability in the event of a business interruption or catastrophe greatly improving the chance of business survival. 

 

6.     IT Governance: A structure of relationships and processes that direct and control an organization and help it achieve its goals by adding value while balancing risk versus return over IT and its processes. Includes IT ROI, or the decisions around technology investments and how to optimize related returns.

  

7.      Securing and Controlling Information Distribution (new): Protecting and controlling the distribution of digital data, i.e. enabling secure distribution and/or preventing illegal distribution and access to protected information. Example: a document distribution strategy controlled by a Digital Rights Management (DRM) server that prevents an encrypted document from being opened by anyone other than the intended recipient.

 

8.     Mobile and Remote Computing (new): Technologies that enable users to securely connect to key resources anywhere, anytime regardless of physical location. Enabling technologies include tablet PCs; PDAs; and wireless technologies such as Bluetooth, WiFi and WiMax.

 

9.      Electronic Archiving and Data Retention (new): Technologies that enable appropriate archiving and retrieval of key information over a given (statutory) period of time with improved efficiency and access to the information. This includes policies and processes to ensure destruction of information from storage and archival media in a timely and consistent manner.  Information includes traditional data as well as telephony, IM traffic, and other emerging forms of collaboration. Storage and backup technologies, including Direct Attached Storage (DAS), Network Attached Storage (NAS) and Storage Area Networks (SANs), and optical devices such as DVDs, CDs, and Blu-Ray help support the archiving and retrieval process.

 

10.  Document, Content and Knowledge Management (new): The process of capturing, indexing, storing, retrieving, searching and managing information electronically, including database management of PDFs and other formats. Knowledge management then brings structure and control to this information, allowing organizations to harness the intellectual capital contained in the underlying data. This is sometimes referred to as the "paperless" office even though "less-paper" or digital office may be a more accurate term.  

Back to top

Honorable Mention

11. Training and Awareness: Methods and curriculum designed to enhance the understanding and use of current and evolving technology, including learning competency and learning plans to increase the knowledge of individuals. Includes ensuring an organization has the resources available to efficiently train new hires on technology and train current employees on full use of existing technology on a timely basis. 

 

12.  Business Process Improvement, Workflow & Process Exception Alerts: BPI provides for improved business and transactions processing using real-time monitoring tools that provide exception alerts to automate business processes on triggered events, identify problems or new opportunities in a transaction before a transaction is complete, or better control quality issues by catching problems more quickly. Workflow involves the operational aspects of a work procedure: how tasks are structured, who performs them, their relative order, how they are synchronized, how information flows to support the tasks, and how tasks are tracked. Through the use of these tools an organization can make significant changes in the way it does business.

 

13. Improved Application and Data Integration: Use of existing and evolving technologies such as web services, .NET, XML and SOAP, to better integrate data between diverse applications allowing organizations to select and seamlessly integrate data and functionality between "best of breed" applications. A common example is the ability to update a field in one application which automatically synchronizes that data with other applications.

 

14.  Web Deployed Applications: Uses the Internet as a platform for deploying applications, and making data available to end users, in lieu of installing and maintaining applications and information on local machines.  Also known as "On-Demand" or "Software as a Service," web deployed applications may be corporately controlled and hosted, or hosted by 3rd party providers, such as an Application Service Provider (ASP).  Web deployed applications dramatically reduce deployment and management costs and traditionally provide better data security, fault tolerance and greater convenience to end users.

 

15.  Enterprise System Management: Tools and strategies that enable administrators to centrally patch, manage, upgrade and maintain applications and operating systems on servers and workstations across an organization. May also include use of digital appliances: specialized, often pre-configured, appliances that address specific network or corporate needs, and significantly reduce the deployment and maintenance time traditionally involved with providing these services.

Back to top