A Time to Give: Learn how your registration will support 1 of 3 amazing non-profits.

written by: Admin on November 3rd, 2014


ASPE Training is proud to announce some big changes to our annual Charitable Giving Event. Each year we donate a significant sum to a charity chosen by the ASPE, Inc. board members. But this year, we’re letting you choose!

For every course registration made between November 1st, 2014 and December 31st, 2014 we will be donating $5 to one of the three charities. After registering, simply respond to your email from customerservice@aspeinc.com and choose the charity you would like to contribute to.

It’s the giving season! Which charity will you choose to support?

The V Foundation for Cancer Research
After being diagnosed with cancer at the young age of 46, Jim Valvano dreamed of finding the cure. Passionate and committed, Jim and ESPN formed the V Foundation for Cancer Research. As a former coach, he began to recruit his team of family and friends to lead The Foundation in his quest to eradicate the disease.

Although Jim lost his battle with cancer less than two months after delivering his world famous ESPY speech, his dream to find cures lives on through research grants bestowed in his name. The V Foundation has awarded more than $130 million to more than 120 facilities nationwide and proudly awards 100% of direct cash donations to cancer research and related programs.

Jim’s dream of finding cures for cancer is shared by millions. Although we have not yet achieved this goal, every day we get a little bit closer and continue to honor his inspiring words, “Don’t Give Up . . . Don’t Ever Give Up!”

Wounded Warrior Project
The Wounded Warrior Project is a veterans service organization that offers a variety of programs, service and events for wounded veterans of the military actions following the events of September 11, 2001. It’s mission is to “Honor and Empower Wounded Warriors” of the United States Armed Forces, as well as provide services and programs for the family members of registered veterans.

Wounded Warrior Project’s vision is to “foster the most successful, well-adjusted generation of wounded service members in our nation’s history” as it works to raise awareness and enlist the public’s aid for the needs of severely injured service members, help severely injured service members aid and assist each other, and provide unique, direct programs and services to meet their needs.

St. Jude Children’s Research Hospital
founded in 1962, St. Jude Children’s Research Hospital is a pediatric treatment and research facility focused on children’s catastrophic diseases. It is located in Memphis, Tennessee, and is a nonprofit medical corporation. Although it was named a patron saint, St. Jude is not a Catholic hospital and not affiliated with any religious organization.

St. Jude was founded by entertainer Danny Thomas on the premise that “no child should die in the dawn of life”. The Misson of St. Jude Research Hospital is to advance cures, and means of prevention, for pediatric catastrophic diseases through research and treatment. Consistent with the vision of our founder Danny Thomas, no child is denied treatment based on race, religion or a family’s ability to pay. Click to continue »


Web Seminar Recap: Automating Builds using TFS 2013

written by: Tegan Smith on December 16th, 2014

Developers still wasting time building code manually? Do you struggle with running builds and deployments in a consistent way each and every time? TFS can help you fully automate the build and deployment process.

This webinar, Automating Builds using TFS 2013, was held on Friday, December 12th by Bryon Brewer. The webinar will include a live demo to walk attendees through the process.

Missed this seminar? Download the slides and recording here.


Video Demo: SharePoint 2013: Creating Document Sets

written by: Tom Robbins on December 16th, 2014

This week’s video blog is a follow up to the first two videos talking about creating and working with document sets. Before starting on creating the document sets, I’m going to review the first two video blogs.


The goal is to use the document sets to address the creation of a feature request process. The feature request process is made up of four pieces of content:

  1. Feature Request Document (.docx)
  2. Request Details Document (.xlsx)
  3. Proof-of concept presentation (.ppt)
  4. Feature functionality flowchart (.vsd)

These pieces must be created before the document set is generated. That is done by creating the content types for each.

  • Attach a template
  • Define any document Meta data
  • Define information management policies if required
  • Update the document information panel template
  • Attach a document specific workflow

Create the document set. Document settings allow you to:

  • Set allowed content
  • Set default content
  • Specify any shared columns
  • Welcome page configuration

Requester, requested date and status will be defined as Meta data. Create a library where the document set will be used. (Version control can be turned on if needed.) Enable management of content types on the library and add the new document set to the content types on the library.

To create the document set, first create all the document content types in feature requests under my site content types section.

Each of these documents has a template attached to them built in the respective applications and uploaded into the content types. I created a site here to house all of the content, and a default document library called feature requests.

Under site settings, look for site content types. Choose create. Name this ‘feature request document set’. The document set content type is in the document set content type’s group. Under that, choose the content type. Create a group to store this feature request document set and name it.

Take a look at advanced settings. This is where it is defined whether the document set is ‘read only’ and whether or not any changes to this document set should also be propagated to any document sets that were based upon this content type.

If we had a workflow that we wanted to attach to this document set, we could do that under workflow settings. Under that is where you delete the document set. Here we can also manage retention, audit barcode policies, etc. We can specify the specific document set settings and the Meta data. The Meta data I was going to specify was the requester, requested date and status.

  1. The requester may need to be created from scratch but for this video we can use ‘Referred By’.
  2. We’ll add requested date and make that a date and time column.
  3. And then add status, we’ll call this request status. Make that a choice field.
  4. Next make a dropdown menu with the following: started, in progress, approved, and declined.
  5. The default will be set to ‘started’ the instant you create the document set.

Define the allowed content types that will be in the document set. Select from the feature request content types and add each of these documents.

Choose each of the content types to tell SharePoint what should be provisioned when the document set gets created. Point to the template again. You may not actually want to use the same template that’s defined on the content type here in the document set, but in my case I do. These are the default pieces of content. Remove the default content type that’s just a blank word document.

Shared columns allow me to specify which of the default Meta data could also be created on the documents themselves. Out of the Meta data we created on the document set, I’ll create everything on the welcome page. If we have any content types already based on this one we can make an update. Select yes to do the update. Click ok.

The content type and document set are ready to go.

  1. Go under library settings
  2.  Enable the use of content types with the management of content types on this library under advanced settings.
  3. Click allow the management of content types.
  4. Scroll down and click ok.
  5. From here add from existing content types. Add from my feature request document sets. Click ok.

Make sure the default word document is not an option when we go to create a document set. Make it invisible by unselecting the checked box under visible. The feature request document set is now the default content for this library. Open the default all documents view and add in the referred by, the request date and the request status, so they appear on the default view.

We’re ready to test out the documents with a new feature. Any time we use a new feature, we need to go through this process:

  1. Select request feature document set and give it a name.
  2. Enter description, referred by and requested date.
  3. Notice the status is on ‘started’.
  4. Click save

Across the top is your welcome page. In the document sets you also have a separate tap to manage the document sets and complete various actions. This completes the document set creation process.



CISM Study Notes: Part I – Risk Assessment

written by: Mike Beevers on December 15th, 2014
Through an official partnership with (ISC)² we offer the most current, continually updated and rigorous CISSP authorized certification training on the market. Master the security concepts and best practices maintained in the CISSP Common Body of Knowledge, and get certified.

ASPE has teamed up with Tactical Security, Inc. to offer CISM training courses beginning with the June 2014 exam cycle.  In order for you to begin preparation, we are going to begin a series of articles to help you study for the CISM exam.  The CISM exam consists of four domains:

  1. Information Security Governance (24%)
  2. Information Risk Management and Compliance (33%)
  3. Information Security Development and Management (25%)
  4. Information Security Information Management (18%)

The percentages indicate the number of questions you are likely to see in each domain.  Please note that the percentages are in accordance with the 2015 version of the CISM exam.  The percentages may vary by year.

These study notes are designed to be quick snippets of information related to one or more topics within the exam.  Today we are going to look at Risk Assessment, a part of Information Risk Management and Compliance domain.

Risk is measured in impact and likelihood.  Impact will tell you how much damage or loss the company may incur, while likelihood indicates the chance of that loss incurring.  There are four main methods of assessing risk; quantitative, qualitative, Failure Mode and Effect Analysis (FME), and Fault Tree Analysis (FTA).

Click to continue »


Web Seminar Recap: What is DevOps? A Colorful Introduction

written by: Tegan Smith on December 12th, 2014

For decades, application developers and IT operations people have been set up in armed camps, often at odds with each other and unable to trace sources of frustration to their root cause. The business suffers while non-technical people wonder “what everyone in IT is doing.”

DevOps is a grassroots movement sweeping IT and project shops across the western world. Like any buzzword, there’s no exact definition and lots of misconception. However, the underlying forces and reasons behind the DevOps movement are clear. It’s an exciting and heady brew of corporate culture shifts, IT worker empowerment, amazing new tools, cloud computing capabilities, and movement towards a new vision of enterprise IT capability which is unified, agile, and oriented around the needs of the business. Properly understood, this movement reveals a world where it’s possible to deploy code faster and more effectively than ever – continuously, with an ethic of non-stop quality improvement and value for the business.

In this one-hour presentation by Chris Knotts on December 8th, 2014, we will take you on a tour of the DevOps movement and explain the massive potential that lies behind it.

Missed this seminar? Download the slides and recording here.


Security Certification

written by: Mike Beevers on December 9th, 2014
Through an official partnership with (ISC)² we offer the most current, continually updated and rigorous CISSP authorized certification training on the market. Master the security concepts and best practices maintained in the CISSP Common Body of Knowledge, and get certified.

People often ask “What certification should I go for after this?”  A simple question that requires a bit of a lengthy answer.  In a recent webinar for ASPE, Mark Williams gave a great account of the various security certifications available.

The question that must first be addressed is whether or not you are looking for a technical or a managerial certification.  There are many good certifications in either area.  Let’s split the conversation in half and tackle a couple of common technical certifications first.

Three technical certifications that are in high demand currently are Security + (put out by CompTIA), Certified Ethical Hacker (CEH) and Computer Hacking Forensic Investigator (CHFI) both from EC- Council.  Additionally there are many vendor specific technical certifications.  Not to diminish the importance of those certifications, we will be focusing on the more vendor neutral certifications here.

Click to continue »


Web Seminar Recap: DevOps for Executives

written by: Jennifer Johnson on December 8th, 2014

For managers and IT team leaders who want quick literacy on DevOps – how did something born of a Twitter hashtag become a transformational force in IT departments around the world? This web seminar is a one-hour primer from ASPE on DevOps and why it’s important to the world of IT projects.

“DevOps,” like any buzzword, carries no agreed-upon definition and lots of misconception. In some ways, it’s an odd and accidental term for something so significant and multifaceted. However, the underlying forces and reasons behind the DevOps movement are clear. It’s about corporate culture shifts, IT worker empowerment, amazing new tools, cloud computing capabilities, and movement towards a new way of managing IT work: unified, agile, and oriented around the needs of the business. Properly understood and pursued, DevOps holds the promise of higher quality operations and projects, higher IT worker retention, continuous deployment of code and products, more robust systems, higher levels of automation, and much more.

Missed it? You can find the slides and recording here.


Web Seminar Recap: Expert Q&A: Why the @*#! Is Everybody Getting Hacked?

written by: Tegan Smith on December 8th, 2014

Let’s be honest: data theft and digital attacks on established enterprise organizations have reached epic proportions. Top retailers and even companies who specialize in security consulting are being hacked almost every day. In September, JP Morgan suffered a devastating information breach – and they are said to have almost 1,000 staff and $250 million of budget dedicated to security. Even the largest companies and robust organizations are failing to secure their data against now-widespread threats: organized cybercrime, state-sponsored hackers, well-financed black marketeers, etc.

Why is the current security landscape so dysfunctional? Is it possible to keep your information secure these days? The reality is that although you are more likely than ever to be attacked, the majority of major attacks over the past couple years were actually preventable. The technology and processes to safeguard your organization do exist – but unfortunately our management methodologies and integration of security objectives into the business have lagged behind. It’s time to update your understanding of what it takes to prevent data theft in 2015 and beyond. Be prepared for a discussion that goes beyond technology and focuses on the real key to a secure organization – effective security management and process.

This one hour webinar, Expert Q&A: Why the @*#! Is Everybody Getting Hacked?, was held on December 3rd, 2014 at Noon EST by security expert Mark Williams. Attendees discussed why security failures have grown so rampant, and what to do to prevent them.

Missed this seminar? Download the slides and recording to catch up!


Using SharePoint Document Sets: Part II – Creating

written by: Tom Robbins on December 8th, 2014

The process of creating a document set can seem daunting at best to a new student. There are many steps required and depending on the functionality required by the business process, there can be many settings that have to also be configured. Document Sets are a content type that includes content types. Because of this, you must create the default content types before beginning configuration of the Document Set.

Let’s take an example of a “Feature Request”. The request will be made up of multiple document content types:

  • The feature request document which details the change or functionality request (.docx maybe)
  • A spreadsheet containing each line item requested in the feature request (.xlsx)
  • A presentation pitching the feature request and how it can add value to the software (.pptx)
  • A diagram representation of the algorithm specifications for the feature (.vsd)

All of these pieces of content will need to be managed together. As previously mentioned, we can certainly manage each piece individually, but we would use Document Sets to manage them as an entire package.

A summary of the steps required to set up the Document Set are listed below. In the next video blog post, I will take these steps and walk you through creating the document set in a live SharePoint site.

  1. Before you can begin creating the Document Set, you must plan for and create the document content types
    1. Create the folloing “document” content types (for each content type: attach a template if necessary, define document metadata (can be based on existing site columns), define information management policies if required, update the DIP template if you want, attach and document-specific workflows)
      1. Feature Request Explanation (.docx)
      2. Requet Detail (.xlsx)
      3. Proof-of-concept presentation (.pptx)
      4. Flow chart diagram (.vsd)

        Click to continue »


Using SharePoint Document Sets: Part I

written by: Tom Robbins on December 2nd, 2014

Using Document Sets in SharePoint 2013

Documents Sets are a feature of SharePoint introduced in SharePoint Server 2010.  Document Sets give teams a way of grouping documents together and managing them as a single work product or group.  Although I do it with a slight tongue-in-cheek, I compare Documents Sets to folders.  But I call them “Super Folders” because of all the features and object model components they include.  We as SharePoint users know that there are many features available to manage documents.  Features like versioning, permissions, metadata, Information Management policies, workflow, and document information panel configuration.   These features allow us to implement business processes and policies around single pieces of content.  But when we need to manage multiple pieces of content as a single work product, we would use Document Sets.  Folders do not give us all of the capabilities of Document Sets, so folders would not work.  While folders do have permissions, and do represent an antiquated way of information classification and categorization, they do not have the capability to have metadata, workflow, or information management policies.

Click to continue »


Understanding SharePoint Governance

written by: Tom Robbins on November 24th, 2014


The importance of SharePoint Governance cannot be understated.  But most “green” SharePoint organizations do not even consider Governance until it’s too late.  Many organizations even consider the Governance a simple document to be created and kept on hand just for the purpose of having one.  The Governance should be driving and managing your SharePoint deployment and ongoing production.   Before even placing SharePoint into production, the Governance should be well on its way to providing the central governing principles and management procedures for your SharePoint environment.

So what exactly is SharePoint Governance?

Click to continue »