$BlogRSDUrl$>
linking INTEGRITYIntegrity - use of values or principles to guide action in the situation at hand.Below are links and discussion related to the values of freedom, hope, trust, privacy, responsibility, safety, and well-being, within business and government situations arising in the areas of security, privacy, technology, corporate governance, sustainability, and CSR. BIT, Inc. - Newsletter, 30.11.03
Process Improvement News: "Can you measure the benefits of your process improvement effort and other quality initiatives? Is there duplication of effort and limited communication with your various quality initiatives? "
Interesting article on A Process Approach To HIPAA Compliance Through A HIPAA-CMM©, by Ronald L. Krutz, Ph.D., PE, CISSP.
A HIPAA-CMM and assessment methodology have been developed by Corbett Technologies as a standard for evaluating HIPAA compliance. With appropriate guidance and use of the SSE-CMM PAs and the defined HPAs to achieve the additional granularity and coverage as required, the HIPAA-CMM provides a formal, repeatable and consistent methodology to assess an organization's HIPAA compliance. This approach will identify areas of strong compliance, marginal compliance and lack of compliance and provide a consistent basis for defining remediation means. Inherently, the HIPAA-CMM also serves as a tool for implementing continuous improvement and evaluating the effectiveness of the improvement measures.
Additional information on the HIPAA-CMM can be found at the Corbett-Technologies, Inc. web site at www.corbett-tech.com.
(0) comments City of Toronto, 26.11.03
Council Updates and Community News: "Why the City of Toronto Needs an Integrity Commissioner" An Integrity Commissioner, especially when combined with a Lobbyist Registry, could help restore public confidence that City Hall is operating in a responsible manner with high standards of ethical conduct.
How should elected officials deal with the pleas and benefactions of lobbyists? What kind of contact is appropriate between city staff and their suppliers and commercial contractors? What is appropriate for political aides with access to privileged information both while they are in the employ of elected officials and after their employment ends? How does City Hall ensure the highest ethical conduct and public accountability? These kinds of questions are a sign of the times. (0) comments Hollinger offers a cautionary tale,
Why it has found itself in the governance quagmire it now faces.
[...]
In the company's assessment, its failure to 'identify, prevent or fully disclose' transactions that are at the centre of its current scandal is the fault of three factors: the presence of the same executives managing both Hollinger International and its parent company, Hollinger Inc.; the lack of a clear policy for dealing with related-party transactions; and the absence of a policy that related-party deals must be negotiated by officers who do not have a significant personal interest in the outcome of the deal.
For a company that has never paid much attention to new-fangled ideas of full disclosure, this small paragraph of honesty was revolutionary. It was a clear attempt to signal that a new guard is running the shop and is willing to criticize bluntly the old ways.
Other companies can extract some broader lessons from Hollinger International's mea culpa, even if few of them have such astoundingly weak procedures that they would require a full Hollinger-style overhaul."
Selected highlights:
Further SEC requirements:
(not a complete list) (0) comments Hollinger Audit Committee Resigns, 23.11.03
Audit Committee: "Given the boardroom split, the committee issued a statement saying: 'The members of the audit committee believe that they are no longer in a position to serve effectively'. Hollinger Inc no longer has an audit committee following the resignations.
The departing independent directors are Douglas Bassett, the Canadian TV businessman, retail entrepreneur Fredrik Eaton, Allan Gotlieb, a former Canadian ambassador to the US, and Maureen Sabia, a board member at Canadian Tire."
CLB: When must watchdogs take a stand? When are their own standards and and their other responsibilities at risk? (0) comments For security ask yourself...what would Microsoft do?,
For security ask yourself...what would Microsoft do?:
"In the paper, Microsoft describes its risk management strategy, which involves classifying different computing resources according to their 'value class' -- from servers hosting the Windows source code down to test servers. Microsoft also provides guidance on how its security group assesses the potential risks and threats to those assets and creates policies to secure the assets that are appropriate, given the value of the data they contain. " (0) comments Forensics course breaks new ground,
Forensics course breaks new ground:
"[...]'The whole intent of the program was to obviously improve standards and skill levels in this particular branch of accounting,' said Gary Moulton, partner in forensic services at Deloitte and Touche and member of the CICA's alliance for excellence in investigative and forensic accounting. 'When I got into this 20 years ago, because it was so new, there weren't any courses. As time went on, we saw a need developing,' When it comes to forensic accounting, learning on the job just isn't good enough anymore, adds Len Brooks, director of the DIFA program at Rotman.
'It's a program which is much needed because organized and unorganized white collar crime is really a growth phenomenon. The minds at work on the other side are quite clever,' Brooks said.
'The issue is that it takes a long time to learn because your experience isn't sequential, it isn't organized. You don't have access to experts. You're learning from your own mistakes in many cases.'
Nor is the standard chartered accounting training good enough.
'When you go to the forensic and investigative accounting field, you've got to have an extra dimension of professional skepticism. Instead of a watchdog, you've got to be a bloodhound. You've got to be more alert to the possibilities for fraud, for misconduct,' Brooks said." (0) comments The Feelings Economy, 16.11.03
Welcome to the Feelings Economy: "A simple Theory of Everything in Business: in an oversupplied economy, customer feelings drive purchase decisions and profitability. "
(0) comments Advanced Security Industry Database in Canada, 7.11.03Advanced Security Profile - Integrity Incorporated, a profiled advanced security company in the report,
Review the Executive Summary: Highlight: convergence between info sec and physical security companies, both services and hardware.
(0) comments Canadian Homeland Security,A Patch in Time Saves Nine: Liability Risks for Unpatched Software,
Steptoe & Johnson: "The old saw that 'a stitch in time saves nine' also applies to computer security. No computer software is perfectly secure, but much of the damage from Internet virus and worm attacks can be prevented by promptly installing software security patches. But even in corporate environments, compliance with patch recommendations can be, well, patchy. And as the public grows less tolerant of Internet insecurity, there is increasing reason to fear that a failure to patch will become the basis for lawsuits and regulatory penalties. The attached paper prepared by Stewart Baker and Maury Shenk provides a more detailed analysis of this issue."
(0) comments Managing With Soul,
Managing With Soul: Combining Corporate Integrity With the Bottom Line : "... corporations not only have a moral duty to be good citizens but can also improve their own commercial prospects in the process of doing business in an ethical way..."
(0) comments Complacency, Leadership Vacuums Hurt Start-Up Companies; New White Paper Uncovers Common Pitfalls Undermining Technology Venture-Backed Boards,
CLICK
Recommendations from the report include:
(0) comments
Archives07.03 08.03 09.03 10.03 11.03 12.03 01.04 02.04 03.04 04.04 05.04 06.04 07.04 08.04 09.04 10.04 11.04 12.04 01.05 02.05 03.05 04.05 05.05 06.05 07.05 08.05 09.05 10.05 11.05 12.05 01.06 02.06 03.06 04.06 05.06 06.06 08.06 09.06 10.06 11.06 01.07 02.07 03.07 04.07 07.07 08.07 09.07 10.07 05.08 06.08 |