Upload
others
View
0
Download
0
Embed Size (px)
Citation preview
NCR Consultants Limited www.ncrcl.com
Associates with
Information Security - An Introduction Page. 04
Praveena K R
Chaos…is what we choose
Page. 03
Volume 5 | Number 73 | Sep 2012 | Page 1– 12
Consultants’ Corner
3 Message from Dr. RSM
4 Information Security - An Introduction
6 Identify self-sabotaging be-haviour and avoid it
7 Enjoy the Situation 8 What’s up at NCRCL?
9 An Exclusive Talk
10 Parichay
11 Knowledge Snippet
11 Birthday Greetings
11 Just for Laughs
11 Round Table
Inside
Our Mission is to apply our professional capabilities with a holistic approach for the happiness of clients,
through values and social commitment.
Information Security - An Introduction
Information is an organizational asset far more important than the actual hardware
that houses it. When this fact is neglected, this asset literally and figuratively walks
out the door at considerable expense to the organization.….…
-read more...page 4
An exclusive talk with Karthik
Enjoy the Situation In Washington, DC, at a Metro Station, on a cold January
morning in 2007, this man with a violin played six Bach
pieces for about 45 minutes. During that time,
approximately 2,000 people went through the station, most
of them on their way to work. …...
read more..page 7
see more..page 9
Parichay
Altacit Global
see more..page 10
News
Identify self-sabotaging behaviour and avoid it ―My project is my topmost priority. I cannot involve myself
in other activities.‖ These are the words of Ramya, a
qualified IT professional. Ramya displayed a block with
regard to working as a team and being involved in
activities that require extra effort..………
read more..page 6
see more..page 8
1 2 3 4 5 6 7 8 9 12 10 11 Consultants’ Corner
Chaos…is what we choose
Dr. R. S. Murali
In the last two months we have been discussing about
what we need to do in order to get rid of Chaos that we
meet in day to day life. Chaos or obstacles or problems
or issues arise due to various reasons. Some seem to be
originating externally and some internally. But the facts of
living science tell us how these can be tackled. This is
what we have been discussing the last two months.
Last month, we began discussing on the premise ―Chaos
originates in our day to day work primarily due to: lack of
knowledge, not organizing ourselves, not using
appropriate approach/methodology in what/how we do,
and the way we react/interact with others‖. Initially we
discussed on organizing/planning, and discussed how
knowledge plays a major role in various decisions we
take, and how interaction with others need to be done.
After discussions relating to these, we started focusing
on: Exercise, Diet and Meditation. Last month we
discussed about Exercise and Diet and now it is time for
meditation.
Meditation is one of those words used frequently and
mostly misused. A few decades ago the term meditation
was less popular than today. Usage of this word was
restricted to a spiritual few. Thanks to the communication
technologies and the interest shown by the western
world, the word has become so popular and has also
been extensively commercialized.
Very few people know that the word ―Dhyan‖ (meditation
in Sanskrit) became ―Chan‖ in China and ―Zen‖ when it
found its way to Japan. Now the word Zen is associated
more with Buddhism than with Hinduism. Technically the
term ‗Dhyan‘ means ‗attention‘. The issue is what is this
attention and in which context?
The word attention can be interpreted in many ways:
concentration, observation, awareness and so on. Also
today meditation has been made into a technique, and
part of yoga or mind/body training. Let us understand first
what is meditation conceptually.
Meditation is the process of observing oneself – this and
this only is true meditation. How does one observe
oneself? Firstly, one has to understand oneself. What he/
she is made of? – the body, mind, intellect combination
and the role of each. Cutting this process short at the end
of the analysis one understands that the true self is not
this body or the mind but the true substratum behind
these. From this position one should be able to observe
what the mind and body do. This process is called
meditation; and for people with good understanding and
no ego, this can happen throughout the day in every
activity they do. Such persons can do any job well and
will always be efficient as there is no ego in them. This is
the true meditation.
Actually it is very simple
but it requires very good
understanding inwardly.
The true happiness in
everything we do is the
direct result of such
meditative disposition.
Possibly for the purpose
of understanding, we can call it vedantic meditation.
The popular form of meditation that is yogic meditation
makes one‘s body and mind efficient. There can be no
time when the mind will keep quiet. In the former
meditation discussed one would observe how the mind
behaves and how the thoughts originate. In this yogic
meditation, one tries to reduce the multiple thoughts to
single thought so that there is order, concentration and
peace. By making the thought single one gets a lot of
energy to do day to day work efficiently. This is often
done by chanting a mantra repeatedly (small or big) or
following a piece of music. In these cases, there is a bit of
imagination but through the process of imagination the
required concentration and hence peace is experienced.
Whether we prepare ourselves through the yogic or
vedantic meditation, it is extremely important that we get
into the routine of meditation. At NCRCL, we are
spending about half an hour every week on Friday on
meditation, which is totally yogic meditation, which is a
beginning. Now what are the results of such a practice?
First and foremost, we can feel the peace and mental
energy.
Many of our colleagues in NCRCL have told me that they
feel thoroughly refreshed after the meditation session.
Yes this is a fact as all the stress and tension bearing
thoughts are cut-off. This helps in becoming efficient as
there is freshness and peace. It is like clearing the
temporary memory in our computers by which the system
starts working efficiently. As frequently as we clear this
RAM, our system will work efficiently. This means that we
should practice meditation more frequently.
The chaos in our day to day work thus can be reduced
by: Systemic approach to work, increasing our
knowledge, using right methods, increasing interaction
with others effectively. Along with this, we need to have
right amount of physical exercises supported by
consuming good and satvic food. To top all these up, at
least yogic meditation should be done. We should
gradually graduate ourselves to Vedantic Meditation.
These are simple prescriptions and once we do all these
it will be easy for us to realize and recognize that in most
of the cases chaos is created by our own selves!
Information Security - An Introduction Praveena K R
Information as an Asset
Information is an organizational asset far more important
than the actual hardware that houses it. When this fact
is neglected, this asset literally and figuratively walks out
the door at considerable expense to the organization. To
be an effective organization one needs to treat
information as valuable asset, with the concomitant
priority, resources, and procedures. Most information
today is created, stored, transported, or processed at
least in part using information technology (IT). No one
denies the necessity to adequately protect the IT
landscape. In addition, information from all other phases
of business processes must be adequately protected. IT
security incidents such as the disclosure or manipulation
of information can have wide-ranging, adverse affects to
a business or can prevent the organisation from
performing its tasks, resulting in high costs.
Need for Information Security
The meaning of information security is Safe-guarding
an organization's data f rom unauthorized
access or modification to ensure its availability,
confidentiality, and integrity. Business information might
be printed on paper, kept on computer systems or
stored in the minds of the users. Additional generic
terms used in information security include, for example,
authenticity, validity, reliability, and non-deniability.
Information security may be threatened by various
factors. Some illustrations are given below:
Wilful acts such as computer viruses,
interception of communications or computer
theft,
Force majeure (e.g. fires, flooding, storms and
earthquakes) can directly affect data media, IT
systems or block access to the computer centre.
Documents, IT systems or services are
therefore no longer available as required,
After an unsuccessful software update,
applications cease to function or data has been
modified without being noticed,
An important business process is delayed
because the only staff members familiar with the
software application are ill, or
Confidential information is inadvertently passed
on to unauthorised persons by a staff member
because documents or files have not been
marked "confidential".
ISMS definition & its components
Information Security Management Systems (ISMS) is a
systematic and structured approach to managing
information so that it remains secure. ISMS
implementation includes policies, processes,
procedures, organizational structures and software and
hardware functions. The ISMS implementation should
be directly influenced by the organization‘s objectives,
security requirements, processes employed, size and
structure. An ISMS specifies the instruments and
methods that the management should use to clearly
manage (plan, adopt, implement, supervise and
improve) the tasks and activities aimed at achieving
information security. ISMS involves the following
essential components:
1. Management principles
2. Resources
3. Personnel
4. Information security process. This includes:
a) Policy for information security in which the
information security objectives and strategies for
their implementation are documented
b) Information security concept
c) Information security organisation
Kindness and compassion toward all
living things is the mark of a civilized
society.
- Cesar Chavez
1 2 3 4 5 6 7 8 9 12 10 11 Consultants’ Corner
Information Security Standards
The various important standards in respect of
Information Security have been listed below:
1. ISO/IEC 27002:2005 (Code of Practice for
Information Security Management): This is an
international standard that originated from the
BS7799-1, one that was originally laid down by the
British Standards Institute (BSI). ISO/IEC
27002:2005 refers to a code of practice for
information security management, and is intended
as a common basis and practical guideline for
developing organisational security standards and
effective management practices.
2. ISO/IEC 27001:2005 (Information Security
Management System -Requirements): This
standard specifies the requirements for establishing,
implementing, operating, monitoring, reviewing,
maintaining and improving a documented
Information Security Management System (ISMS)
within an organisation. It is designed to ensure the
selection of adequate and proportionate security
controls to protect information assets.
3. ISO/IEC 15408 (Evaluation Criteria for IT Secu-
rity: This standard is commonly known as the
―Common Criteria‖ (CC). It consists of three parts:
ISO/IEC 15408-1:2005 (introduction and general
model), ISO/IEC 15408-2:2005 (security functional
requirements) and ISO/IEC 15408-3:2005 (security
assurance requirements). The standard helps
evaluate, validate, and certify the security assurance
of a technology product against a number of factors,
such as the security functional requirements
specified in the standard.
4. COBIT: The Control Objectives for Information and
related Technology (COBIT) is ―a control framework
that links IT initiatives to business requirements,
organises IT activities into a generally accepted
process model, identifies the major IT resources to
be leveraged and defines the management control
objectives to be considered‖. The IT Governance
Institute (ITGI) first released it in 1995, and the
latest update is version 5.0, published in 2012.
COBIT is increasingly accepted internationally as a
set of guidance materials for IT governance that
allows managers to bridge the gap between control
requirements, technical issues and business risks.
Based on COBIT 4.1, the COBIT Security Baseline
focuses on the specific risks around IT security in a
way that is simple to follow and implement for small
and large organisations.
Advantages of ISMS Certification
The various advantages for an organisation in getting its
ISMS certified by ISO are as follows:
Provides a structured way of managing
information security within an
organisation
Provides an independent assessment of an
organization‘s conformity to
the best practices agreed by a community of
experts for ISMS.
Provides evidence and assurance that an
organization has complied with
the standards requirement.
Enhances information security governance
within the organization.
Enhances the organization‘s global positioning
and reputation.
Increases the level of information security in the
organization.
ISMS Consultancy Opportunity
In the current age of Information revolution, ISMS
provides a tremendous opportunity for Management
Consultants. Organisations are showing increasing
interest in complying with ISO 27000 series. Consultants
can fit in umpteen roles in this process; as planners,
designers, implementers, auditors, etc. At this juncture it
is important to equip oneself with IS related
qualifications such as CISA, CISSP, CISM, etc. and
certifications provided by reputed institutions such as
BSI, ICAI, etc.
Related Links:
Some links that make a useful read on this topic are:
http://www.isaca.org/cobit/pages/default.aspx
http://www.27000.org
Concentrate all your thoughts upon the work at
hand. The sun's rays do not burn until
brought to a focus.
- Alexander Graham Bell
1 2 3 4 5 6 7 8 9 12 10 11 Consultants’ Corner
―My project is my topmost priority. I cannot involve
myself in other activities.‖ These are the words of
Ramya, a qualified IT professional. Ramya displayed a
block with regard to working as a team and being
involved in activities that require extra effort. This
behaviour alienated her from the others and left her with
hardly any friends. However, Ramya was convinced that
she was being a thorough professional in spite of her
immense personal issues.
What went wrong with Ramya? She developed
self-sabotaging behaviour which psychologists also term
as ‗self handicapping‘ behaviour. This behaviour forms a
protective wall from the outside world and allows the
person to avoid failures through assuming an imaginary
obstacle on the path, procrastination, and negative
beliefs about oneself.
Research indicates that this leads to negative
self-esteem where a person is encouraged to make
excuses for poor performance. A recent research on
‗self-sabotage and why some people can‘t handle
success‘ was done by Dr. Jason Plaks from the
University of Toronto along with Kristin Stecher from the
University of Washington. They found that performance
goes down when people have a fixed view of their
abilities which makes them disoriented and anxious if
they are successful.
People like Ramya try to escape by switching jobs
frequently as adapting themselves to an environment
becomes difficult.
This is because they are convinced that they are right
and the world has turned against them! They fear failure
and feel safe in their protective cocoon of negative
self-esteem.
What are the signs of self-sabotaging behaviour? This
behaviour is very subtle and soon becomes a habit
leading to a definite pattern before you realise that you
are a victim of this behaviour. There is no logical or
reasonable explanation for this condition.
The excuses form a pattern and vary from physical
ailments to not having enough time to complete the
tasks. The mental patterns include not accepting the
subconscious truth but substituting it with the pain of the
conscious mind which is a strong weapon preventing
you from thinking beyond it!
Fear, focussing on things that are not right, drifting with
no real purpose, falling or failing relationships are some
of the tell tale signs which need to be identified and
accepted for taking any step towards overcoming this
behaviour.
Identify self-sabotaging behaviour and avoid it Rekha Murali
(As published in ‗The Hindu—opportunities‘ dated July 18, 2012)
What can we do to overcome self-sabotaging
behaviour? Some simple steps include:
Acceptance: The first step would be identifying and
accepting that your behaviour needs to change and that
it is ruining you from being the person you could be!
Warning signs: Watch for the warning signs and shift
your focus to all the small things that work well for you.
Talk to a colleague or mentor to steer you on to the right
course.
Set Goals: Convert all your excuses into small short
term goals to be achieved one by one. This can be done
by making a to-do list or having placards of the goal
placed in strategic areas as reminders.
Change thinking: Replace the negative thoughts with
positive ones that would motivate you to accomplish
your goals. Maintain a journal of all the positive
outcomes of each day for motivation.
Fear: Admit and accept failures as they lead you to the
path of success. Graciously accept negative feedback to
avoid the fear of failure, accepting that it is a learning to
achieve mastery.
Relationships: Appreciate the people in your life by
looking at the qualities that you value in each
relationship. This will motivate you to imbibe the values
and also sustain the relationship. Give and take is an
important part of any relationship. Create time to
acknowledge the other person with all the traits on a
regular basis.
Inner enemies: Recognise that the enemies are the
thoughts within you and therefore catch yourself each
time you blame the big bad world outside.
Professional help: If none of the above steps works, get
professional help for assistance in overcoming this
problem. This is something that can be easily rectified.
Accepting that you need to change requires a lot of
courage. This would motivate you to put in your best
effort towards the desired change. It is ultimately in the
hands of each individual to tap the inherent talent and
potential towards learning and growth to lead a fulfilling
and enriching life!
Turn your face toward the sun and the
shadows will fall behind you.
- Maori Proverb
1 2 3 4 5 6 7 8 9 12 10 11 Consultants’ Corner
Enjoy the Situation Suresh C S
In Washington, DC, at a Metro Station, on a cold January morning in 2007, this man with a violin played six Bach pieces
for about 45 minutes. During that time, approximately 2,000 people went through the station, most of them on their way
to work. After about 3 minutes, a middle-aged man noticed that there was a musician playing. He slowed his pace and
stopped for a few seconds, and then he hurried on to meet his schedule.
About 4 minutes later:
The violinist received his first dollar. A woman threw money in the hat and, without stopping, continued to walk.
At 6 minutes:
A young man leaned against the wall to listen to him, then looked at his watch and started to walk again.
At 10 minutes:
A 3-year old boy stopped, but his mother tugged him along hurriedly. The kid stopped to look at the violinist again, but
the mother pushed hard and the child continued to walk, turning his head the whole time. This action was repeated by
several other children, but every parent - without exception - forced their children to move on quickly.
At 45 minutes: The musician played continuously. Only 6 people stopped
and listened for a short while. About 20 gave money but continued to walk
at their normal pace. The man collected a total of $32.
After 1 hour:
He finished playing and silence took over. No one noticed and no one
applauded. There was no recognition at all.
No one knew this, but the violinist was Joshua Bell, one of the greatest
musicians in the world. He played one of the most intricate pieces ever
written, with a violin worth $3.5 million dollars. Two days before, Joshua
Bell sold-out a theatre in Boston where the seats averaged $100 each to sit
and listen to him play the same music.
This is a true story. Joshua Bell, playing incognito in the D.C. Metro Station,
was organized by the Washington Post as part of a social experiment about
perception, taste and people's priorities.
This experiment raised several questions:
In a common-place environment, at an inappropriate hour, do we perceive beauty?
If so, do we stop to appreciate it?
Do we recognize talent in an unexpected context?
One possible conclusion reached from this experiment could be this:
If we do not have a moment to stop and listen to one of the best musicians in the world, playing some of the finest music
ever written, with one of the most beautiful instruments ever made.
How many other things are we missing as we rush through life?
Enjoy life NOW. It has an expiration date!!!!!
Source: Internet
It is our choices that show what we truly are, far more than our abilities.
- JK Rowling
1 2 3 4 5 6 7 8 9 12 10 11 Consultants’ Corner
What’s up at NCRCL?
Kishore attended a workshop on Enhancing Business Performance through Process Mapping, conducted by CII at
Puducherry on August 28, 2012
Rekha Murali presented a paper on ―Emotions and Well-being‖ at a national seminar on ―well-being across life spans‖
organised by Ethiraj college for Women, Chennai on August 20, 2012.
Representatives of the State Audit Department of Andhra
Pradesh visited NCRCL Bangalore on 8th August 2012.
VRS and Ashok took them through the implementation of
FBAS in BBMP.
VRS and Ashok visited State Institute of Rural
Development in Mysore on 14th August 2012. See the
training studio for conduct of online training.
1 2 3 4 5 6 7 8 9 12 10 11 Consultants’ Corner
An Exclusive Talk with Karthik M V
Karthik M V
Working as Consultant Born on 06th March Email: [email protected] Mob No: +91 9036146369
CC. The meaning of your name.
Karthik: I was named after my star ―Karthika‖ in Malayalam. And there ends the story I think!
CC. Nickname.
Karthik: M V
CC. Your dream job.
Karthik: Where my work involves a lot of talking and meeting new people.
CC Your first impression of NCRCL.
Karthik: An unusual work profile for a fresh CA to have.
CC. What personal/emotional characteristic of yours do you want to change?
Karthik: My anger and laziness
CC. Money or job satisfaction?
Karthik: Job satisfaction any day but for the last day of the month!!!
CC. Your Stress buster.
Karthik: Music and Outdoor Sports
CC. Do you have a small circle of close friends, rather than a large number of friends?
Karthik: Large number of friends. And yes, some are 3 a.m. friends too.
CC. What do you most like about a person?
Karthik: Confidence
CC. What do you most hate in a person?
Karthik: Practicing not being judgemental these days. Accepting the way people are gives YOU peace.
CC. Team work vs Individual work – your comments.
Karthik: Depends on the sport we are playing!
CC. Do you make efforts to get others to laugh and smile?
Karthik: Yes I make my efforts. But the rest is not in my hands!!
CC. Your heart rules your head or your head rules your heart?
Karthik: Head rules!
CC. What kind of special talent do you have?
Karthik: Nothing
CC. What are your hobbies?
Karthik: Playing, Reading and Music. Any of these three and I am busy for the whole day!
"You may say that I'm a dreamer but I'm
not the only one, I hope someday you'll
join us and the world
- John Lennon
1 2 3 4 5 6 7 8 9 12 10 11 Consultants’ Corner
Parichay Know our Associates!
Altacit Global
Altacit Global is a boutique legal firm specialising in Intellectual Property and Corporate Legal
Matters. They have a strong international flavour in their working practices addressing needs of
individual industry groups.
Altacit Global's Quality Management Systems for the provision of Intellectual Property and Legal
Consulting Services has been certified by the Quality Austria Central Asia as being compliant with
ISO 9001:2008. Their core team consists of professionals who come from multidisciplinary and diverse
backgrounds such as science, engineering, law, chemical, pharmaceutical, medical and business
administration.
Altacit Global invests substantive resources into practice development based on extensive research.
The firm works closely with many Industry Associations and Chambers of Trade and Commerce in
disseminating knowledge. Situated in important cities of Chennai, Bangalore and Coimbatore they are
home to Intellectual Property & Trademark Office [Branch], Intellectual Property Appellate Board,
High Court of Madras, High Court of Karnataka and Indian Geographical Indications Registry.
NCRCL is associated with Altacit Global the past two years and have been jointly involved in
consulting work pertaining to IP and legal Matters. Some interesting projects which included brand
valuation has been successfully completed as a joint venture.
Answer To last month’s Knowledge Snippet question:
In which unit is the speed of computer mouse measured?
Answer: Mickew
Ha Ha Ha !!!
Knowledge Snippet
Happy Birthday!
Which management guru with a background in medicine wrote a book called the "Mechanism of Mind"?
Send in your answers to the editor at [email protected]
Ever tried. Ever failed. No matter. Try Again. Fail again. Fail better.
- Samuel Beckett
U.S.Mohanty - 4th Sep
R.S.Murali - 5th Sep
Roopa Kamath - 22nd Sep
Karthikeyan - 1st Sep
For feedback
If you have any comment/suggestion for the
editors, please write to us at [email protected]! Your
views and comments on articles featured here are
also welcome!
1 2 3 4 5 6 7 8 9 12 10 11 Consultants’ Corner
Bhavana R - 14th Sep
Our Business Associates
NCR & Co
Chartered Accountants www.deltacadd.com
www.nathaninc.com
www.hsbconsulting.biz www.obsitech.com
www.altacit.com
www.fichtner.in/india.htm
www.4spl.biz
www.ineval.org
www.fugoconsulting.com
Karnataka Institute of
Public Auditors www.mcmillanwoods.com
Registered Office:
2nd Floor, New No. 4, Old No. 23, C P Ramasamy Road, Alwarpet,
Chennai - 600 018
Ph: +91 44 2466 0955
Fax: +91 44 4218 5593
Email: [email protected]
Branch Office:
#107, 1st Floor, Railway Parallel Road, Kumara Park West,
Bangalore - 560 020
Ph/Fax: +91 80 23560265
Email: [email protected]
Contact
Website: www.ncrcl.com
NCR Consultants Limited
i2i IFRS