Upload
consultants-corner-magc
View
218
Download
3
Tags:
Embed Size (px)
DESCRIPTION
Â
Citation preview
NCR Consultants Limited www.ncrcl.com
An Associate of
Volume 7 | Number 79 | Mar 2013 | Page 1– 12
Consultants’ Corner
Information Security Management System
(ISMS) - A closer Look (Part III Page. 04
Doing things properly Page. 03
Drawing by Gopal Agarwal in the Drawing
competition held at NCRCL Bangalore
3rd Place
3 Message from Dr. RSM
4 Information Security Man-agement System (ISMS) - A closer Look (Part - III)
6 Developing self-awareness
7 Blood group check out your traits!!
8 What’s up at NCRCL?
9 An Exclusive Talk
10 Parichay
12 Quiz Corner
12 Birthday Corner
12 Ha Ha Ha !!!☺
Inside
Our Mission is to apply our professional capabilities with a holistic approach for the happiness of clients,
through values and social commitment.
Information Security Management System (ISMS) - A closer Look (Part
III)
A BIA report quantifies the importance of business components and suggests
appropriate fund allocation for measures to protect them. The possibilities of failures
are likely to be assessed in terms of their impacts on safety, finances, marketing,
legal compliance, and quality assurance. .….…
-read more...page 4
An Exclusive Talk with U Shrikantha Maiya
Parichay
Nathan India
see more..page 10
Developing self-awareness
Consider a colleague at the workplace who shares
excellent rapport with others. This colleague is always
thoughtful, thinks about others‟ needs and feelings, is
humble about her strengths......
read more..page 6
see more..page 10
What’s up at NCRCL?
Blood group check out your traits!!
Blood group O, A, B, AB.…....
read more..page 7
see more..page 9
1 2 3 4 5 6 7 8 9 10 11 12 Consultants’ Corner
Doing things properly Dr. R. S. Murali
Message from Dr. RSM
Every time I look for a fix for my electrical or plumbing needs, I don‟t land up on the right
guy. In the field of medicine the system of „family doctor‟ is gone. Same is the situation
with the family plumber, family electrician and so on. Even the personal banking
branches of banks have people who do not know their customers -nothing personal
there! Are all these indicators of growth and development?
I think some are very unique to India. As days go by, the quality goes down! Right from
electrical plug to stainless steel vessels - in everything the quality has gone down. When we talk of education we say
India‟s literacy has increased but has learning increased? Teachers fail in government examinations. The conceptual
understanding of every student seems to have gone down in the recent past, particularly in the last decade.Is this quality
deterioration because of the speed at which the changes are taking place? Is it because the general attitudes and think-
ing have undergone a major change?
A country like India, which was contributingto about a third of global GDP till a few centuries back, deteriorating like this
is not acceptable. Gandhi said any change we wish to see should start from within us. So, let us look at ourselves first.
Every work we do, whether official or personal do we do them:
Earnestly?
Effectively?
Efficiently?
Excellently?
Enjoyably?
If not, why? I have spoken to students who are not interested in
studies or even a single subject but who want their qualifications,
and I have been talking to students doing professional courses like
CA but repeatedly fail. A common answer from all the students is
that they are either unlucky or they are feeling bored. The period
they have to invest in preparing themselves for life, they spend in-
stead in unwanted things, in an unfocussed manner, and blame
everything else, from their stars to their luck! These are indications
of internal inefficiency and inadequacy.
We need to do this properly. This means “giving ourselves fully” to
the work we do. We need to understand how to immerse ourselves in our work. When we immerse, concentration
automatically arises, intuition develops, innovation happens. We need to learn to go deeply in our work. Students hate
exams because they are not familiar with the subjects, executives do not do their work properly because they do not
involve themselves in their work. Familiarity, involvement, interest, commitment, whatever the words we use, it ulti-
mately boils down to getting immersed in the work. Unless this is done quality cannot improve, delivery cannot take
place, understanding does not happen, and happiness does not result.
Is it so very difficult to immerse yourself in your work? Why don‟t you try for a week and get back with your experience?
We can discuss…
Happiness is a skill. It requires effort and time.
- Andrew Weil
Information Security Management System (ISMS)
- A closer Look (Part III)
Praveena K R
1 2 3 4 5 6 7 8 9 10 11 12 Consultants’ Corner
contd on next page
E. Business Impact Analysis (BIA)
A BIA report quantifies the importance of business
components and suggests appropriate fund allocation
for measures to protect them. The possibilities of failures
are likely to be assessed in terms of their impacts on
safety, finances, marketing, legal compliance, and
quality assurance. Where possible, impact is expressed
monetarily for purposes of comparison. For example, a
business may spend three times as much on marketing
in the wake of a disaster to rebuild customer confidence.
This is an essential component of an organization's
business continuance plan; it includes an exploratory
component to reveal any vulnerabilities, and a planning
component to develop strategies for minimizing risk. The
result of analysis is a business impact analysis report,
which describes the potential risks specific to the organi-
zation studied. One of the basic assumptions behind BIA
is that every component of the organization is reliant
upon the continued functioning of every other
component, but that some are more crucial than others
and require a greater allocation of funds in the wake of a
disaster. For example, a business may be able to
continue more or less normally if the cafeteria has to
close, but would come to a complete halt if the
information system crashes.
A sample series of questions a BIA team must look to
answer will be:
What critical interdependencies exist between
internal systems, applications, business
processes, and departments?
What specialized equipment is required and how
is it used?
How would the department function if the
mainframe, network and/or Internet access were
not available?
What single points of failure exist and how
significant are those risks?
What are the critical outsourced relationships and
dependencies?
F. Business Continuity Planning (BCP) & Disaster
Recovery (DR)
Business Continuity Planning involves identifying,
developing, acquiring, documenting and testing
procedure and resources that will ensure continuity of an
organisation's key operations in the event of an
accident,
disaster, emergency, and / or threat..
It involves
risk mitigation planning (reducing possibility of
the occurrence of adverse events), and
Disaster Recovery planning (ensuring
continued operation in the aftermath of a
disaster).
These plans are drawn up based on the BIA Report, as
this gives a clear indication of the business critical
processes that have to be focussed on.
Some basics to cover in a Business Continuity plan are:
Develop and practice a contingency plan that
includes a succession plan for the CEO.
Train backup employees to perform emergency
tasks.
Determine offsite crisis meeting places
and crisis communication plans for top
executives.
Practice crisis communication with employees,
customers and the outside world.
Invest in an alternate means of communication
in case the phone networks go down.
Make sure that all employees-as well as
executives-are involved in the exercises so that
they get practice in responding to an
emergency.
Make business continuity exercises realistic.
Form partnerships with local emergency
response groups—fire fighters, police and EMTs
- to establish a good working relationship.
Evaluate the company's performance during
each test, and work toward constant
improvement. Continuity exercises should
reveal weaknesses.
Test the continuity plan regularly to reveal and
accommodate changes. Technology, personnel
and facilities are in a constant state of flux at
any company.
Don't judge each day by the harvest you
reap but by the seeds that you plant.
- Robert Louis Stevenson
1 2 3 4 5 6 7 8 9 10 11 12 Consultants’ Corner
There is hope if people will begin to awaken that spiritual part of themselves, that heartfelt knowledge
that we are caretakers of this planet. - B M Eagle
Disaster Recovery Plan is a subset of BCP. But covers
elaborate details such as a documentation of the
procedures as to declaring emergency, evacuation of
site pertaining to nature of disaster, active backup,
notification of the related officials/DR team/staff,
notification of procedures to be followed when disaster
breaks out, alternate location specifications, etc. It is
beneficial to be prepared in advance with sample DRPs
and disaster recovery examples so that every individual
in an organization are better educated on the basics.
Documentation should include identification and contact
details of key personnel in the disaster recovery team,
their roles and responsibilities in the team.
The lifecycle in information security
Security is not a permanent state which, once achieved,
will never change. Every organisation and public agency
is subject to continuous dynamic changes. Many of
these changes also affect information security due to
changes in the business processes, tasks,
infrastructure, organisational structures and the IT.
Besides the obvious changes within an institution,
changes to the external conditions can also occur, for
example, the statutory or contractual stipulations as well
as the available information and communications
technologies might change considerably. It is therefore
necessary to manage security actively so that the
security level that has been reached is also maintained
over the long term.
Not only business processes and IT systems have a
"lifecycle"; the policy for information security, information
security organisation and ultimately the entire
information security process all have a lifecycle. The
information security process is commonly divided into
the following phases:
1. Planning
2. Implementing the plan and carrying out the
project
3. Performance review and monitoring the
achievement of objectives
4. Eliminating discovered flaws and weaknesses
and making optimisations as well as
improvements
Phase 4 describes the immediate elimination of minor
flaws. If fundamental or extensive changes are needed,
one must of course return to the planning phase again.
This model is named after the individual phases ("Plan",
"Do", "Check", "Act") and is thus also referred to as the
PDCA model. The PDCA cycle is considered as an
upward spiral as each cycle will be perfecting the ISMS
resulting in the next cycle's extent being a little lesser
than the previous.
Concluding Remarks
The management system concept is being applied
across many new disciplines. With the ratification of the
ISO27001 standard, information security management
systems have achieved new prominence, in some
arenas becoming an essential requirement.
In conclusion, an ISMS:
Integrates information security risk into
enterprise risk management.
Documents informed choice decision making
and due diligence.
Provides a framework for regulatory
compliance.
Offers a structure to efficiently and effectively
integrate people, process, and technology.
Furnishes a mechanism for monitoring and
reporting.
Is business friendly, and a market
differentiator.
References:
http://www.csoonline.com
Useful Books and information on Business Continuity and Disas-
ter Recovery:
The Disaster Recovery Handbook: A Step-By-Step Plan - By
Wallace and Webber (Anacom 2010)
Building an Enterprise-Wide Business Continuity Program - By
Kelley Okolita (CRC Press 2009)
A Risk Management Approach to Business Continuity: Aligning
Business Continuity with Corporate Governance - by Julia Gra-
ham et al (Rothstein Associates 2006)
How beautiful can life be? We hardly
dare imagine it.
- Charles Eisenstein
1 2 3 4 5 6 7 8 9 10 11 12 Consultants’ Corner
Consider a colleague at the workplace who shares
excellent rapport with others. This colleague is always
thoughtful, thinks about others‟ needs and feelings, is
humble about her strengths, and is concerned about
how her words and actions may affect others.
It is wonderful to work with such a person and the entire
team buzzes around her, eager to please and assist her.
The team finds solace around such a person. This is
because this person has immense self-awareness.
Self awareness is
being aware of
oneself including
o n e ‟ s t r a i t s ,
behaviour and
feelings through
introspection. It is
one of the most
valuable leader-
ship competencies that are always underestimated.
Such leaders shoulder responsibilities willingly and are
able to accept what they do not know. Most leaders
pretend to know everything. But a person with
self-awareness understands his/her limitations and is
willing to learn from others. Rumi has aptly quoted, “O,
happy the soul that saw its own faults”.
People often do not understand their strengths and
weaknesses and this hinders their performance. This is
because of poor self-awareness. Such people tend to
brush their faults under the carpet and pretend to be a
“know-all”. This leads to poor performance and in some
cases even termination. So the solution is to be aware of
yourself. How can this be done? Here are a few tips to
develop self-awareness and be successful in both your
personal and professional life.
Introspection: To develop self -awareness,
introspection is the key. All tips listed below are based
on this introspection, which is the ability to think through
an action by looking deep within. Seek answers within
for your actions and reactions to develop a more positive
approach towards life and others.
Blame-game: Normally, people don‟t look at
themselves, with the result that you blame one another
for the mistakes. Stop this blame game and look within
for the reason as to why the action of a particular person
makes you upset.
So often, the annoyance factor in the other person may
be reflected somewhere deep within you. Carl Jung
notes that everything that irritates us about others can
lead us to an understanding of ourselves.
Strengths and weaknesses: Introspection leads to an
awareness of your strengths and weaknesses. This
understanding helps you choose your career path, and
your friends which enhance both your personal and
professional life.
Slow down: In this fast paced competitive life, you are
always in a rush with deadlines to meet, projects to be
completed. This leaves you with no time to pause and
look at your situation, and the situation of all the people
with whom you interact. So slow down your pace and
become conscious of your life, what you are and what
you want to achieve.
Mindfulness: The Buddhist philosophy of mindfulness
is an easy tool to stay connected with your inner core
and be aware of yourself. It simply means living in the
moment. This can be developed through simple
techniques like meditation, relaxation techniques,
watching the breath, listening to music, sitting quietly
observing your thoughts and so on. This a therapeutic
exercise where you are consciously aware of each and
every moment and action of yours. Living in the
moment, in the present helps get rid of stress and give
your full focus and attention to the task. This way you
minimise mistakes, give your best and excel in your
work!
Thus self-awareness helps you develop non-judgmental
awareness of all that you are and will be. This reflects
on the outside so that your relationships are based on
accepting the other person for what he/she is. By
understanding yourself, you learn to use your strengths
better, develop where you can and avoid or compensate
areas where you don‟t have the necessary skills. People
who understand themselves work better.
To sum up, in James Allen‟s words, “Only by much
searching and mining are gold and diamonds obtained,
and man can find every truth connected with his being if
he will dig deep into the mine of his soul.”
Developing self-awareness
Rekha Murali
(As published in „The Hindu—opportunities‟ dated January 09, 2013)
Blood group and personality traits!!
Is this true? - check and give us feedback.
1 2 3 4 5 6 7 8 9 10 11 12 Consultants’ Corner
BLOOD GROUP O BLOOD GROUP A BLOOD GROUP B BLOOD GROUP AB
In a nutshell Cannot stand people who hide the truth
Pessimistic and too sensitive
Cannot take orders easily Romantic and sentimental
Basic Behav-ior
Make objectives clear Careful about decision-making
Make decisions fast Extremely practical
Possess great deal of confidence
Make things clear in black and white
Can be flexible Excellent in analyses
Honest, optimistic and energetic
Care too much about so-cial rules and standards
Do not care about rules Give fair criticisms
Respect scientific and practical findings
Cannot decide when it comes to important is-sues
Tolerance Strength and endurance depend on their aim
High tolerance for physical or repetitive work
Maintain the longest interest in what they do
Try to be hard-working
Give up easily if they find the job meaningless
Cannot take changes easily
Seem impatient Tend to be impatient
Lose interest in a hobby easily
Dislike repetitious work
How do they see their fu-ture and past?
Positive about the past, thus do not regret about the past
Try hard to forget the past Hard to forget recent affairs, but able to forget past and memories
Sentimental about the past
Seek financial stability for the future
Pessimistic about the future
More concern about the immediate problems than anything else
How do they express their emotions?
Usually stable and calm Able to display cool out-look even though angry
Expressive Sentimental
Sensitive towards sin-cerity
Short-tempered Cool and objective Usually cool and steady, but can get upset with an immediate, unsolved problem
Give frank, direct opin-ions
Take longer to heal a broken heart
Although joke a lot, could actually be very shy
Can get moody easily
Sensitive to others' opinions
Change moods like the weather
Cannot stop complaining when they are upset
How do they work?
Ability to concentrate vary from time to time, depending on aim
Perfectionist Creative and possess new ideas
Able to handle a wide scope of jobs
Mostly prefer to lead Handle one thing at a time
Cannot differentiate be-tween work and hobby
Value hard work
Can overlook details Work a line between work and personal affairs
Cannot take orders Quick in understanding
Highly responsible Do not hesitate to intro-duce innovative changes and are not worried about theirs criticisms
Not highly responsible and unable to follow-up on a project until its completion
Tend to choose hobbies which help them release stress
Tend to be artistic in approach
Source: Internet
1 2 3 4 5 6 7 8 9 10 11 12 Consultants’ Corner
What’s up at NCRCL?
Team NCRCL (RSM, Kishore, Bhavana, Namith and Krishnan) were at ICSR, IIT Chennai as a part
of implementation phase discussions of our earlier project.
Presentation of the next version of DocuMan by Raghu of Deltacadd on 20th Feb 2013 at NCRCL Bangalore and Chen-
nai through video conferencing
Study Circle meeting last month
1. Indian Philosophy and Heritage - Session III by Dr R S Murali on 30th Jan 2013
2. Business Process Re-engineering for Karnataka State Cricket Association by U S Mohanty on 22nd Feb 2013
RSM gave a talk on Achievement Motivation at NCRCL Bangalore office on 27th Feb 2013
An Exclusive Talk with U Shrikantha Maiya
U Shrikantha Maiya B E, PGDMM, PGD(HRM), PGDEEM&EA, MBA Working as Head Administration Born on 02nd January Email: [email protected] Phone No: 080 23642795
CC. The meaning of your name.
S Maiya: Master of Lakshmi = Vishnu
CC. Nickname.
S Maiya: No nick name
CC. Your dream job.
S Maiya: It is too late to think about this now due to age
factor
CC Your first impression of NCRCL.
S Maiya: Well organized, well knit organisation
CC. What personal/emotional characteristic of yours do
you want to change?
S Maiya: Difficult to answer. I am not sure whether I can
really change my short comings if any at this age.
CC. Money or job satisfaction?
S Maiya: It should be both, depending on the
circumstances under which one is placed.
CC. Your Stress buster.
S Maiya: Develop philosophy that stress is part of our life
and on this we may not have any control.
CC. Do you have a small circle of close friends, rather
than a large number of friends?
S Maiya: It should be both. One must develop to have
small circle of close friends in the inner circle and should
have large number of friends with Lakshmana Rekha in
between.
1 2 3 4 5 6 7 8 9 10 11 12 Consultants’ Corner
CC. What do you most like about a person?
S Maiya: Simplicity, honesty, trust worthiness, hard
work and without ego.
CC. What do you most hate in a person?
S Maiya: Hatred, jealousy, revenge, groupism, politics
and indulging in destroying personal life of others.
CC. Team work vs Individual work – your
comments.
S Maiya: Team work‟
CC. Do you make efforts to get others to laugh and
smile?
S Maiya: Not much
CC. Your heart rules your head or your head rules
your heart?
S Maiya: This would be both depending on the
situation.
CC. What kind of special talent do you have?
S Maiya: Nothing special to mention
CC. What are your hobbies?
S Maiya: Listening to good and old music, watching
TV and occasional singing
Life offers its wisdom generously. Every-
thing teaches. Not everyone learns.
- Rachel Naomi Remen
Parichay Know our Associates!
Nathan India
Nathan India, in Chennai and Delhi is a wholly owned subsidiary of Nathan Associates Inc. USA.
Staffed with expert economists and highly skilled researchers, the subsidiary provides clients a range of
services from market surveys and econometric analysis of survey data to economic impact analysis of
industrial development on the environment. Clients include Indian banks, providers of analytical
services, and conglomerates, as well as U.S. trade associations and litigation clients. Nathan India is
also pursuing work in sports economics in the wake of cricket franchise development through the
Indian Premier League.
NCRCL® is proud to be associated with Nathan India. This association has led to the short listing of
the team as consultants for DFID funded projects in India. Many other ventures are in the offing
where NCRCL® expertise in finance can be utilised along with the economic analytical services of Na-
than.
Ha Ha Ha !!!
Quiz Corner
Birthday Corner!
1). With BRIC unable to live upto its promise, investors are looking at MINT. Which 4 countries make up the
MINT?
2). Why has Bangladesh Government decided to ban cartoon channels on TV in their country?
3). Which Bollywood entertainment co started as a book library started by Shethia and Maroo families in Mumbai ?
4). ____ is to India, what Coca Cola is to US. Name India‟s no 1 FMCG brand in terms of sales value.
5). The cricketer Anil Kumble‟s firm TENVIC has the tag line „ToENsureVICtory”. There is one more reason it is called
TENVIC. What is the reason?
Send in your answers to the editor at [email protected]
Participants with the correct entry will be awarded with a Recognition Certificate by NCRCL.
Ability is what you're capable of doing. Motivation determines what you do. Attitude determines how
well you do it. - Lou Holtz
I feel it should be in landscape mode and comfortably fit the screen of any comp, laptop, or notebook. Is
there such an option? I feel it is cumbersome scrolling up and down.
-Jordi Griera
If you have any comment/suggestion for the editors, please write to us at [email protected]! Your views and comments on
articles featured here are also welcome!
Answer To last month’s Knowledge Snippet question:
1). In terms of per capita income which is the richest country in the world ?
2). Twigs from which tree were recommended by Prophet Muhammad for brushing. It is also a brand.
3). In Google, for products to be accepted they need to pass a “toothbrush test “. What is it ?
4). Which Indian co is the largest tractor manufacturer in the world ?
5). Which recently released movie has been given two awards by Indian govt for promoting Indian tourism ?
Answer: 1) Qatar at 98,000+ $ , 2)Miswak, 3) Used atleast twice daily , 4) Mahindra and Mahindra, 5) Life of Pi
1 2 3 4 5 6 7 8 9 10 11 11 Consultants’ Corner
Your feedback
Karthik M V—6th March
Our Business Associates
NCR & Co
Chartered Accountants www.deltacadd.com
www.nathaninc.com
www.hsbconsulting.biz www.obsitech.com
www.altacit.com
www.fichtner.in/india.htm
www.4spl.biz
www.ineval.org
www.fugoconsulting.com
Karnataka Institute of
Public Auditors www.mcmillanwoods.com
Registered Office:
2nd Floor, New No. 4, Old No. 23, C P Ramasamy Road, Alwarpet,
Chennai - 600 018
Ph: +91 44 2466 0955
Fax: +91 44 4218 5593
Email: [email protected]
Branch Office:
#107, 1st Floor, Railway Parallel Road, Kumarapark West,
Bangalore - 560 020
Ph/Fax: +91 80 23560265
Email: [email protected]
Contact
Website: www.ncrcl.com
NCR Consultants Limited
i2i IFRS