04-09 Contents: Open Source IS Security, ICS Risk lectures, Blinkx, Copernic, Job Search Networking, Spreadsheets SOX, humour.
ISSN 1649-2374 This issue online at http://www.sysmod.com/praxis/prax0409.htm [Previous] [Index] [Next]
|Systems Modelling Ltd.: Managing reality in Information Systems - strategies for success|
IN THIS ISSUE
|1) Risk & Security
Open Source IS Security body of knowledge
ICS CPD autumn lectures on Risk Management
|2) Local disk drive index/search utilities
Copernic Desktop Search
|3) Will (does?) the Real Economy Stand Up?
Job search - networking drying up?
Foundations of Spreadsheets: Workshop, Rome
Excel range name curiosity
Spreadsheet Control and Sarbanes-Oxley
|5) Off Topic
Explorer error message ;-)
Software Project Cartoons
|18 Web links in this newsletter
About this newsletter and Archives
Subscribe and Unsubscribe information
To help sponsor the cost of this newsletter, make your next purchase from Amazon using one of the links below. You don't even have to buy the specific book I mention - just click on one of my links before you buy anything from Amazon! When you click, you are offered a choice of Amazon store - US, Canada, UK, France, Germany, Japan, so you can pick the one that suits you.
Balwant Rathore of the Open Information System Security Group is collating an Open Source Book on Information System Security Assessment at http://www.oissg.org - I have not reviewed it yet, but I just thought I'd let you know so you can track its growth. It would be interesting to see if a volunteer effort does in fact manage to organise a useful body of knowledge.
The fourth, on Wed Nov 17, is my presentation on Spreadsheet Risk Management where I talk about spreadsheet controls and testing. This lecture places auditing and testing techniques within the broader context of quality management and describes specific tools to assist and automate these tasks.
"Official (ISC)^2 Guide to the CISSP Exam", Susan Hansche/John Berti/Chris
Hare, 2004, rrp U$70.
Robert M. Slade says in BKOIGTCE.RVW 20040618 "This guide has a significant advantage in this regard: not only do a number of the contributors produce questions for the exam itself (therefore being more than passingly familiar with the style and level of difficulty required), but the CISSP exam committee was also approached for advice and input. . . currently the best of the guides."
I use Wilbur from www.redtree.com - it's free and fast. Last month I tried two others:
It's curious that one side there are stories of surging economies and full employment, and on the other hand I get emails from IT professionals finding it very hard to get work, see that bargain hunters crowd car boot sales and eBay auctions, and hear of company closures every week in the news. Just a diverse economy, I guess.
Kevin Donlin of the Star Tribune provides job search advice. In his Aug 30 column he wrote: "Now, do you think you MIGHT get hired faster if you called to network with 120 people this month? I’ll answer that for you -- yes!" I referred him to this NY times article compares that job search approach to spam, and he promised to write soon about how to avoid that trap by not simply asking for a job over and over.
"It's a lot like spam," said Diane DiResta, president of DiResta Communications, which assists in career development. "People keep hitting up the same contacts over and over again."
After two years of searching, Mr. Boatwright, a 41-year-old lawyer, found that this assistance came to an end. "I found that people aren't as likely to respond after a while of looking. You can only go back to the well so many times. You ask them once or twice for a referral or a favor. But when you go three or four times, people start to get a little tired of helping. It gets uncomfortable."
Many experts are baffled as to what might work for job seekers whose networks are drying up. "Sad thing to confirm, but networking has hit burnout," said Stephanie Pinson, president of the executive search firm Gilbert Tweed, in New York.
http://sysmod.com/az.php?a=0316778494&b=Move_Mount_Fuji How Would You Move Mount Fuji?: Microsoft's Cult of the Puzzle by William Poundstone. rrp $15 Profiles the unique process by which Microsoft identifies its most creative employees, listing thirty-five riddles used by the company to gauge creative analytical thinking and offering advice to business leaders on how to follow Microsoft's example in order to attract top talent.
Int. Workshop on the Foundations of Spreadsheets (FOS'04) Rome, Italy, September 30, 2004 http://eecs.oregonstate.edu/~erwig/FOS/
Martin Erwig will be leading a new workshop on Foundations of Spreadsheets as a satellite workshop at IEEE VL/HCC. The purpose of the workshop is to develop a research agenda for the future research on the foundations of spreadsheets. To facilitate the exchange of ideas, the workshop is organized into several interactive discussion sessions. Invited speakers will each provide a perspective to get the discussion going, and each participant will contribute from their views and expertise. The workshop is organized around HCI, business, programming (language), and quality aspects of spreadsheets.
Eusprig members will be participating: Pat Cleary of UWIC, Grenville Croll of Frontline Systems UK. By the way, the Eusprig horror stories page has now more than fifty entries!
To learn more about how I can help you with spreadsheet modelling, model review, testing, audit and control, see http://www.sysmod.com/spreads.htm
Recent news of fraud and expensive mistakes requiring compensation have prompted leading banks, financial institutions, manufacturing, and service industries to take a harder look at the risks they are exposed to from spreadsheet applications.
I have been involved with spreadsheets and modelling over many years. In the five years since the foundation of Eusprig, I have developed a particular expertise in detailed testing of spreadsheet models and their structural integrity. In common with other practitioners, I have found that every customer is always surprised at the defects that are uncovered.
When you are reviewing your internal controls, whether for Sarbanes-Oxley (SOX) or other compliance concerns, call on me for a thorough review of your spreadsheet applications. Phone +353 55 22294 or email me .
http://sysmod.com/az.php?a=076454120X&b=Excel_Best_Practices Excel Best Practices for Business: Covers Excel 2003, 2002, and 2000 by Loren Abdulezer rrp $45. Also covers XML, spreadsheet portals, makeovers, and assistive technologies.
Simply send your comments to FEEDBACK (at) SYSMOD (dot) COM
Thank you! Patrick O'Beirne, Editor
http://www.economist.com/books/displayStory.cfm?story_id=3104241 How 51 Gorillas Can Make You Seriously Rich Or, why so many business books are awful. The formula seems to be: keep the sentences short, the wisdom homespun and the typography aggressive; offer lots of anecdotes, relevant or not; and put an animal in the title—gorillas, fish and purple cows are in vogue this year.
Search for "weapons of mass destruction" in Google, click "I'm feeling lucky" and you might get http://www.coxar.pwp.blueyonder.co.uk/ "Not Found"
You've all seen the classic cartoon about software design where "what the
client really wanted" was a tyre hung from a branch. There are variations at
http://wiki.ael.be/index.php/FightingSWPatentsCartoon of which this one
Copyright 2004 Systems Modelling Limited,
Reproduction allowed provided the newsletter is copied in its entirety and with
this copyright notice.
We appreciate any feedback or suggestions for improvement. If you have received this newsletter from anybody else, we urge you to sign up for your personal copy by sending a blank email to EuroIS-subscribe (at) yahoogroups (dot) com - it's free!
For those who would like to do more than receive the monthly newsletter, the EuroIS list makes it easy for you to discuss issues raised, to share experiences with the rest of the group, and to contribute files to a common user community pool independent of the sysmod.com web site. I will be moderating posts to the EuroIS list, to screen out inappropriate material.
Patrick O'Beirne, Editor
ABOUT THIS NEWSLETTER
"Praxis" means model or example, from the Greek verb "to do". The name is chosen to reflect our focus on practical solutions to IS problems, avoiding hype. If you like acronyms, think of it as "Patrick's reports and analysis across Information Systems".
Please tell a friend about this newsletter.
We especially appreciate a link to www.sysmod.com from your web site!
To read previous issues of this newsletter please visit our web site at http://www.sysmod.com/praxis.htm
This newsletter is prepared in good faith and the information has been taken from observation and other sources believed to be reliable. Systems Modelling Ltd. (SML) does not represent expressly or by implication the accuracy, truthfulness or reliability of any information provided. It is a condition of use that users accept that SML has no liability for any errors, inaccuracies or omissions. The information is not intended to constitute legal or professional advice. You should consult a professional at Systems Modelling Ltd. directly for advice that is specifically tailored to your particular circumstances.
We guarantee not to sell, trade or give your e-mail address to anyone.
To subscribe to this Newsletter send an email to
EuroIS-subscribe (at) yahoogroups (dot) com
To unsubscribe from this Newsletter send an email to
EuroIS-unsubscribe (at) yahoogroups (dot) com
EuroIS is the distribution list server of the PraxIS newsletter. It also offers a moderated discussion list for readers and a free shared storage area for user-contributed files. The archives of this group are on YahooGroups website http://groups.yahoo.com/group/EuroIS/
[Previous] [Index] [Next]