07-11 Contents: InfoSec downloads, Security & Testing free seminars, Spreadsheet conferences
ISSN 1649-2374 This issue online at http://www.sysmod.com/praxis/prax0711.htm [Previous] [Index]
|Systems Modelling Ltd.: Managing reality in Information Systems - strategies for success|
IN THIS ISSUE
|1) Risk & Security
Standard of Good Practice for Information Security download
Cyber Security Awareness Resource Center downloads
Pirate copies of books
Audit Technology Conference, London 20-21 Nov
|2) Irish news
Ireland Corporate Enforcer impatience with compliance
ICS Security Professionals' Network Seminar, 5 Nov
SoftTest Ireland Presentation by O2 and AGM, 8 Nov
Excel User Conference Cambridge, Nov 29 - Dec 1
SPRIG sleepless at INFORMS, Seattle, 5 & 7 Nov
Did you spot a spreadsheet error from a mile away?
Excel oddities, annoyances, quirks
ScanXLS continues to be enhanced
VBA Code Quality - Project Analyser
|4) Off Topic
Giveaway of the day freeware
|13 Web links in this newsletter
|About this newsletter and Archives
Subscribe and Unsubscribe information
If it's November, it must be conference season! Let me know your experience of any of the conferences I mention.
The Information Security Forum (ISF) has launched the 2007 version of its international Standard of Good Practice for Information Security, which can be downloaded free of charge. The Standard of Good Practice for Information Security (the Standard) addresses information security from a business perspective, providing a practical basis for assessing an organisation’s information security arrangements.
The page says that all file sizes are 4KB but in fact they can be some megabytes. Examples are:
The Giveaway of the Day site mentioned below uses a file sharing service www.wikifortio.com . I discovered an illegal copy of some copyrighted material on that site and contacted the author. He in turn told me about another ebook site to which he had to send a take-down notice, www.scribd.com where among all the usual self-published and PR material was again some PDF versions of well known textbooks. If you publish any copyright material, check the web regularly for bootleg versions.
20th and 21st November 2007 Holiday Inn Kensington Forum, London
Topics to be covered include: Governance, Risk and Compliance, Audit Workflow, XBRL, Illicit Image Abuse, Spreadsheet Risks, Continuous Audit, Direct Tax Audit, Electronic Discovery, and Fraud Detection.
My presentation on Nov 21st is "Minimising Risk in Important Spreadsheets". This presentation examines the risk to organisations which arise from the uncontrolled use of spreadsheets.
Don McAleese of the Information Technology Law Group of Matheson Ormsby Prentice writes a regular legal bulletin for the Irish Computer Society. http://www.ics.ie/news/ne_eBulletin.htm
The European Communities (Companies) (Amendment) Regulations 2007 came into effect on 1 April 2007. They implement the EU “Disclosure Directive” and extend the requirements of regulations going back to 1973 (European Communities (Companies) Regulations 1973) which require companies to disclose certain particulars concerning the company on their letter heads and order forms so that they now apply to electronic communications and websites.
It is coming up to 6 months now since the Regulations have been introduced, and the Office of the Director of Corporate Enforcement, which is responsible for the enforcement of the Regulations, is understood to be “becoming impatient with the lack of compliance”.
The article provides a table showing the different information a company must display on its business letters, order forms, electronic communications and websites.
Care needs to be taken in complying with the requirements as failure to comply is an offence for which not only the company is liable, but also any officers, directors or “persons in accordance with whose directions or instructions the directors of the company are accustomed to act and to whose directions or omissions the default is attributable. The maximum fine is €2,000 per offence”.
The ICS Security Professionals' Network presents the second in its series of lunchtime information security sessions structured around the eleven ISO/IEC 27002 Domains. Michael Brophy, CEO of Certification Europe, will present key findings of the recently-completed first worldwide ISO 27001 survey Mark Cawley, Head of Security Practice at BT Ireland, will present Managed Security Services - A Viable Option for protecting your Business
8 November, 5.30-8pm at IBEC, Confederation House, 84/86 Lower Baggot Street,
http://www.SoftTest.ie To register
please email ruth dot walmsley at momentumni dot org
Joan's presentation is on how she has embraced the challenge of controlling and optimising the management of multiple, complex Test Environments in O2, where up to 30 test projects are managed at any one time, while reducing costs and headcount. This has been done by establishing a Help-Desk system, using pre-existing Test Management Software (HP Quality Centre). Joan will speak about the system itself, how it evolved and the benefits it has brought to the organisation. Joan Jordan is an accomplished Testing Professional with over 12 years experience in the IT Industry.
Presenters: Nick Hodge MVP; Simon Murphy; Bob Phillips MVP; Andy Pope MVP, Charles Williams, and Ken Wright.
Day 1: Beyond the Basics. Like most of us regular users of Excel, you may have the feeling you are using only a fraction of the full power Excel can offer. All of the sessions will provide proven tips and strategies to make you more productive from Excel experts, including Microsoft Excel MVPs, who share their knowledge regularly in various online forums.
Day 2: Advance to the Next Level. These sessions are designed to sharpen your skills and introduce you to some of Excels more advanced features and functionality. You will see demonstrations that will illustrate many of the tools and strategies to develop applications. Most of the session leaders are professional full time independent Excel developers.
My presentation at 09:45 is on "Excel - Auditing Spreadsheets"
Day 3: Developer Saturday. This day will be devoted to developer topics. If you are a professional developer, do development work for your employer or want to learn more about developing with Microsoft Office then this day is for you. You will have the opportunity to learn and share many aspects of the Office Suite working hand in hand with .net, VSTO or VB6.
Nov 5, 4:30 - 6:00 p.m Spreadsheets in O.R. Practice: Papers from the Interfaces Special Issue, Chair: Thomas Grossman, USFCA
Nov 7 10:00 - 11:30 a.m. Modeling Applications using Spreadsheets (and More), Chair: Mukul Madahar, UWIC
and 1:30 - 3:00 p.m. Spreadsheet Technology and Engineering, Chair: Larry LeBlanc, Vanderbilt
and 3:30 - 5:00 p.m. Spreadsheets in Education, Chair: Janet Wagner, Stockton
The IIA offered a free book as a prize for those who downloaded that sales report spreadsheet, identified at least one error, and replied by Oct. 17. I found seven issues, another Eusprig member who won the book found 11, but only 2 the same as mine, and another found a different one! A formula inconsistency was so easy to spot and so insignificant that I wondered if it was a distracter for something else more serious. I didn't know whether to take the jokey names seriously. In fact, the point was that *all* the invoices rounded up, whereas statistically one would expect some up and some down.
I posted a few oddities recently to my blog at http://www.sysmod.com/blog
Excel 2007 with European regional Windows date settings cannot import dBase dbf file dates correctly. Although the data is stored in the record unambiguously as YYYYMMDD, Excel 12 imports it as mm/dd/yyyy so dates with days above 12 appear as text. It imports correctly when the regional date format is mm/dd/yyyy.
Thanks to some good feedback from users, my ScanXLS utility continues to be improved. It searches directories for XLS files and reports on the external data sources and links between them.
I've been checking out the Project Analyzer from Aivosto Oy in Finland. The trial version works on up to ten modules, so you can easily see how it works on a small project. It finds dead code and suspicious constructs. I like it for the automated VB code review:
http://www.sysmod.com/az.php?a=190540400X&b=Spreadsheet+Check+Control Available worldwide from Amazon.
http://sysmod.buy.ie/catalog/product_info.php?products_id=188 Our offer - free shipping to EU .
Simply send your comments to FEEDBACK (at) SYSMOD (dot) COM
Thank you! Patrick O'Beirne, Editor
If you like to check the covers of PC magazines for trial software, here's an online version of the same thing. For a period of 24 hours at a time, you can download an application for free use. They are all full programs, no "free download" nonsense, an expression I usually filter out of Google searches for a utility. They are sometimes previous versions, or one function extracted from a larger suite, or restricted to non-commercial use. A very useful feature is the comment blog that is well used with many votes for and against the software on offer for the day.
Copyright (c) Systems Modelling Limited,
Reproduction allowed provided the newsletter is copied in its entirety and with
this copyright notice.
We appreciate any feedback or suggestions for improvement. If you have received this newsletter from anybody else, we urge you to sign up for your personal copy by sending a blank email to EuroIS-subscribe (at) yahoogroups (dot) com
For those who would like to do more than receive the monthly newsletter, the EuroIS list makes it easy for you to discuss issues raised, to share experiences with the rest of the group, and to contribute files to a common user community pool independent of the sysmod.com web site. I moderate posts to the EuroIS list, to screen out inappropriate material.
Patrick O'Beirne, Editor
ABOUT THIS NEWSLETTER
"Praxis" means model or example, from the Greek verb "to do". The name is chosen to reflect our focus on practical solutions to IS problems, avoiding hype. If you like acronyms, think of it as "Patrick's reports and analysis across Information Systems".
Please tell a friend about this newsletter.
We especially appreciate a link to www.sysmod.com from your web site!
To read previous issues of this newsletter please visit our web site at http://www.sysmod.com/praxis.htm
This newsletter is prepared in good faith and the information has been taken from observation and other sources believed to be reliable. Systems Modelling Ltd. (SML) does not represent expressly or by implication the accuracy, truthfulness or reliability of any information provided. It is a condition of use that users accept that SML has no liability for any errors, inaccuracies or omissions. The information is not intended to constitute legal or professional advice. You should consult a professional at Systems Modelling Ltd. directly for advice that is specifically tailored to your particular circumstances.
We guarantee not to sell, trade or give your e-mail address to anyone.
To subscribe to this Newsletter send an email to
EuroIS-subscribe (at) yahoogroups (dot) com
To unsubscribe from this Newsletter send an email to
EuroIS-unsubscribe (at) yahoogroups (dot) com
EuroIS is the distribution list server of the PraxIS newsletter. It also offers a moderated discussion list for readers and a free shared storage area for user-contributed files. The archives of this group are on YahooGroups website http://finance.groups.yahoo.com/group/EuroIS/