Authentication and Access Control

Threats to your data can come from external or internal sources.

  1. There are individuals who don’t have the authorisation but are driven by malicious intentions to gain access to certain information. This may refer to individuals who already belong to your organisation (but don’t have the necessary access rights) as well as those who don’t.
  2. There are individuals who have both the authorisation and, unfortunately, the malicious intentions over certain information.
  3. Finally, there are individuals who have the authorisation, no malicious intentions, but have accidentally exposed the information in question to those without the proper authority.

While curbing threats 2 and 3 would require other methods, threat #1 can be countered if the right authentication and access control systems are in place.

Here’s what we can do for you:

  • Work with your key personnel to determine who gets access to what.
  • Help you decide whether a single factor or a two-factor authentication (2FA) is appropriate for your organisation and recommend which factors are most suitable. Login methods may include but are not limited to the following:
    • biometric devices
    • Kerberos tickets
    • mobile phones
    • passwords
    • PKI certificates
    • proximity cards
    • smart cards
    • tokens
  • Install the necessary infrastructure needed for the factors chosen. For instance, if you opt to use biometrics, then biometric scanners will be installed. We’ll make sure that the authentication terminals are situated in places where achieving optimal traffic and work flow has been taken into consideration.

Other defences we’re capable of putting up include:

Check our similar posts

2015 ESOS Guidelines Chapter 6 – Role of Lead Assessor

The primary role of the lead assessor is to make sure the enterprise?s assessment meets ESOS requirements. Their contribution is mandatory, with the only exception being where 100% of energy consumption received attention in an ISO 50001 that forms the basis of the ESOS report.

How to Find a Lead Assessor

An enterprise subject to ESOS must negotiate with a lead assessor with the necessary specialisms from one of the panels approved by the UK government. This can be a person within the organisation or an third party. If independent, then only one director of the enterprise need countersign the assessment report. If an employee, then two signatures are necessary. Before reaching a decision, consider

  • Whether the person has auditing experience in the sector
  • Whether they are familiar with the technology and the processes
  • Whether they have experience of auditing against a standard

The choice rests on the enterprise itself. The lead assessor performs the appointed role.

The Lead Assessor?s Role

The Lead Assessor?s main job is reviewing an ESOS assessment prepared by others against the standard, and deciding whether it meets the requirements. They may also contribute towards it. Typically their role includes:

  • Checking the calculation for total energy consumption across the entire enterprise
  • Reviewing the process whereby the 90% areas of significant consumption were identified
  • Confirming that certifications are in place for all alternate routes to compliance chosen
  • Checking that the audit reports meet the minimum criteria laid down by the ESOS system

Note: A lead assessor may partly prepare the assessment themselves, or simply verify that others did it correctly.

In the former instance a lead assessor might

  • Determine energy use profiles
  • Identify savings opportunities
  • Calculate savings measures
  • Present audit findings
  • Determine future methodology
  • Define sampling methods
  • Develop audit timetables
  • Establish site visit programs
  • Assemble ESOS information pack

Core Enterprise Responsibilities

The enterprise cannot absolve itself from responsibility for good governance. Accordingly, it remains liable for

  • Ensuring compliance with ESOS requirements
  • Selecting and appointing the lead assessor
  • Drawing attention to previous audit work
  • Agreeing with what the lead assessor does
  • Requesting directors to sign the assessment

The Environment Agency does not provide assessment templates as it believes this reduces the administrative burden on the enterprises it serves.

Saving Energy Step 4 – Breathing Life into the Project

Today we consider the fourth step on the road to energy saving, when we introduce key contributors who will pull it all together. We have been on quite a journey. We started by developing a management system and then followed up with practical improvements, while challenging the assumptions behind the energy bills we may have paid unchallenged in the past.

After we knock off the big-ticket savings, managing energy becomes a process of improvement characterised by smaller increments. Kaizen is the classic model and it includes everybody in the organization from the janitor to the CEO. I inverted the pyramid deliberately, because ideas deserve considering no matter where the originator parks in the company yard.

People ? our people ?are truly central to the process. Energy adds extra leverage to their efforts, keeps them warm in winter, cool in summer and powers up the ovens in the company canteen. They are brimming over with ideas because that is the nature of being human. The best managers are those who release this potential and participate in its flowering,

It is important not to threaten job security. So many savings-driven initiatives have ended in job losses that people on the shop floor automatically suspect another round. Shrinking carbon footprints is about making the world a better place for everyone. We become more effective when we turn ?increasing profit? into making the enterprise sustainable in itself.

Engaging employees is more than office circulars and speeches at the Christmas Party. Organizations are organic places where trust grows slowly but conflict can flare in a moment. Before involving your people in your energy ?kaizan? make sure your words and intentions overlap perfectly. You will be amazed at the power you unlock in your people.

The best way I know of doing this is through your health and safety structure, which then becomes your environment, health and safety structure EHS. As you explore this idea at safety committees you find these things overlap, in the sense of creating people-centric environments at work and home.

That said, there is no magic formula for achieving employee engagement. The fact that people universally want a cleaner planet is the power to tap into. One way to form a team is to create one artificially and give it a task. The other is to work together towards a shared objective. Which one do you prefer?

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK
Six Sigma

Six Sigma has received much attention worldwide as a management strategy that is said to have brought about huge improvements and financial gains for such big-name companies as Allied Signal, General Electric (GE) and Motorola.

If you want to give your business the chance to attain the same resounding success, Six Sigma could be the method that will steer you towards that direction.

What is Six Sigma?

So what really is it? Six Sigma is a business management tool that was developed using the most effective quality improvement techniques from the last six decades. Basing its approach on discipline, verifiable data, and statistical calculations, Six Sigma aims to identify the causes of defects and eliminate them, thereby resulting in near-perfect products that meet or exceed customer’s satisfaction.

The core concept behind the Six Sigma method is that if an organisation can quantify the number of “defects” there are in a particular process, improvement activities can be implemented to eliminate them, and get as close to a “zero defects” scenario as possible. Defect here is defined as any process output that fails to meet customer specifications.

Six Sigma is also unique from other programs in that it calls for the creation of a special infrastructure of people within the organisation (“Champions“, “Black Belts“, “Green Belts“) who are to be expert in the methods.

Six Sigma Methodologies

When implementing Six Sigma projects, two methodologies are often employed. Although each method uses five phases each, these two are distinguished from each other using 5-letter acronyms and their specific uses.

DMAIC ? is the project methodology used to improve processes and maximise productivity of current business practices. The 5 letters stand for:

  • D ? Define (the problem)
  • M ? Measure (the main factors of the existing process)
  • A ??Analyse?(the information gathered to deter mine the causes of defects)
  • I ? Improve (the current process based on the analysis)
  • C ? Control (all succeeding processes so as to minimise additional defects)

DMADV – is the method most suitable if your business is looking to create new products or designs. The acronym stands for:

  • D ? Define (product goals as the consumer market demands)
  • M ? Measure (and identify product capabilities and risks)
  • A ??Analyse?(to create the best possible design)
  • D ? Design (the product or process details)
  • V ? Verify (the design)

How does Six Sigma differ from other quality programs?

If you think that Six Sigma is just another one of those business strategies that produce more hype than actual results, think again. Six Sigma uses three key concepts that sets it apart from other business management methods.

  • It is strictly a data-driven approach, where assumptions and guesswork do not figure in the decision making.
  • It focuses on achieving quantifiable financial results ? the bottom line ($) ? as much as giving emphasis on customer satisfaction.
  • It requires strong management leadership, while at the same time creating a role for every individual in the organisation.

Is Six Sigma right for your business?

While many other organisations such as Sony, Nokia, American Express, Xerox, Boeing, Kodak, Sun Micro-systems and many other blue chip companies have followed suit in adopting Six Sigma, the truth is, any company — whether you have a large manufacturing corporation, or a small business specialising in customer service.

Certainly, there is a lot more to Six Sigma than what you can probably absorb in one sitting or reading.

With our wide range of business management consultancy services, we can help you understand the Six Sigma method in the context of your business. We can also help you establish your improvement goals, set up your program, and train your own team of “champions” who can lead in implementing your Six Sigma goals.

Find out more about our Quality Assurance services in the following pages:

Ready to work with Denizon?

Contact Us Today