Data Replication

Medical Data Form

These days, not many companies can continue to operate once their entire computer system goes down. All the information needed in daily operations are stored in databases while the interfaces that make use of them all come in the form of software applications.

Software applications can be rapidly reinstalled and configured for as long as the necessary programs are available. Data, however, cannot be reconstructed as quickly even with hard copies available. It is therefore necessary to store your data in a replicated setup so that when one section goes down, operations can proceed without interruption.

For instance, if a category 5 hurricane renders your main office useless, you can simply rent workstations elsewhere, connect to the Internet and continue with your usual transactions for as long as data is readily accessible.

So how do we ensure the accessibility and reliability of your data? Here’s what we’ll do:

  • Activate data replication on your database management system. If your DBMS does not support replication, we’ll migrate all your data to one that does.
  • If absolutely necessary, we can allow modernised systems to run parallel to your legacy systems and prepare both for full modernisation when you’re ready.
  • Implement fail-over technologies where applicable to provide for automatic switching to a backup data server or network from one that has just failed.

We can also assist you with the following:

Check our similar posts

How COBIT helps you achieve SOX Compliance

First released way back in 1996, COBIT has already been around for quite a while. One reason why it never took off was because companies were never compelled to use it ? until now. Today, many CEOs and CIOs are finding it to be a vital tool for achieving SOX compliance in IT.

Thanks to SOX, COBIT (Control Objectives for Information and related Technology) is now one of the most widely accepted source of guidance among companies who have IT integrated with their accounting/financial systems. It has also gained general acceptability with third parties and regulators. But how did this happen?

Role of control frameworks in SOX compliance

You see, the Sarbanes-Oxley Act, despite having clearly manifested the urgency of establishing effective internal controls, does not provide a road map for you to follow nor does it specify a yardstick to help you determine whether an acceptable mileage in the right direction has already been achieved.

In other words, if you were a CIO and you wanted to find guidance on what steps you had to take to achieve compliance, you wouldn’t be able to find the answers in the legislation itself.

That can be a big problem. Two of your main SOX compliance obligations as a CEO or CIO is to assume responsibility in establishing internal controls over financial reporting and to certify their effectiveness. After that, the external auditors are supposed to attest to your assertions. Obviously, there has to be a well-defined basis before you can make such assertions and auditors can attest to anything.

In the language of auditors, this ?well-defined basis? is known as a control framework. Simply put, once you certify the presence of adequate internal controls in your organisation, the external auditor will ask, ?What control framework did you use??

Knowing what control framework you employed will help external auditors determine how to proceed with their evaluations and tests. For your part, a control framework can serve as a guide to help you work towards specific objectives for achieving compliance. Both of you can use it as a common reference point before drawing any conclusions regarding your controls.

But there are many control frameworks out there. What should you use?

How SOX, COSO, and COBIT fit together

Fortunately, despite SOX?s silence regarding control frameworks, you aren’t left entirely to your own devices. You could actually take a hint from the SEC and PCAOB, two of the lead organisations responsible for implementing SOX. SEC and PCAOB point to the adoption of any widely accepted control framework.

In this regard, they both highly endorse COSO, a well-established internal control framework formulated by the Committee of Sponsoring Organisations of the Treadway Commission (COSO). Now, I must tell you, if you’re looking specifically for instructions pertaining to IT controls, you won’t find those in COSO either.

Although COSO is the most established control framework for enterprise governance and risk management you’ll ever find (and in fact, it’s what we recommend for your general accounting processes), it lacks many IT-related details. What is therefore needed for your IT processes is a framework that, in addition to being highly aligned with COSO, also provides more detailed considerations for IT.

This is where COBIT fits the bill.

How COBIT can contribute to your regulatory compliance endeavors

COBIT builds upon and adheres with COSO while providing a finer grain of detail focused on IT. You can even find a mapping between COBIT IT processes and COSO components within the COBIT document itself.

Designed with regulatory compliance in mind, COBIT lays down a clear path for developing policies and good practice for IT control, thus enabling you to bridge the gap between control requirements, technical issues, and business risks.

Some of the components you’ll find in COBIT include:

IT control objectives

These are statements defining specific desired results that, as a whole, characterise a well-managed IT process. They come in two forms for each COBIT-defined IT process: a high-level control objective and a number of detailed control objectives. These objectives will enable you to have a sense of direction by telling you exactly what you need to aim for.

Maturity models

These are used as benchmarks that give you a relative measurement stating where your level of management or control over an IT process or high-level control objective stands. It serves as a basis for setting as-is and to-be positions and enables support for gap analysis, which determines what needs to be done to achieve a chosen level. Basically, if a control objective points you to a direction, then its corresponding maturity model tells you how far in that direction you’ve gone.

RACI charts

These charts tell you who (e.g. CEO, CFO, Head of Operations, Head of IT Administration) should be Responsible, Accountable, Consulted, and Informed for each activity.

Goals and Metrics

These are sets of goals along with the corresponding metrics that allow you to measure against those goals. Goals and metrics are defined in three levels: IT goals and metrics, which define what business expects from IT; process goals and metrics, which define what the IT process should deliver to support It’s objectives; and activity goals and metrics, which measure how well the process is performing.

In addition to those, you’ll also find mappings of each process to the information criteria involved, IT resources that need to be leveraged, and the governance focus areas that are affected.

Everything is presented in a logical and manageable structure, so that you can easily draw connections between IT processes and business goals, which will in turn help you decide what appropriate governance and control is needed. Ultimately, COBIT can equip you with the right tools to maintain a cost-benefit balance as you work towards achieving SOX compliance.

Recognizing Your Carbon Footprint

Countless times we have heard of the term ?carbon footprint?. Perhaps we have seen and heard it on TV or read it in newspapers, magazines and published articles. Indeed, it has been an expression familiar to everyone as it is always associated with climate change, carbon emissions, global warming, pollution and other environmental issues. Carbon footprint is real. It exists and, in fact, continues to affect the world we live in.

Defining Carbon Footprint

Two essential words comprise the term carbon footprint. Fundamentally, ?carbon? means the carbon dioxide circulating in the atmosphere. It is also the general word used for other greenhouse gasses emitted into the air. On the other note, ?footprint? refers to impact or effect.

Think about the footprints people leave on the beach sand upon walking on the shore. That is exactly what carbon footprint is like. It’s about the impact humans leave on the earth in the form of carbon dioxide and other greenhouse gases.

Calculating Your Personal Carbon Footprint

The food we eat, products we use, vehicles we ride on and electricity we consume emit carbon dioxide. In fact, our activities, lifestyle, homes, and countries contribute to climate change. And carbon footprint is the best estimate we can get of the full impact our doings affect the earth. It quantifies the amount of our carbon emission. With this, knowing how to calculate your personal carbon footprint is important.

There are various standards in calculating one?s carbon footprint. There is the so-called ?lifestyle assessment? and the input-output analysis. Lifestyle assessment works by adding up all the feasible emission pathways while the input-output analysis involves determining the total emissions of a particular country, dividing it by the carbon-emitting sectors and estimating the overall emissions of each sector. The input-output analysis makes sure that no emission pathway is missed out.

Calculating your carbon footprint manually is an effective way for you to understand your emissions better. You just need a lot of patience to learn how each footprint is generated. Moreover, there are also several resources online that can help you calculate your carbon footprint. Online carbon calculators are abundant across the web. To make your life simpler, you can opt to try those online calculators and easily determine your carbon emissions. However, such calculators vary in scope. So make sure that the online carbon calculator, you choose, is one that?includes emissions both direct and indirect.

Avoiding Toe Prints

A toe print is a portion of a footprint. Sometimes, people are misled in their calculations because they only get a carbon toe print instead of a footprint. The idea is that, you should cover a smart scope of your carbon emissions. Not only measuring a portion, but the whole.

Say for example, running a conventional car. The carbon emitted from the car is not only the fuel combustion from the diesel or petrol.? Likewise, the carbon released as the gas was processed and transported to your nearby gasoline station is also an addition to your carbon footprint. If you do not understand this, you will end up calculating your direct emissions while neglecting the indirect ones.

Be wise in calculating your carbon footprint. And when in doubt, whether you are an individual or a business entity, you should seek help from experts who can do it right.

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK
How Small Irish Businesses Avoid the GDPR Sting

Accountants providing chartered accounting services and tax advice are alerting smaller Irish companies to the consequences of the pending General Data Protection Regulation (GDPR). They believe these are going to feel the most pain come 25 May 2018, if they do not implement GDPR by then. We are trying our best to help avoid this situation by providing advice.

How to Kick the GDPR Ball into Play

The Irish Information Commissioner?s Office has produced a toolkit regarding where?s best to start. They suggest beginning with an information security assessment to determine the gaps companies need to close. Once quantified, this leads naturally to a plan of action, and resources needed to fulfil it. Here?s how to go about it:

1. Start by assessing your current ability to identify, assess, and manage threats to customer data security. Have you done anything at all to date? You must be holding some customer information surely, and it is highly likely the GDPR applies to you.

2. Next, review your company?s current customer data security policies. Are they documented and approved, or do new employees discover them sitting next to Nellie? Rate yourself on a scale where ten is successful implementation.

3. Now consider how well you have pinned responsibilities on individuals to implement policies and take the lead on GDPR. The latter should be the business owner, or a board member with clout to make things happen.

4. By now, you should have a grasp of the scale of work ahead of you, remembering the EU deadline is 25 May 2018. If this sounds overwhelming, consider outsourcing to your accountant or a specialist provider.

5. Under the General Data Protection Regulation you have only 72 hours to report a breach of customer data security to the Information Commissioner?s Office. Do you have a quality assurance mechanism to oversee this?

Tangible Things to Bring Your Own People on Board

With all the changes going on, there is a risk of your employees regarding GDPR as ?another management idea going nowhere.? Thus, it is important to incorporate the new EU regulations in staff training, particularly with regard to data security generally. They may fully come on board only once they see tangible signs of progress. You should in any case put the following measures in place unless you already have them:

1. A secure area for your servers and for any paperwork your customers provided. This implies access control on a need-to-know basis to protect the information against loss, damage, and theft.

2. A protocol for storage media and record disposal when you no longer require them or something supersedes them. You are the custodian of other people?s information and they deserve nothing less.

3. Procedures to secure customer data on employee mobile devices and computers: This must extend to work done at home, at consultant sites, and by remote workers.

4. Secure configuration of all existing and new hardware to minimise vulnerability and storage media crashes. These quality assurance measures should extend to removable media and remote backups.

So Is This the Worst of the Pain?

We are at the heart of the matter, although there is more to tell in future articles. You may be almost there, if you already protect your proprietary information. If not, you may have key company information already open to malware.We should welcome the EU General Data Protection Regulation as a notice that it is time to face up to the challenges of data protection and security generally. The age of hacking and malware is upon us. The offender could be a disgruntled employee, or your competition just down the street. It is time to take precautions.

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK

Ready to work with Denizon?

Contact Us Today