08-05 Contents: Data leakage, ICS events, SoftTest, Eusprig, Spreadsheet Safe training and certification
ISSN 1649-2374 This issue online at http://www.sysmod.com/praxis/prax0805.htm [Previous] [Index] [Next]
| Systems Modelling Ltd.: Managing reality in Information Systems - strategies for success | |
IN THIS ISSUE |
|
| 1) Risk & Security Aer Lingus 5-euro flights to the US from test data leaked to web Data Protection Commissioner Unprotected Irish Computer Society Privacy Forum Launch ICS Security Professionals Network presents ISO27001
|
|
| 2) Software Industry SoftTest Ireland for software testers Accounting for nothing
|
|
| 3) Spreadsheets Eusprig 2008 Safety in Numbers The bigger picture
|
|
| 4) Off Topic $5/hr for Excel skills?!
|
|
| 17 Web links in this newsletter |
|
| About this newsletter and Archives Disclaimer Subscribe and Unsubscribe information |
_______________________________________________________
I am happy to announce the launch this month of my training course for Spreadsheet Safe certification!
Patrick O'Beirne
_______________________________________________________ _______________________________________________________
Aer Lingus blamed a technical fault for an error which saw up to 300 people book 5-euro business-class flights to the US. However, the airline will provide economy-class seats to the customers who made the reservations between 7.30am and 9am, when a promotional fare test webpagewas mistakenly put up live. The flights of course were not 5 euro but about 150 euro each when taxes and charges were added.
http://www.rte.ie/news/2008/0418/aerlingus.html
The office of the Data Protection Commissioner, which aims to protect people's privacy, has been the subject of a data leak. Blogger Damien Mulley accessed their 2007 annual report on the Commissioner's website, which was not due to be released until 11am the next day. The report also contains a list of top 10 threats to privacy.
http://www.dataprotection.ie/docs/Home/4.htm
15 Case studies published by the DPC. Examples include
Case Study 4: NewTel Communications - Ordered to suspend marketing (three times in three years)
Case Study 10: Member of staff at Revenue accessing and using personal data of a taxpayer. DPC staff said they believe this breach may not have been an isolated incident.
Case Study 14: Ryanair - Remedial action taken for customers to unsubscribe
from marketing
"[Ryanair] invited recipients who wished to unsubscribe to send a blank email to
an email address which began with the word ‘leave’ and which consisted of a
string of over seventy characters comprising a varied mix of letters and
digits."
http://www.siliconrepublic.com/news/news.nv?storyid=single10966
http://www.ics.ie Irish Computer Society
On May 27th the Irish Computer Society will launch the ICS Privacy Forum, a dedicated networking space for data protection professionals or those with an interest in data protection and privacy issues. The ICS Privacy Forum aims to facilitate information sharing and discussion among professionals of all backgrounds on data protection issues that impact on their work. These might include emerging trends, opportunities or challenges in the data protection field. It will enable graduates of the ICS Data Protection Practitioner Certificate to keep their knowledge up-to-date.
The inaugural meeting of the ICS Privacy Forum will be held at 6pm on Tuesday, 27 May 2008 at the Irish Computer Society’s headquarters at Mount Street Crescent, Dublin 2. Speakers are Billy Hawkes, Data Protection Commissioner; Michael O’Farrell, Senior Manager, Risk Advisory Services, Ernst & Young; David Tarleston-Hodges, Author of ICS Data Protection Certificate, Training Manager, QT&C Ltd.
http://www.ics.ie/events ISO27001: Asset Management & Information Classification
Bored of making long lists? How to secure your information assets and still keep a social life. Michael Brophy (CEO Certification Europe) will present a practical approach to managing information assets and classifying information.
When: 15th May, 12.30pm Start. Registration/refreshments from noon
Where: ICS Headquarters, Crescent Hall, Mount St Crescent, Dublin 2
Cost: Free to members. 25euro to non-members
Sometimes, people may have different perspectives of health & safety :-)
____________________________________________________________
____________________________________________________________
http://www.SoftTest.ie The next meeting will be 17:30 on Thursday May 15th in IBEC Baggot St, featuring:
Business Process Testing by Johan Adriaansen, Citco Global Securities
Services Ltd.
Why automation fails, why we should keep trying. Walk through Business Process
Testing, why it is so powerful, and examples.
Surviving in an Agile Environment by Markus Clermont of Google
Switzerland.
How we try to ensure the quality of our software in the presence of short
release-cycles, iterative development, prototyping and the
absence of formal processes and documentation.
http://www.msofficeaccounting.co.uk/
Microsoft Office Accounting Express 2008 Download Microsoft Office Accounting Express 2008, a free accounting software for new and home-based small businesses. The home page has an animation, you have to wait for it to load before the 'skip intro' button appears, but free is free. It features Core Accounting (Nominal ledger, Sales Ledger, Purchase Ledger, invoicing, payments and banking), but not stocks, orders, modelling or multi-user access.
http://www.pcw.co.uk/personal-computer-world/software/2207529/microsoft-office-accounting-3685035 Review of MSOAE
A data migration wizard is currently included for Sage Line 50 v11 and v12 and Sage Instant Accounts v12, plus an import tool from Excel
http://www.accountingweb.co.uk/cgi-bin/item.cgi?id=175535 Accountingweb discussion from accountants
____________________________________________________________
____________________________________________________________
http://www.uwic.ac.uk/eusprig/2008/
The 9th EuSpRIG Annual Conference, theme "In Pursuit of Spreadsheet Excellence" will be at the University of Greenwich, London UK July 10-11 2008. It's only two months to go!
The primary sponsor of EuSpRIG 2008 is an innovative programme
Spreadsheet Safe™.
In response to the growing requirements of business to reduce the risks posed by
unsafe spreadsheets, Q-Validus, in conjunction with its training and testing
partners, BPP Learning Media and BTL Learning & Assessment, has developed
Spreadsheet Safe™, a training and certification programme designed to help
spreadsheet end-users and organisations assure and maintain good spreadsheet
design, usage and control.
I am an Authorised Spreadsheet Safe Trainer and will be offering the full training and certification programme.
http://www.spreadsheetsafe.com/product/syllabus/
The syllabus is aimed at the person who uses Excel to get an important job done.
If you're not sure about the skill levels of your current users, ask me about a
pre-course test that will let you know how familiar people are with these
essential basics. If you need more advanced coverage, ask me about that too.
The
Spreadsheet Safe™ syllabus was developed in conjunction with a number of the world’s
leading experts in the area of spreadsheet design, and control. I was one of
their Subject Matter Experts (SMEs).
The Spreadsheet Safe™ certification programme is designed by Q-Validus™,
whose management team has decades of experience in developing and delivering
global certification programmes As a trainer myself, I appreciate the clarity of
thought they bring to making complex topics accessible to the ordinary computer
user. I was privileged in working with them to learn how economically they can
construct the kind of penetrating questions that elicit the real state of a
person's skill.
• Raises standards in spreadsheet development, maintenance and control
• Delivers the skills and knowledge required to validate work and ensure the integrity of the information
• Increases awareness of key issues and potential problems in spreadsheet use
• Ensures high awareness of spreadsheet audit routines
• Mitigates risk around spreadsheet use
• Gives confidence in the validity and credibility of spreadsheets
• Demonstrates a commitment to best practice
• Certifies to an international standard
In the package you get the training manual, access to the online courseware, and you must sit the
certification test within 2 weeks. For 375 euro (less discounts for several
candidates from the same company) I offer a
one-day package of training and test, where from 9am to 3:30pm candidates work
through the syllabus and then after a break will sit the certification test
which is a 45 minute test of 32 items.
A sample extract from the training manual is available from
http://www.spreadsheetsafe.com/product/snapshot/
In my opinion, ten days preparation is enough provided you already know about formatting, passwords, range names, data import and export, SUM, IF and Lookup functions, error values, charting, (un-) hiding, the auditing toolbar, the Excel error checking indicators, and data validation. You can prepare for the examination well in advance by reading my book 'Spreadsheet Check and Control' and other good books on Excel. If you've never had a training course in Excel or read a book on it, it's going to be tough. Be frank with yourself and recognise that while you can leave some topics to a final course just before the exam, there is only so much new stuff you can absorb in a day. This is the kind of serious certification that employers demand, not a perfunctory test meant to pass anyone who simply wants a certificate. Success in this certification test means that the candidate is able in a minute or two to recognise a good or bad practice and describe how an error can be detected or prevented. To be that good you need an everyday familiarity with Excel and an automatic recognition of the situations that give rise to errors and how to reduce their incidence through planning, layout, and testing.
http://www.sysmod.com/az.php?a=190540400X&b=Spreadsheet+Check+Control Spreadsheet Check and Control is available worldwide from Amazon and directly from us with free shipping to EU:
http://sysmod.buy.ie/catalog/product_info.php?products_id=188
For further information check out www.spreadsheetsafe.com and http://www.sysmod.com/spreadsheetsafe
There are software utilities for greater efficiency in spreadsheet error checking. I provide training in spreadsheet auditing aimed at power developers and IT auditors. I can perform the audit if what you need is a first look to evaluate the business case for more institutionalised practices of development and testing. Contact me to take this further.
Effective spreadsheet control needs not just control tools but people enabled to reflect on and improve their own work. This has been an interest of mine ever since the days I gave training courses in the Personal Software Process (PSP).
Theory X states that workers need to be closely supervised and comprehensive
systems of controls developed. According to Theory Y, employees may be
ambitious, self-motivated and anxious to accept greater responsibility, and
exercise self-control, self-direction, autonomy and empowerment.
http://en.wikipedia.org/wiki/Theory_X_and_theory_Y
The spreadsheet controls market is dominated by the top-down process-heavy
supervisory methodologies that check up on the kind of spreadsheets that people
are creating. Inevitably this creates a blizzard of reports that require
filtering with an experienced eye to determine what is worth looking at.
A bottom-up approach should eventually reduce the amount of supervisory effort
by empowering knowledge workers to adopt responsibility for their work.
Back in 2001 Barry Boehm predicted that "The ranks of 'sorcerer’s apprentice'
user-programmers will swell rapidly, giving many who have little training or
expertise in how to avoid or detect high-risk defects tremendous power to create
high-risk defects."
http://www.cebase.org/www/AboutCebase/News/top-10-defects.html
Software Management article (Jan 2001) "Software Defect Reduction Top 10 List"
http://www.eusprig.org/conf2007report.htm
At the 2007 EuSpRIG Conference, Dean Buckner of the UK Financial Services
Authority reported once again that user training is still shockingly neglected. Many people
in the industry who spent most of their working lives working on spreadsheets
had often received just one or two days' training on Excel.
http://www.accountingweb.co.uk/cgi-bin/item.cgi?id=170552
"I'm not seeing any change to the dumb solutions. It's still spreadsheet hell,"
Buckner said. "For each visit I do at a bank, I have a look at a little bit of
code. You can guarantee you will always see a little bit of stupid code."
In his
presentation he said that accreditation is seen as burdensome, risky and
difficult – it implies generally accepted view on good practice, for a start. As
the Spreadsheet Safe syllabus contains the view of a number of world experts on
good practice in spreadsheets, it addresses the concerns that Buckner raised.
http://www.sysmod.com/psp.htm The Personal Software Process (PSP)
The Personal Software Process is a disciplined approach to improving one's
software development process. Through a series of eleven cumulative exercises,
developers learn to track time and defects, estimate, and improve quality
through design and code reviews. All we are expecting spreadsheet creators to do
is the defect management part of this process – to be able to recognise defects,
correct them, and prevent them where possible.
_______________________________________________________
_______________________________________________________
Simply send your comments to FEEDBACK (at) SYSMOD (dot) COM
Thank you! Patrick O'Beirne, Editor
_______________________________________________________ _______________________________________________________
http://www.scriptlance.com/projects/1209998212.shtml?ref=dcm
It's tough to make a living as a freelance - an initial bid
of $75 for a simple comparison facility has been gradually beaten down to the
latest one of $10. Mind you, the language of that offer does not inspire
confidence, but many of the $20+ bids look to be from genuine contractors, even
though they charge only $5 per hour.
_______________________________________________________
_______________________________________________________
Copyright (c) Systems Modelling Limited,
http://www.sysmod.com .
Reproduction allowed provided this copyright notice is included.
We appreciate any feedback or suggestions for improvement. If you have received
this newsletter from anybody else, we urge you to sign up for your personal copy
by sending a blank email to EuroIS-subscribe (at) yahoogroups (dot) com
For those who would like to do more than receive the monthly newsletter, the
EuroIS list makes it easy for you to discuss issues raised, to share experiences
with the rest of the group, and to contribute files to a common user community
pool independent of the sysmod.com web site. I moderate posts to the EuroIS list, to screen out inappropriate material.
Patrick O'Beirne, Editor
_______________________________________________________
ABOUT THIS NEWSLETTER
"Praxis" means model or example, from the Greek verb "to do". The name is chosen
to reflect our focus on practical solutions to IS problems, avoiding hype. If
you like acronyms, think of it as "Patrick's reports and analysis across
Information Systems".
Please tell a friend about this newsletter.
We especially appreciate a link to www.sysmod.com from your web site!
______________________________________________________
ARCHIVES
To read previous issues of this newsletter please visit our web site at
http://www.sysmod.com/praxis.htm
DISCLAIMER
This newsletter is prepared in good faith and the information has been taken
from observation and other sources believed to be reliable. Systems Modelling
Ltd. (SML) does not represent expressly or by implication the accuracy,
truthfulness or reliability of any information provided. It is a condition of
use that users accept that SML has no liability for any errors, inaccuracies or
omissions. The information is not intended to constitute legal or professional
advice. You should consult a professional at Systems Modelling Ltd. directly for
advice that is specifically tailored to your particular circumstances.
_______________________________________________________
PRIVACY POLICY:
We guarantee not to sell, trade or give your e-mail address to
anyone.
To subscribe to this Newsletter send an email to
EuroIS-subscribe (at) yahoogroups (dot) com
To unsubscribe from this Newsletter send an email to
EuroIS-unsubscribe (at) yahoogroups (dot) com
EuroIS is the distribution list server of the PraxIS newsletter. It also offers
a moderated discussion list for readers and a free shared storage area for
user-contributed files. The archives of this group are on YahooGroups website
http://finance.groups.yahoo.com/group/EuroIS/
_______________________________________________________