CC Issue No.73-Sep 12 by CC MaGC

Consultants’ Corner Volume 5 | Number 73 | Sep 2012 | Page 1– 12

Chaos…is what we choose Page. 03

Praveena K R

Information Security - An Introduction Page. 04

NCR Consultants Limited www.ncrcl.com Associates with

Our Mission is to apply our professional capabilities with a holistic approach for the happiness of clients, through values and social commitment.

Inside Information Security - An Introduction Information is an organizational asset far more important than the actual hardware that houses it. When this fact is neglected, this asset literally and figuratively walks out the door at considerable expense to the organization.….… -read more...page 4

News

Message from Dr. RSM

Information Security - An Introduction

Identify self-sabotaging behaviour and avoid it

Enjoy the Situation

What’s up at NCRCL?

An Exclusive Talk

10 Parichay 11 Knowledge Snippet 11 Birthday Greetings 11 Just for Laughs 11 Round Table

see more..page 8

Identify self-sabotaging behaviour and avoid it

Enjoy the Situation

read more..page 7

Parichay An exclusive talk with Karthik see more..page 9

Altacit Global see more..page 10

Consultants’ Corner

Chaos…is what we choose Dr. R. S. Murali muralirs@ncrcl.com In the last two months we have been discussing about what we need to do in order to get rid of Chaos that we meet in day to day life. Chaos or obstacles or problems or issues arise due to various reasons. Some seem to be originating externally and some internally. But the facts of living science tell us how these can be tackled. This is what we have been discussing the last two months. Last month, we began discussing on the premise ―Chaos originates in our day to day work primarily due to: lack of knowledge, not organizing ourselves, not using appropriate approach/methodology in what/how we do, and the way we react/interact with others‖. Initially we discussed on organizing/planning, and discussed how knowledge plays a major role in various decisions we take, and how interaction with others need to be done. After discussions relating to these, we started focusing on: Exercise, Diet and Meditation. Last month we discussed about Exercise and Diet and now it is time for meditation. Meditation is one of those words used frequently and mostly misused. A few decades ago the term meditation was less popular than today. Usage of this word was restricted to a spiritual few. Thanks to the communication technologies and the interest shown by the western world, the word has become so popular and has also been extensively commercialized. Very few people know that the word ―Dhyan‖ (meditation in Sanskrit) became ―Chan‖ in China and ―Zen‖ when it found its way to Japan. Now the word Zen is associated more with Buddhism than with Hinduism. Technically the term ‗Dhyan‘ means ‗attention‘. The issue is what is this attention and in which context? The word attention can be interpreted in many ways: concentration, observation, awareness and so on. Also today meditation has been made into a technique, and part of yoga or mind/body training. Let us understand first what is meditation conceptually. Meditation is the process of observing oneself – this and this only is true meditation. How does one observe oneself? Firstly, one has to understand oneself. What he/ she is made of? – the body, mind, intellect combination and the role of each. Cutting this process short at the end of the analysis one understands that the true self is not this body or the mind but the true substratum behind these. From this position one should be able to observe what the mind and body do. This process is called meditation; and for people with good understanding and no ego, this can happen throughout the day in every activity they do. Such persons can do any job well and will always be efficient as there is no ego in them. This is the true meditation.

Actually it is very simple but it requires very good understanding inwardly. The true happiness in everything we do is the direct result of such meditative disposition. Possibly for the purpose of understanding, we can call it vedantic meditation. The popular form of meditation that is yogic meditation makes one‘s body and mind efficient. There can be no time when the mind will keep quiet. In the former meditation discussed one would observe how the mind behaves and how the thoughts originate. In this yogic meditation, one tries to reduce the multiple thoughts to single thought so that there is order, concentration and peace. By making the thought single one gets a lot of energy to do day to day work efficiently. This is often done by chanting a mantra repeatedly (small or big) or following a piece of music. In these cases, there is a bit of imagination but through the process of imagination the required concentration and hence peace is experienced. Whether we prepare ourselves through the yogic or vedantic meditation, it is extremely important that we get into the routine of meditation. At NCRCL, we are spending about half an hour every week on Friday on meditation, which is totally yogic meditation, which is a beginning. Now what are the results of such a practice? First and foremost, we can feel the peace and mental energy. Many of our colleagues in NCRCL have told me that they feel thoroughly refreshed after the meditation session. Yes this is a fact as all the stress and tension bearing thoughts are cut-off. This helps in becoming efficient as there is freshness and peace. It is like clearing the temporary memory in our computers by which the system starts working efficiently. As frequently as we clear this RAM, our system will work efficiently. This means that we should practice meditation more frequently. The chaos in our day to day work thus can be reduced by: Systemic approach to work, increasing our knowledge, using right methods, increasing interaction with others effectively. Along with this, we need to have right amount of physical exercises supported by consuming good and satvic food. To top all these up, at least yogic meditation should be done. We should gradually graduate ourselves to Vedantic Meditation. These are simple prescriptions and once we do all these it will be easy for us to realize and recognize that in most of the cases chaos is created by our own selves!

Consultants’ Corner

Information Security - An Introduction Praveena K R praveena@ncrcl.com

Information as an Asset

ISMS definition & its components

Information is an organizational asset far more important than the actual hardware that houses it. When this fact is neglected, this asset literally and figuratively walks out the door at considerable expense to the organization. To be an effective organization one needs to treat information as valuable asset, with the concomitant priority, resources, and procedures. Most information today is created, stored, transported, or processed at least in part using information technology (IT). No one denies the necessity to adequately protect the IT landscape. In addition, information from all other phases of business processes must be adequately protected. IT security incidents such as the disclosure or manipulation of information can have wide-ranging, adverse affects to a business or can prevent the organisation from performing its tasks, resulting in high costs.

Information Security Management Systems (ISMS) is a systematic and structured approach to managing information so that it remains secure. ISMS implementation includes policies, processes, procedures, organizational structures and software and hardware functions. The ISMS implementation should be directly influenced by the organization‘s objectives, security requirements, processes employed, size and structure. An ISMS specifies the instruments and methods that the management should use to clearly manage (plan, adopt, implement, supervise and improve) the tasks and activities aimed at achieving information security. ISMS involves the following essential components:

Need for Information Security The meaning of information security is Safe-guarding an organization's data f rom unauthorized access or modification to ensure its availability, confidentiality, and integrity. Business information might be printed on paper, kept on computer systems or stored in the minds of the users. Additional generic terms used in information security include, for example, authenticity, validity, reliability, and non-deniability. Information security may be threatened by various factors. Some illustrations are given below: 



Wilful acts such as computer viruses, interception of communications or computer theft, Force majeure (e.g. fires, flooding, storms and earthquakes) can directly affect data media, IT systems or block access to the computer centre. Documents, IT systems or services are therefore no longer available as required, After an unsuccessful software update, applications cease to function or data has been modified without being noticed, An important business process is delayed because the only staff members familiar with the software application are ill, or Confidential information is inadvertently passed on to unauthorised persons by a staff member because documents or files have not been marked "confidential".

1. Management principles 2. Resources 3. Personnel 4. Information security process. This includes: a) Policy for information security in which the information security objectives and strategies for their implementation are documented b) Information security concept c) Information security organisation

Kindness and compassion toward all living things is the mark of a civilized society. - Cesar Chavez

Consultants’ Corner

Information Security Standards The various important standards in respect Information Security have been listed below:

Advantages of ISMS Certification of

1. ISO/IEC 27002:2005 (Code of Practice for Information Security Management): This is an international standard that originated from the BS7799-1, one that was originally laid down by the British Standards Institute (BSI). ISO/IEC 27002:2005 refers to a code of practice for information security management, and is intended as a common basis and practical guideline for developing organisational security standards and effective management practices. 2. ISO/IEC 27001:2005 (Information Security Management System -Requirements): This standard specifies the requirements for establishing, implementing, operating, monitoring, reviewing, maintaining and improving a documented Information Security Management System (ISMS) within an organisation. It is designed to ensure the selection of adequate and proportionate security controls to protect information assets. 3. ISO/IEC 15408 (Evaluation Criteria for IT Security: This standard is commonly known as the ―Common Criteria‖ (CC). It consists of three parts: ISO/IEC 15408-1:2005 (introduction and general model), ISO/IEC 15408-2:2005 (security functional requirements) and ISO/IEC 15408-3:2005 (security assurance requirements). The standard helps evaluate, validate, and certify the security assurance of a technology product against a number of factors, such as the security functional requirements specified in the standard. 4. COBIT: The Control Objectives for Information and related Technology (COBIT) is ―a control framework that links IT initiatives to business requirements, organises IT activities into a generally accepted process model, identifies the major IT resources to be leveraged and defines the management control objectives to be considered‖. The IT Governance Institute (ITGI) first released it in 1995, and the latest update is version 5.0, published in 2012. COBIT is increasingly accepted internationally as a set of guidance materials for IT governance that allows managers to bridge the gap between control requirements, technical issues and business risks. Based on COBIT 4.1, the COBIT Security Baseline focuses on the specific risks around IT security in a way that is simple to follow and implement for small and large organisations.

The various advantages for an organisation in getting its ISMS certified by ISO are as follows: 

Provides a structured way information security within an



organisation



Provides an independent assessment of an organization‘s conformity to



the best practices agreed by a community of experts for ISMS.



Provides evidence and assurance that an organization has complied with



the standards requirement.



Enhances information within the organization.



Enhances the organization‘s global positioning and reputation.



Increases the level of information security in the organization.

security

managing

governance

ISMS Consultancy Opportunity In the current age of Information revolution, ISMS provides a tremendous opportunity for Management Consultants. Organisations are showing increasing interest in complying with ISO 27000 series. Consultants can fit in umpteen roles in this process; as planners, designers, implementers, auditors, etc. At this juncture it is important to equip oneself with IS related qualifications such as CISA, CISSP, CISM, etc. and certifications provided by reputed institutions such as BSI, ICAI, etc. Related Links: Some links that make a useful read on this topic are: http://www.isaca.org/cobit/pages/default.aspx http://www.27000.org

Concentrate all your thoughts upon the work at hand. The sun's rays do not burn until brought to a focus. - Alexander Graham Bell

Consultants’ Corner

Identify self-sabotaging behaviour and avoid it Rekha Murali rekha@ncrcl.com (As published in ‗The Hindu—opportunities‘ dated July 18, 2012)

―My project is my topmost priority. I cannot involve myself in other activities.‖ These are the words of Ramya, a qualified IT professional. Ramya displayed a block with regard to working as a team and being involved in activities that require extra effort. This behaviour alienated her from the others and left her with hardly any friends. However, Ramya was convinced that she was being a thorough professional in spite of her immense personal issues. What went wrong with Ramya? She developed self-sabotaging behaviour which psychologists also term as ‗self handicapping‘ behaviour. This behaviour forms a protective wall from the outside world and allows the person to avoid failures through assuming an imaginary obstacle on the path, procrastination, and negative beliefs about oneself. Research indicates that this leads to negative self-esteem where a person is encouraged to make excuses for poor performance. A recent research on ‗self-sabotage and why some people can‘t handle success‘ was done by Dr. Jason Plaks from the University of Toronto along with Kristin Stecher from the University of Washington. They found that performance goes down when people have a fixed view of their abilities which makes them disoriented and anxious if they are successful. People like Ramya try to escape by switching jobs frequently as adapting themselves to an environment becomes difficult. This is because they are convinced that they are right and the world has turned against them! They fear failure and feel safe in their protective cocoon of negative self-esteem. What are the signs of self-sabotaging behaviour? This behaviour is very subtle and soon becomes a habit leading to a definite pattern before you realise that you are a victim of this behaviour. There is no logical or reasonable explanation for this condition. The excuses form a pattern and vary from physical ailments to not having enough time to complete the tasks. The mental patterns include not accepting the subconscious truth but substituting it with the pain of the conscious mind which is a strong weapon preventing you from thinking beyond it! Fear, focussing on things that are not right, drifting with no real purpose, falling or failing relationships are some of the tell tale signs which need to be identified and accepted for taking any step towards overcoming this behaviour.

What can we do to overcome self-sabotaging behaviour? Some simple steps include: Acceptance: The first step would be identifying and accepting that your behaviour needs to change and that it is ruining you from being the person you could be! Warning signs: Watch for the warning signs and shift your focus to all the small things that work well for you. Talk to a colleague or mentor to steer you on to the right course. Set Goals: Convert all your excuses into small short term goals to be achieved one by one. This can be done by making a to-do list or having placards of the goal placed in strategic areas as reminders. Change thinking: Replace the negative thoughts with positive ones that would motivate you to accomplish your goals. Maintain a journal of all the positive outcomes of each day for motivation. Fear: Admit and accept failures as they lead you to the path of success. Graciously accept negative feedback to avoid the fear of failure, accepting that it is a learning to achieve mastery. Relationships: Appreciate the people in your life by looking at the qualities that you value in each relationship. This will motivate you to imbibe the values and also sustain the relationship. Give and take is an important part of any relationship. Create time to acknowledge the other person with all the traits on a regular basis. Inner enemies: Recognise that the enemies are the thoughts within you and therefore catch yourself each time you blame the big bad world outside. Professional help: If none of the above steps works, get professional help for assistance in overcoming this problem. This is something that can be easily rectified. Accepting that you need to change requires a lot of courage. This would motivate you to put in your best effort towards the desired change. It is ultimately in the hands of each individual to tap the inherent talent and potential towards learning and growth to lead a fulfilling and enriching life!

Turn your face toward the sun and the shadows will fall behind you. - Maori Proverb

Consultantsâ&#x20AC;&#x2122; Corner

Enjoy the Situation Suresh C S sureshcs@ncrcl.com

In Washington, DC, at a Metro Station, on a cold January morning in 2007, this man with a violin played six Bach pieces for about 45 minutes. During that time, approximately 2,000 people went through the station, most of them on their way to work. After about 3 minutes, a middle-aged man noticed that there was a musician playing. He slowed his pace and stopped for a few seconds, and then he hurried on to meet his schedule. About 4 minutes later: The violinist received his first dollar. A woman threw money in the hat and, without stopping, continued to walk. At 6 minutes: A young man leaned against the wall to listen to him, then looked at his watch and started to walk again. At 10 minutes: A 3-year old boy stopped, but his mother tugged him along hurriedly. The kid stopped to look at the violinist again, but the mother pushed hard and the child continued to walk, turning his head the whole time. This action was repeated by several other children, but every parent - without exception - forced their children to move on quickly. At 45 minutes: The musician played continuously. Only 6 people stopped and listened for a short while. About 20 gave money but continued to walk at their normal pace. The man collected a total of $32. After 1 hour: He finished playing and silence took over. No one noticed and no one applauded. There was no recognition at all. No one knew this, but the violinist was Joshua Bell, one of the greatest musicians in the world. He played one of the most intricate pieces ever written, with a violin worth $3.5 million dollars. Two days before, Joshua Bell sold-out a theatre in Boston where the seats averaged $100 each to sit and listen to him play the same music. This is a true story. Joshua Bell, playing incognito in the D.C. Metro Station, was organized by the Washington Post as part of a social experiment about perception, taste and people's priorities. This experiment raised several questions: In a common-place environment, at an inappropriate hour, do we perceive beauty? If so, do we stop to appreciate it? Do we recognize talent in an unexpected context? One possible conclusion reached from this experiment could be this: If we do not have a moment to stop and listen to one of the best musicians in the world, playing some of the finest music ever written, with one of the most beautiful instruments ever made. How many other things are we missing as we rush through life? Enjoy life NOW. It has an expiration date!!!!! Source: Internet

It is our choices that show what we truly are, far more than our abilities. - JK Rowling

Consultants’ Corner

What’s up at NCRCL? Representatives of the State Audit Department of Andhra Pradesh visited NCRCL Bangalore on 8th August 2012. VRS and Ashok took them through the implementation of FBAS in BBMP.

VRS and Ashok visited State Institute of Rural Development in Mysore on 14th August 2012. See the training studio for conduct of online training.

Kishore attended a workshop on Enhancing Business Performance through Process Mapping, conducted by CII at Puducherry on August 28, 2012

Rekha Murali presented a paper on ―Emotions and Well-being‖ at a national seminar on ―well-being across life spans‖ organised by Ethiraj college for Women, Chennai on August 20, 2012.

Consultants’ Corner

An Exclusive Talk with Karthik M V

Karthik M V Working as Consultant Born on 06th March Email: Karthik@ncrcl.com Mob No: +91 9036146369

CC. The meaning of your name. Karthik: I was named after my star ―Karthika‖ in Malayalam. And there ends the story I think! CC. Nickname. Karthik: M V CC. Your dream job. Karthik: Where my work involves a lot of talking and meeting new people.

CC. What do you most hate in a person? Karthik: Practicing not being judgemental these days. Accepting the way people are gives YOU peace. CC. Team work vs Individual work – your comments. Karthik: Depends on the sport we are playing!

CC Your first impression of NCRCL. Karthik: An unusual work profile for a fresh CA to have.

CC. Do you make efforts to get others to laugh and smile? Karthik: Yes I make my efforts. But the rest is not in my hands!!

CC. What personal/emotional characteristic of yours do you want to change? Karthik: My anger and laziness

CC. Your heart rules your head or your head rules your heart? Karthik: Head rules!

CC. Money or job satisfaction? Karthik: Job satisfaction any day but for the last day of the month!!!

CC. What kind of special talent do you have? Karthik: Nothing

CC. Your Stress buster. Karthik: Music and Outdoor Sports CC. Do you have a small circle of close friends, rather than a large number of friends? Karthik: Large number of friends. And yes, some are 3 a.m. friends too. CC. What do you most like about a person? Karthik: Confidence

CC. What are your hobbies? Karthik: Playing, Reading and Music. Any of these three and I am busy for the whole day!

"You may say that I'm a dreamer but I'm

not the only one, I hope someday you'll join us and the world - John Lennon

Parichay

Know our Associates!

Altacit Global Altacit Global is a boutique legal firm specialising in Intellectual Property and Corporate Legal Matters. They have a strong international flavour in their working practices addressing needs of individual industry groups. Altacit Global's Quality Management Systems for the provision of Intellectual Property and Legal Consulting Services has been certified by the Quality Austria Central Asia as being compliant with ISO 9001:2008. Their core team consists of professionals who come from multidisciplinary and diverse backgrounds such as science, engineering, law, chemical, pharmaceutical, medical and business administration. Altacit Global invests substantive resources into practice development based on extensive research. The firm works closely with many Industry Associations and Chambers of Trade and Commerce in disseminating knowledge. Situated in important cities of Chennai, Bangalore and Coimbatore they are home to Intellectual Property & Trademark Office [Branch], Intellectual Property Appellate Board, High Court of Madras, High Court of Karnataka and Indian Geographical Indications Registry. NCRCL is associated with Altacit Global the past two years and have been jointly involved in consulting work pertaining to IP and legal Matters. Some interesting projects which included brand valuation has been successfully completed as a joint venture.

Consultantsâ&#x20AC;&#x2122; Corner

Knowledge Snippet Which management guru with a background in medicine wrote a book called the "Mechanism of Mind"? Send in your answers to the editor at cc@ncrcl.com

Answer To last monthâ&#x20AC;&#x2122;s Knowledge Snippet question: For feedback In which unit is the speed of computer mouse measured?

Answer: Mickew

Happy Birthday!

Karthikeyan - 1st Sep

If you have any comment/suggestion for the editors, please write to us at cc@ncrcl.com! Your views and comments on articles featured here are also welcome!

Ha Ha Ha !!!

U.S.Mohanty - 4th Sep

R.S.Murali - 5th Sep

Bhavana R - 14th Sep

Roopa Kamath - 22nd Sep

Ever tried. Ever failed. No matter. Try Again. Fail again. Fail better. - Samuel Beckett

NCR Consultants Limited

Our Business Associates

NCR & Co Chartered Accountants

www.hsbconsulting.biz

www.4spl.biz

www.mcmillanwoods.com

www.obsitech.com

www.nathaninc.com

www.deltacadd.com

www.fichtner.in/india.htm

www.altacit.com

Karnataka Institute of Public Auditors

www.ineval.org

www.fugoconsulting.com

i2i IFRS

Contact

Registered Office: 2nd Floor, New No. 4, Old No. 23, C P Ramasamy Road, Alwarpet, Chennai - 600 018 Ph: +91 44 2466 0955 Fax: +91 44 4218 5593 Email: chennai@ncrcl.com

Branch Office: #107, 1st Floor, Railway Parallel Road, Kumara Park West, Bangalore - 560 020 Ph/Fax: +91 80 23560265 Email: bangalore@ncrcl.com

Website: www.ncrcl.com