Tag Archives: Information Security
Tagged Information Security, RFP, Risk Management, Workplace Culture
- Who’s the Boss of Workplace Culture?
When asked what they do to preserve and strengthen workplace culture, HR professionals and managers were on the same page, listing “training and development” (72 percent and 61 percent, respectively) and “getting feedback from employees and acting on it” (45 percent and 46 percent) as the two top strategies.
- Why Create RFP Hell?
This is not a good thing to do. A company with a reputation for putting its potential suppliers though RFP hell is not one that many suppliers will want to deal with. The more a supplier’s peers complain about RFP hell with Company X, the fewer are the suppliers who will even acknowledge the existence of an RFP from Company X. As the word of RFP Hell from Company X spreads, the only suppliers that will respond to an RFP from Company X are those that are desperate. Those in bad financial shape, those without a stable customer base, and those with a bad reputation. These are not suppliers you want to deal with.
- How to build cybersecurity into outsourcing contracts
Customers must perform a gap analysis between the vendor’s offering and the customer’s requirements to identify gaps and determine whether they can be covered by either party. In addition, narrow limitations of liability—frequent in cloud contracts—can warp the incentives for protection against cyber risk. While there has been a significant growth among sophisticated cloud vendors who are able to address their customers’ data protection and compliance requirements, there is still substantial variation among cloud vendors’ ability to adequately address such requirements.
The key contractual provisions to mitigate cyber risk are: (1) the security standards required of the vendor; (2) restrictions on subcontracting; (3) employee related protections, such as background checks and training; (4) security testing; (5) security audits; (6) security incident reporting and investigation; (7) data retention and use restrictions; (8) customer data access rights; and (9) vendor liability for cyber incidents.
- Failure to Monitor a Supply Chain for Risk Can Tarnish Your Brand
A recent study by CIRANO found that while there is an 80% chance of a company losing at least 20% of its value at least once during a five year period as a result of a negative, but well publicized, incident, a major incident that negatively impacts the brand in a significant way can be much worse. Just ask Airbus that had its stock plummet by over 26% in a single day, equivalent to a market capitalization loss of approximately €5.4 Billion, after it announced on the close of trading on June 13, 2006 that issues with the supply and installation of electrical harnesses would lead to a further six-month delay in the delivery of the A380 (and that the impact of the disruption on earnings before interest and tax would be €500M per year for four years).
- SAP Ariba bids to transform financial supply chain in partnership with Prime Revenue
“To compete and win in today’s global economy requires digital supply chains that are connected, agile and intelligent,” said Alex Atzberger, President, SAP Ariba. “In joining forces, SAP Ariba and PrimeRevenue can create a closed-loop system that links all of the data companies need to manage transactions and supply chain financing events with greater insight, speed and simplicity than ever.”
Photo: Calib Frith
Tagged Information Security, Strategic Sourcing, supply chain
- Why Your First Generation Sourcing Platform Is Not Ready For Modern Sourcing
Many organizations that acquired these suites and applied them successfully saw year-after-year returns of 10%+ on the spend brought under management. And a few are even seeing some savings today, but just like the second auction saw little savings and the third auction saw a price increase, the year-over-year return is dropping. Why? Because while these first generation platforms were infinitely more powerful than anything that had come before, they weren’t designed to capture the full extent of complexity in an average category — complexity that has been considerably increased since the early days of sourcing due to increased outsourcing, increased globalization, increased regulation, and a constantly evolving global marketplace.
- How to Be Promotable
Anybody (well, almost anybody) can do what they’re told. To get promoted, you have to go above and beyond. Taking on additional responsibilities without being asked is not only a great way to demonstrate your work ethic, energy, and skills, but it also lets your boss know that you’re ready (and able) to expand your scope. When you take on more than the norm, your boss can’t help but think that you’re capable of a bigger role. This includes showing that you’re willing to take risks by making innovative suggestions.
- Third of supply chain processes ‘inadequate’
The findings also revealed that Europe and North America appeared to lag behind the developing world in terms of “process maturity” when comparing weighted averages, with fewer companies reaching the basic competency level. Some 32 per cent of firms’ processes in Europe and North America were found to be inadequate compared to 22 per in developing countries. This “surprising result” could reflect the tendency of processes to get worse over time and may also be a result of the move of manufacturing out of the old markets and the removal of good process discipline from those markets, the research suggested.
- Paris attacks demand ‘wake-up call’ on smartphone encryption
“A lot of people in these terror groups have developed encryption techniques, and France has one of the most sophisticated systems for monitoring communications. If France didn’t pick up this attack in advance, it’s a wake-up call for all of us,” said Darren Hayes, assistant professor and director of cybersecurity at Pace University.
Encrypted messages reportedly helped ISIS hide communications prior to the attacks, keeping security agencies from any advance warning of what was being planned. Some experts have blamed the attacks on the growth of cheap or free smartphone apps like WhatsApp or Chatsource that encrypt messages.
- How to Power Through the Day Without Any Sleep
Hanging around the coffee machine all day isn’t going to do much to give you sustained energy to make it through the day. While you may think gulping down caffeine will help you feel more alert, too much caffeine can cause you to feel jittery and anxious rather than focused. Dr. Lichten says 50mg to 100mg of caffeine is the optimal dose for alertness and focus. Opt for a short cup of coffee every four hours during the day, stopping at 4pm to prevent another poor night of sleep.
- A Race To The Bottom Or To Strategic Business Partner?
This reaches far beyond top level competitor intelligence. This is the granular level information that can directly impact the financials of your organization. A good example of this would be working with sales teams. They will generally know the strengths and weaknesses of key competitors and their products. They may even know recent wins/losses of the key competitors. However, when you can work with them and let them know which individuals have recently left or are looking to leave the competitor and how this could impact the competitors delivery, this could have a genuine impact on the business. For example, if a Program Director has recently left a competitor, what was their succession plan? How will this impact the competitor’s delivery on future programs?