Information Security Management System: Introduction to ISO 27001

Current Scenario: Present day organizations are highly dependent on Information systems to manage business and deliver products/services. They depend on IT for development, production and delivery in various internal applications. The application includes financial databases, employee time booking, providing helpdesk and other services, providing remote access to customers/ employees, remote access of client systems, interactions with the outside world through e-mail, internet, usage of third parties and outsourced suppliers.

Business Requirements:Information Security is required as part of contract between client and customer. Marketing wants a competitive edge and can give confidence building to the customer. Senior management wants to know the status of IT Infrastructure outages or information breaches or information incidents within organization. Legal requirements like Data Protection Act, copyright, designs and patents regulation and regulatory requirement of an organization should be met and well protected. Protection of Information and Information Systems to meet business and legal requirement by provision and demonstration of secure environment to clients, managing security between projects of competing clients, preventing leak of confidential information are the biggest challenges to Information System.

Information Definition: Information is an asset which like other important business assets is of value to an organization and consequently needs to be suitably protected. Whatever forms the information takes or means by which it is shared or stored should always be appropriately protected.

Forms of Information: Information can be stored electronically. It can be transmitted over network. It can be shown on videos and can be in verbal.

Information Threats:Cyber-criminals, Hackers, Malware, Trojans, Phishes, Spammers are major threats to our information system. The study found that the majority of people who committed the sabotage were IT workers who displayed characteristics including arguing with co-workers, being paranoid and disgruntled, coming to work late, and exhibiting poor overall work performance. Of the cybercriminals 86% were in technical positions and 90% had administrator or privileged access to company systems. Most committed the crimes after their employment was terminated but 41% sabotaged systems while they were still employees at the company.Natural Calamities like Storms, tornados, floods can cause extensive damage to our information system.

Information Security Incidents: Information security incidents can cause disruption to organizational routines and processes, decrease in shareholder value, loss of privacy, loss of competitive advantage, reputational damage causing brand devaluation, loss of confidence in IT, expenditure on information security assets for data damaged, stolen, corrupted or lost in incidents, reduced profitability, injury or loss of life if safety-critical systems fail.

Few Basic Questions:

• Do we have IT Security policy?

• Have we ever analyzed threats/risk to our IT activities and infrastructure?

• Are we ready for any natural calamities like flood, earthquake etc?

• Are all our assets secured?

• Are we confident that our IT-Infrastructure/Network is secure?

• Is our business data safe?

• Is IP telephone network secure?

• Do we configure or maintain application security features?

• Do we have segregated network environment for Application development, testing and production server?

• Are office coordinators trained for any physical security out-break?

• Do we have control over software /information distribution?

Introduction to ISO 27001:In business having the correct information to the authorized person at the right time can make the difference between profit and loss, success and failure.

There are three aspects of information security:

Confidentiality: Protecting information from unauthorized disclosure, perhaps to a competitor or to press.

Integrity: Protecting information from unauthorized modification, and ensuring that information, such as price list, is accurate and complete

Availability: Ensuring information is available when you need it. Ensuring the confidentiality, integrity and availability of information is essential to maintain competitive edge, cash flow, profitability, legal compliance and commercial image and branding.

Information Security Management System (ISMS): This is the part of overall management system based on a business risk approach to establish, implement, operate, monitor, review, maintain and improve information security. The management system includes organizational structure, policies, planning activities, responsibilities, practices, procedures, processes and resources.

About ISO 27001:- A leading international standard for information security management. More than 12,000 organizations worldwide certified against this standard. Its purpose is to protect the confidentiality, integrity and availability of information.Technical security controls such as antivirus and firewalls are not normally audited in ISO/IEC 27001 certification audits: the organization is essentially presumed to have adopted all necessary information security controls. It does not focus only on information technology but also on other important assets at the organization. It focuses on all business processes and business assets. Information may or may not be related to information technology & may or may not be in a digital form. It is first published as department of Trade and Industry (DTI) Code of Practice in UK known as BS 7799.ISO 27001 has 2 Parts ISO/IEC 27002 & ISO/IEC 27001

ISO / IEC 27002: 2005: It is a code of practice for Information Security Management. It provides best practice guidance. It can be used as required within your business. It is not for certification.

ISO/IEC 27001: 2005:It is used as a basis for certification. It is something Management Program + Risk Management. It has 11 Security Domains, 39 Security Objectives and 133 Controls.

ISO/IEC 27001: The standard contains the following main sections:

 

  • Risk Assessment
  • Security Policy
  • Asset Management
  • Human Resources Security
  • Physical and Environmental Security
  • Communications and Operations Management
  • Access Control
  • Information Systems Acquisition, development and maintenance
  • Information Security Incident Management
  • Business Continuity Management
  • Compliance

 

Benefits of Information Security Management Systems (ISMS):competitive Advantages: Business partners and customers respond favorably to trustworthy companies. Having ISMS will demonstrate maturity and trustworthiness. Some companies will only partner with those who have ISMS. Implementing ISMS can lead to efficiencies in operations, leading to reduced costs of doing business. Companies with ISMS may be able to compete on pricing also.

Reasons for ISO 27001: There are obvious reasons to implement an Information Security Management System (ISO 27001). ISO 27001 standard meets the statutory or regulatory compliance. Information assets are very important and valuable to any organization. Confidence of shareholders, business partner, customers should be developed in the Information Technology of the organization to take business advantages. ISO 27001 certification shows that Information assets are well managed keeping into consideration the security, confidentiality and availability aspects of the information assets.

Instituting ISMS:Information Security -Management Challenge or Technical Issue? Information security must be seen as a management and business challenge, not simply as a technical issue to be handed over to experts. To keep your business secure, you must understand both the problems and the solutions. To institute ISMS management play 80% role and 20% responsibility of technology system.

Beginning: – Before beginning to institute ISMS you need to get approval from Management/Stake Holders. You have to see whether you are attempting to do it for whole organization or just a part. You must assemble a team of stakeholders and skilled professionals. You may choose to supplement the team with consultants with implementation experience.

ISMS (ISO 27001) Certification: An independent verification by third party of the information security assurance of the organization based on ISO 27001:2005 standards.

Pre-Certification: Stage 1 – Documentation Audit

Stage 2 – Implementation Audit

Post- certification: Continuing Surveillance for 2 years 3rd-Year Re-assessment/Recertification

Conclusion: Prior to implementation of management system for Information Security controls, organization does have various securities control over information system.These security controls tend to somewhat disorganized and disjointed. Information, being a very critical asset to any organization needs to be well protected from being leaked or hacked out. ISO/IEC 27001 is a standard for Information security management system (ISMS) that ensures well managed processes are being adapted for information security. Implementation of ISMS lead to efficiencies in operations leading to reduced costs of doing business.

What Is Information Literacy?

Information literacy is the ability to find the information that we need and use that information. This need could be getting information about different courses that the universities offer or selecting the right tour operator for our next vacation. We make numerous trivial decisions everyday and some important ones now and then, like finding the right car or choosing the correct insurance policy. To make the right decision, or more importantly, to make the most beneficial decision, we need to gather all the relevant information before we can analyze the information and make a decision. Therefore, essentially, all the tasks that fall between identifying the information need and using the information that we find to make a decision fall under the scope of information literacy.

So how do we know if we are information literate? An information literate person can:

· Define the problem: That is we can recognize what the problem is and put that in words. Based on this problem, we can define the information that we need. For example, we wish to travel to Europe. We will want to know – the best time to travel, the average cost of travel, the places we want to visit, and so on. Defining all this is the first step in identifying the information need.

· How to get the information: After we define the information that we want to make the decision, we must then identify the sources of information. These sources could be people who have been to Europe, some tour operators, web sites, and so on. An information literate person at this point will create a strategy for finding the relevant information by identifying the most useful and relevant information sources.

· Where to get the information: Now, we know what information we need and how we can find this information. The third step is to find these information sources. We will know people who have travelled to Europe in our community. In current times, we can use the social networking web sites to find people who have been to Europe to hear their first-hand accounts and experiences. Other than these people, we can look up government tourism web sites to get most of the information.

· Is everything true? People are generally truthful about narrating their experiences, but these could be biased for any number of reasons; we all don’t have the same likes and dislikes. There is a lot of information online, but then not everything we read is true. My point? We can define the information need and get the information too; however, we also need the ability to evaluate critically the information we have. For example, the ability to separate a commercial sales pitch from genuine information.

· Using the information: Whew! This has been a long journey and we have all the ingredients ready. But, it is all in bits and pieces. We still need to assemble all of this information in a way that will help us make that decision about the tour. Define priorities perhaps? Decision based on the variables that we defined in the first step.

Information literacy is not new. It is just that we have a lot of information available and need to be aware of ways to look systematically for the information if we do not wish to drown in this ocean of information. Constantly evolving technology and ways of communication make the task more difficult. So, next time you are looking for information, keep these steps in mind before you dive in the World Wide Web.

Technical writers present information to their readers by identifying readers’ information need. Presenting only the relevant information forms the core of their job. Therefore, this is one skill that technical communicators must master reduce the effort readers have to put-in to use the information. Please visit my blog to know why information literacy is more important for technical writers and what do employers think about these skills when they are hiring a technical writer.

David Ogilvy’s Classic Work: How to Create Advertising That Sells Review Part 3

How to Create Advertising that Sells Review Part 3

Almost Home…

David Ogilvy’s classic How to Create Advertising That Sells Review Part 3 looks at rules eighteen through twenty-seven. It starts with the maxims about TV ads and moving to the maxims of ads in print. The advertising medium isn’t necessarily what’s important here. These maxims pay big and offer a proven history. Get the most out of each advertising dollar. Apply these maxims, regardless of the chosen medium.

Rule 18: Music

Even though, according to Ogilvy, most won’t believe this, music behind the ad in commercials decreases the consumer’s ability to remember ads. Not good, right?

Rule 19: Standups

Stand-up Pitches work if “delivered” with honesty says Ogilvy.

Rule 20: Sore Thumb

The average viewer watches more than 20,000 commercials in a year. Desperate times call for desperate measures! Ogilvy says brand it and make it one of a kind. A symbol (like imperial’s crown) or even a mnemonic device can be used.

Rule 21: Animate?

Cartoons really sell to children. Children don’t hold the power of the pocketbook however. It’s critical to know the audience. Cartoons and animation doesn’t turn over to customers when adults are the target. Grown-ups can’t “identify” with animation. This makes it less persuasive.

Rule 22: Save it!

Find out WHY an ad didn’t work. Then, repair it. Once fixed, it’s ready to go to work for real!

Rule 23: Factual vs. Emotional

In the big scheme of things, commercials which offer facts about the product or service will rank as more effective than ones using emotions. Ogilvy’s example was Maxwell House Coffee. It was very emotional and a huge success. It goes both ways, but stats say go with the facts.

Rule 24: Attention Grabbers

Commercials which open with a fast, grab the attention of viewers, and tend to hold their attention significantly better to the end than the quiet-start commercials.

What Works Best in Print…

As part of this How to Create Advertising that Sells Review Part 2, we’ll move to print advertising. We’ll look at what works and what does not.

Rule 25: 80/20

What’s 80/20? Sadly, only twenty percent of viewers will go past headlines in order to reach the content. Since eighty percent DO read the headlines, the sale takes place in the headline! There’s a conversion rate which is 5 times greater than not creating a dynamic headline. Ogilvy always used his company name and gave promise in the headline.

Rule 26: Benefits

Headlines giving a solid benefit get more sales over those that do not. Human nature makes anyone want to find out what’s in it for them! This is one of the strongest maxims in this How to Create Advertising that Sells Review Part 3 to be found.

Rule 27: News

People are curious about new products or service. They want to know which products have been changed or improved, giving reason to read on. The stats say headlines that tell sell.

Review in Summary

That completes this next part of David Ogilvy’s How to Create Advertising that Sells Review, part 3 of 4. Television and print are obviously very different advertising mediums. However, there is much to learn and apply from both arenas… Remember: Say ‘No’ to background music. Stand-ups work. Stand above the crowd. Fix whatever isn’t converting and try it again. Facts sell more than emotion. Grab the viewer’s attention right out the door. Power is in the headline… don’t mess it up! Show the consumer “what is in it for them”… give the biggest, strongest benefit inside the headline. Finally, share newsy points about what’s being sold will work extremely well.

Part four of How to Create Advertising that Sells Review will conclude more million-dollar truths by Ogilvy and show what works and what doesn’t. If viewer’s attention isn’t grabbed or demanded, the sale is lost! Part 4 promises to end with a bang, so keep looking.

Creating Value Through Information

When you attempt to create value, you have to make a choice between alternatives and this requires reliance on information. Understanding how to create “quality” information is paramount to decision making. One way to improve the quality of information is to make sure there is a strong flow of external sources – looking at market trends, surveying the customers, pursuing new technologies, and of course, competitive intelligence. These external sources provide the “reality checks” we need to remove internal bias, common to so many organizations.

“For managers to produce information required for their work, they have to address two broad questions:

1. What information do I owe to the people with whom I work, and on whom I depend? In what form? And in what time frame?
2. What information do I need myself? From whom? In what form? And in what time frame?

– Competing with Information: A Manger’s Guide to Creating Business Value with Information Content, Edited by Donald A. Marchand

Another way to improve the quality of information is to look at your people. Information is how people communicate their knowledge so things get accomplished. Since information relies on people, it only stands to reason that the quality of information has a lot to do with the quality of people; i.e. the skills, expertise, training, experience as well as their communication skills. This can greatly impact the quality of information – improve your people if you want to improve your information.

The quality of information also follows certain characteristics. These characteristics can lend serious value to information. Here are a few examples:

• Up to Date – Information that is current usually has more value than old, outdated information.
• Accuracy – Some sources of information tend to have higher accuracy than others.
• Impact on Decision Making – Information that is useful to decision making will lend value to the organization.

One common problem in creating value through information is putting the information in front of the decision maker. This requires that people have access to information. Too often, organizations have fragmented silos of information, contributing to inconsistency in decision-making. Pulling all of these stovepipes of information together into one common repository can yield numerous benefits, such as: Faster response time by decision makers, better creditability with stakeholders (employees, customers, suppliers, etc.), improved accuracy through verification, and more value added through the application of analytical tools.

Obviously, technology plays a big role in making this happen – everything from better access to filtering of the information overload. Perhaps the single biggest technology behind the management of information is something called the Data Warehouse. The Data Warehouse pulls together all of the desperate databases, providing not only wider access, but also increased analytical capability through the understanding of relationships between all of this data. So if you are serious about creating value through information, you’ll probably have to consider some form of a data warehouse.

“Capitalizing on the information a company owns about its customers, suppliers, and partners is now the value proposition for sustainable long-term growth. Better information, then, transforms business. Better information also transforms the terms of collaboration between businesses.” – The Value Factor by Mark Hurd and Lars Nyberg

Finally, the roadmap to value through information is creating systems and processes for learning. Author Peter Senge popularized this concept in his book The Fifth Discipline – namely that we all need to become systems thinkers, having the ability to fit the pieces together. This entire process is commonly referred to as the Learning Organization. And this is a big factor behind creating value through information! And when coupled with the right people and the right technology (such as a data warehouse), information can add a lot of value for anyone touched by the information.

“The knowledge economy stands on three pillars. Knowledge has become what we buy, sell, and do. It is the most important factor of production. The second pillar is a mate, a corollary to the first: Knowledge assets – that is, intellectual capital – have become more important to companies than financial and physical assets. The third pillar is this: To prosper in this new economy and exploit these newly vital assets, we need new vocabularies, new management techniques, new technologies, and new strategies. On these three pillars rest all the new economy’s laws and its profits.” – The Wealth of Knowledge by Thomas A. Stewart

Easily Get Restaurant Reviews From Customers

These days, people don’t buy anything without reading reviews first. Amazon.com is the world’s favorite shopping mall. Visitors look for an item that is both heavily reviewed and has a mostly positive rating. There is suspicion of items that have no reviews, as that means to most folks that the business is probably new and the item they’re looking at is of questionable quality. Positive customer reviews weigh in big time within the consumer psyche and the convenience at which reviews can be posted means that every interaction with a customer is a potential opportunity to make or break many future sales. These ideas began with the retail industry, and they’ve spread like wildfire to restaurants.

So, should you ask for reviews or not? Let’s review the pros and cons:

PROS

Incentivizing is a great motivator for everything in the world. If you want reviews from your customers, offer them something of value. Asking for reviews isn’t bad as long as you’re not flat-out paying for them. Put something fun together: drop review submitters’ names into a monthly raffle for a free lunch, pick a top reviewer and send them to an exotic themed vacation (think Olive Garden sending families to Italy), have your top chef prepare dinner for a certain special patron. There are tons of ideas that involve a thematic approach to incentivized rewards versus just handing out cash. Get your patrons involved and excited and reap the benefits of a truly passionate reviewer!

If you choose to nudge patrons in the right direction, make it easy for them. Offering them a comment card is one way to go, and you can put that review up on your website, but how can you get the word out on UrbanSpoon or Yelp, two of the most popular restaurant review sites? You’ve got to tell customers where to submit their feedback. “Search for us on UrbanSpoon!” is a quick, easy and non-pushy way to let people know you’re active on that site. Make sure to develop a way to track your review-submitting patrons so that you can reward them. You’ll generally receive an email notification when a review is submitted to either one of those sites.

Posting restaurant reviews can be fun! Think about the power of mobile Smartphone applications: a patron can take a picture of your menu (or their meal plate) on their phone and post it online instantly, even while they’re still eating their Southwest Quesadilla Special. They can then immediately “thumbs up” or “thumbs down” your business based on their experience. This is incredibly helpful to other customers. PRO TIP: Consider taking clear pictures of your menu and your location and uploading them to review sites before someone else does. Doing so helps potential new customers decide if they want to eat at your establishment by taking the guesswork out of what you’ve got to offer. The more information that’s readily available about your business, the better.

CONS

The first question you need to ask yourself honestly is this: “Is my restaurant ready to be reviewed?” Many restaurant owners get antsy and jump the gun, so to speak, in taking steps to force reviews. They may have had a slow grand opening and think that getting “good press” on sites like UrbanSpoon and Yelp is the only way to stay operative. These sites are dynamite for influencing potential customers, but hard selling reviews is not the way to go. If your restaurant isn’t 100% where you want it to be at, incentivizing reviews could also mean reminding people that they can post negative reviews, too. As many small business owners have learned, one negative review that’s boosted to the front page of Google can spell doom for their business. Just like a positive review can encourage new folks to try an unfamiliar restaurant, a negative review can drive just as many away. Lesson: don’t force reviews if you’re not ready for them.

Positive reviews from non-incentivized customers will almost always feel more “real.” So although it may take longer to get a review, it may be worth your wait.

Have you ever read a restaurant review and just known that it was the owner writing it, or one of the company’s employees? How did that make you feel? Most consumers who feel like they’ve experienced a fake review will immediately go elsewhere, with a permanent sense of distrust in that business.

Some review databases (like Yelp) frown on incentivized/paid reviews. They’ll go as far to delete over-zealous, fake sounding reviews in order to keep their site “honest.” In this case, it may not be worth the investment to reward a reviewer.

If your restaurant is outstanding on both service and menu fronts, you may not have to encourage review submittal at all. A new patron should be so floored after having left your establishment that they want to share their experience with the world. Have you ever been to a restaurant where the server was “on it,” the food was excellent, the wait was nonexistent, and the atmosphere was just fun? I bet you wanted to tell people about it. This same theory applies to restaurant reviews: provide an entirely excellent experience at every point of contact and expect to be rewarded for your hard work.

The answer is up to you. If you can solicit reviews in a fun, creative way, that plan might work out well for your business. Beware of over-incentivizing; remember you want honest reviews, not a bunch of fluff. No doubt, reviews are a superb way to generate new business. You might even say they’ve become essential in today’s world of infinite information. Keep in mind that consistently great service will be rewarded with words of praise, so keep your bar set high, your plates clean, drinks full, food hot, and staff friendly. You’ll eventually get to the point where you don’t need to solicit reviews anymore, they’ll just come naturally.

Right to Information – A Gateway to Fight Corruption

INTRODUCTION: September 28 is celebrated internationally as right to know Day. In spite of the fact that India has won its battle of independence in 1947 making democracy its weapon, unfortunately, the truth was something else. The power was handed over to the politicians and democrats, not to the common man then. In India, following a nationwide campaign led by grassroots and civil society organizations, the Government passed a landmark Right To Information Act in 2005. It is an Act ” to provide for setting out the practical regime of right to information for citizens “. RTI mandates timely response to citizens’ requests for Government information. It is a initiative taken by Department of Personnel and Training, Ministry of Personnel, Public Grievances and Pensions to provide a RTI portal Gateway to citizens for quick search of information.

The idea that Government withhold information for the public has become outdated. During the last decade, many countries have enacted legislations on freedom of information. In India, the Official Secrets Act 1923 was enacted to protect the official secrets. The new law intend to disclose information replacing the ‘ culture of secrecy ‘. It will promote public accountability which will trim the malpractices, mismanagement, abuse of discretion and bribery etc.

OBJECTIVES: The object of RTI is to empower the citizens, promote transparency and accountability in the working of the Government. The Act is a big step towards making the citizens informed about the activities of the Government. Social Activist Aruna Roy has described India’s RTI as ” the most fundamental law this country has seen.”

EFFECT OF RIGHT TO INFORMATION: While the debate on corruption in the country rages on, the RTI Act is fast growing as an effective anti- corruption tool.

Jan Lok Pal Bill gained tremendous public support with citizens coming out on the streets of Delhi, Bangalore and other cities to voice their anger over corruption. Where RTI has been used by journalists and the media, the law has a broad base of users. Earlier right to freedom of speech and expression is granted under Article 19(1) of Constitution, but it requires fair and efficient procedure to make the freedom of information work. In the first three years, 2 million RTI requests were filed. The first and well known movement was by Mazdoor Kissan Shakti Sangathan (MKSS) in Rajasthan for the access to village accounts. Case studies and media reports shows that RTI is being used to redress individual grievances, access entitlements such as Ration Cards and pension. The RTI has paved way for informed citizenry which would strengthen the democratic Government of India. With this Act, we can use our right to speech and expressions and control the Government activities effectively. The idea of open Government is becoming a reality with the implementation of RTI Act. The RTI can be called a success only if the bureaucracy accepts that they have constitutional to serve into.

PROVISIONS OF RTI: Section 3 says all citizens shall have right to information. The Act enforces a duty upon the public authorities to disclosed all information. In V.S.Lee V. State of Kerala.. the remedy provided by Parliament is that wherever there is substantial financial support, the People, have the right to know or information. Section 4(2) states that every public authority shall take constant steps to provide information suo moto to the public. Thus, the authorities have to give information voluntarily so that the public have minimum resort to use this Act. The public authorities also have to disseminate (making known or communicated the information to the public through notice boards, newspapers, public announcements, media broad casts, internet and inspection of offices of public authority) information widely in any form which is easily accessible to the public. Information can be obtained by request in writing or through electronic means in English or Hindi or in official language of the area U/S 6. Here, the person has to give fees, and if request can’t be made in writing, the Central PIO and State PIO shall render all assistance to make request in writing form. If the information has been provided correctly or within time, it may be made available by appeal or complaint to the Information Commission U/S (8(a) 1). In The Registrar General V. K.U. Rajasekar, it was held that Section 8 of RTI specially deals with the cases of exemption from disclosure or information when such information affects prejudicially the sovereignty and security of India etc. Section 5 says every public authority shall within 100 days of enactment of the Act, designate as many as officers as the Central Public Information Officers or State Public Information Officers.

Section 6 permits person to obtain information in English or Hindi or in the official language of the area from the designated officers. The person need not to give any reason for the request. Section 7 requires the request to be disposed of within 30 days provided where information sought for concerns the life or liberty of a person, the same shall be provided within 48 hours. Section 7(7) before taking any decision for furnishing the information, the designated officer shall take into consideration the representation made by the third party U/S 11. Section 7(9) exempts granting information where it would divert the

Resources of the public authority or would be detrimental to the safety and preservation of the record in record. U/S 8,it is important to note that the Act specifies that intelligence and security organisations are exempted from the application of the Act. However, it is provided that in case the demand for information pertains to allegation of corruption and human rights violations, the Act shall apply even to such institutions.

RIGHT TO INFORMATION AS A FUNDAMENTAL RIGHT: The RTI is a fundamental right as in Article 19(1)(a) of the Constitution is now a well settled proposition. It has been discussed by Supreme Court in Number of cases, it has been read into Article 14.(Right to equality), 19(1)(a) freedom of speech and expression and Article 21 (Right to life) through cases such as Bennet Coleman V. Union Of India, Tata Press Ltd. V. Maharashtra Telephone Nigam Ltd. Etc. The same Articles were also interpreted in Kharak Singh V. State of U.P., Govind V. State of M.P. ETC. to include within their scope a right to privacy.

A plain reading of Section 11 suggests that for the section to apply the following three conditions must be satisfied (I) if the PIO is considering disclosing the information (ii) the information relates to the third party (iii) the third party treated the information to be confidential, the third party to be consulted and a notice to be sent to that party. Section 19 provides two tier system of appeals- First appeal and Second appeal. Any person who is aggrieved by the decision of the Central PIO and State PIO within 30 days can prefer First appeal before the First Appellate Authority. This authority shall be an officer who is senior in rank to the Central PIO and State PIO. An appeal can also be made by third party. The Second appeal lies before the State or Central Information Commission against the decision of the First Appellate Authority. It has to be filed within 90 days. As per Section 19(7), decision of Central or State Information Commission is final. The Information Commissioners shall be persons of eminence in public life with wide knowledge and experience in law, science and technology, social service, management, journalism, mass media and governance. In Nirmal Singh Dhiman V. Financial Commissioner Revenue, Section 23 says that no court shall entertain any suit, application or other proceeding in respect of any order and no order shall be called in question, otherwise than by way of an appeal. In case, the complainant was aggrieved against the non-supply of information by the Public Information Officer.

CRITICISM: The Act has been criticized on several grounds. It provides for information on demand, but does not sufficiently stress information on matters related to food, water, environment and other survival needs. It does not emphasize active intervention in educating people about their rights to access information. Another thing is allowing for file notings except those related to social and development projects to be exempted. File notings are very important when it comes to the policy making of the Government.

CONCLUSION: By enacting the RTI, India has moved from opaque and arbitrary system of Government to the beginning of an era where there will be greater transparency and to a system where the citizen will be empowered. The real Swaraj will come not by the acquition of authority by a few but by the acquition of capacity by all to resist authority when abused.

“KNOWLEDGE IS POWER, INFORMATION IS POWER, THE SECRETING OF INFORMATION MAY BE AN ACT OF TYRANNY CAMOUFLAGED AS HUMILITY.”

Top 5 Best Selling Albums in Britain in 2010

2010 was a great year for music in Britain with some amazing album releases. Album reviews were flying off the shelves for breakthrough brands, but it was the old guard that ruled the roost at the top of the album charts. The top 5 best selling albums in Britain is filled with established acts and while there aren’t any that I can pick out as favourites of mine, you can’t always ignore the numbers. When there is that many people buying an album there’s got to be something about it that has grabbed the attention of the masses.

5. Plan B, The Defamation of Strickland Banks

The only breakthrough album release of 2010 fell to London wide boy, Plan B, or Benjamin Balance-Drew as he’s know to his mum. The release of The Defamation of Strickland Banks, his second studio album, in April 2010, led to an instant number 1 in the UK album charts. It sold over sixty eight thousand copies in its first week and went on to sell a whopping eight hundred and twenty six thousand copies throughout the course of the year. Album reviews were fairly positive overall with ratings ranging from six out of ten to four out of five, but his move away from his rapping routes prompted one album review from the Telegraph to describe it as being “populist” although the overall tone of the review was generally favourable

4. Rihanna, Loud

The ups and downs of Rihanna’s personal life has been well documented by the media, but when it comes to her albums it always seems to be on the up and up. It including high grossing hits Only Girl in the World, What’s my Name and S&M. Released in November 2010 the album the album went in at number 2, selling in the region of 91,000 copies, but later climbed to the number 1 spot. Though it was released late in the year, it still managed to sell 839,000 copies in total. Rihanna’s Loud received average to favourable album reviews from the mainstream press.

3. Lady GaGa, The Fame / The Fame Monster

When Lady GaGa first appeared on the music scene it was as though she appeared out of nowhere and was suddenly everywhere. Now it feels like she’s always been there. The illusion of her meteoric rise to musical prominence has been fuelled by the trash media and paparazzi that she seems to target so much in her music. The love hate relationship continues in The Fame / The Fame Monster and while it was originally released in November 2009 as an EP as a re-release of The Fame, it still went on to be the third best selling album of 2010 in the Britain.

2. Michael Buble, Crazy Love

Who’d of thought it. Michael Buble had the second highest grossing album of 2010, epitomising the fact that you can never underestimate the buying power of easy listening loving ladies everywhere. The smooth singing Canadian has turned into a power house of selling album selling prowess and in 2010 he really hit the mark with Crazy Love. Michael Buble’s fourth studio album, Crazy Love is another crooner loving record and went straight in at number 1 in October 2009, but maintained sales all the way through 2010 to guarantee it a place in the top 5 best selling albums in Britain in 2010. Selling more than 1, 227,000 copies, but to be fair, it doesn’t really matter how many albums he sells, he’s never going to get into the Rat Pack.

1. Take That, Progress

Back during the 90s Take That were the bees knees with the girls at my school. They wore Take That emblems around there necks and probably cried like crazy people at the news that they were breaking up. It is these same girls, now women, that have secured Take That’s resurgence to musical hegemony of a certain persuasion, making their album, Progress, the biggest selling album of 2010 in Britain. Released on 15th November 2010 and returning Robbie Williams to the Take That fold after his long dark days alone in the California sun, it inevitable charted straight in at number 1. Despite the release being so late in the day in 2010, it still managed to sell in excess of 1.8 million records. Album reviews were very positive, giving it an average of around 8 out of 10 in both popular and industry media, but more than anything, it gave Robbie something more than just aliens to believe in.

Information Management in Construction From a Lean Perspective

Lean thinkers have referred to “ensuring that relevant customer requirements are available in all phases of production, and that they are not lost when progressively transformed into design solutions, production plans and products.” Customer requirements are however only part of the information flow in design.

Information Waste

In Lean there are 7 classic wastes:

 

  • Over-production Producing more than is needed right now
  • Transportation Movement of product that does not add value
  • Motion Movement of people that does not add value
  • Waiting Idle time created when material, information, people, or equipment is not ready
  • Processing Effort that creates no value from the customer’s viewpoint
  • Inventory More materials, parts, or products on hand than is needed right now
  • Defects Work that contains errors, rework, mistakes or lacks something necessary

 

Some Lean thinkers add additional wastes:-

Making Do – Drawings, documents and information required to complete the task are not available and the task is started despite these not being available, or the task is continued when supply ceases

Unused Creativity – Effort available to the team but not used to create value

From these wastes the following information related wastes can be identified

 

  • Waiting – unable to do work because information is not available or time is spent trying to identify information that needs to flow
  • Over Processing – excessive steps to produce the output caused by resources or activities necessary to overcome a lack of information
  • Making Do – continuing with production in the absence of required information
  • Defects – drawings and design requiring rework and resources and activities used to correct or verify information
  • Unused Creativity – team members making do due to lack of information when they could be employed creating value

Information Flow

In design the “flow” is information to each workstation so that the output in the form of information for the next step in line (which could be further design or construction) can be completed on time and to budget with minimum waste.

A scenario can occur in a design office where an absence or shortage of knowledge and information threatens to halt production (of deliverables). The pressure of deadlines (push planning) requires work to continue and assumptions are made to fill in for the missing knowledge or information. This builds in the necessity to make corrections of the assumption later, or contingencies are made that the assumption may be incorrect and the design is “over-dimensioned.” The result is unplanned work.

Making do has been described as an “art” in the construction industry and that the response to lack of input availability is making do on a “massive scale”.

The conclusion is that the reduction of making do in design requires control and optimisation of the flow of information and knowledge in the design team and between teams.

Information Sources

Typical types of information include emails, letters, meeting notes, call records, drawings, electronic data and photographs. A distinction may be drawn between “data” and “information”:-

Data – Individual facts, statistics, or items of information.

Information – Knowledge communicated or received concerning a particular fact or circumstance or Knowledge gained through study, communication, research, instruction, etc.

In the project environment typically a large mass of data will exist which continually grows in size. Information that adds value to an output is a subset of the total data.

Management activity should therefore focus on Information as it is this which forms the value stream in the design process. An 80/20 rule may apply whereby only 20% of the data collected is used in creating value.

Applying lean 5S to information management produces:-

 

  • Sift (shine) – Ensure information is accurate and up to date
  • Sort – Structure information so it can be easily navigated and found
  • Set in Order – Store information in a single location that is available to all working on the project
  • Sustain – Make sure teams use the system and continuously improve
  • Standardise – Set protocols for information management

 

With the volumes of information within organisations increasing exponentially increasing attention is being paid to the challenges it produces, and the risks it creates.

In the absence of information management there is lack of certainty as to where information is, who has relevant information, and limited certainty as to its availability and currency. One consequence is that time is spent in search of essential information with which to continue production.

Smoothing the Design Workflow

To smooth the design workflow there must be a means of delivering the required information to the workface at the time it is required. It is however difficult in design to fix with certainty the time when information is required and in consequence information is delivered by “push”.

The concept of “pull” should be applied so that designers acquire information when they are ready to use it without the overload caused by “push”. There is then a likelihood that the information to be used in design will be current, correct and the best available.

Users need to be confident that they will find the information they are looking for and that it is current and up to date. All team members must use the system consistently and for all information.

Key principles of a strategy for managing project information within a Lean production (design) environment become:-

 

  • Identify valuable information as distinct from data and manage it
  • Users will only use a system if it has direct value to them or they understand the indirect value for another team
  • Information should be available in real time as soon as it is acquired
  • Minimise duplication of information
  • Minimise out of date information
  • Minimise duplication of effort
  • Information should only be delivered as it is demanded by users (pull)

 

Information Management Strategy

To achieve 5S in an industry which is heavily dependent on the flow of information and knowledge requires a system that can provide:-

Single source of all Information to:

 

  • Minimise duplication
  • Minimise out of date or superseded information
  • Provide Information on demand as it is needed

 

Be accessible to all project users at any time and be user friendly to:

 

  • Provide direct value to users
  • Enable users to supply information to others working on the project
  • Provide real time access with notification of changes and additions

 

Conclusions

Reducing making do generated by lack of information can be attained by the adoption of relatively simple strategies.

How to Create Advertising That Sells: Review of the Legendary Advertising Showpiece

How to Create Advertising that Sells Review

David Ogilvy is known across the world as “The Father of Advertising.” This How to Create Advertising That Sells Review looks at one of the strongest, if not THE strongest, works on the rules of advertising. It’s based solely on market research and will deliver on the promise.

Ogilvy was an advertising exec sensation who was sought after within his industry. He compiled more than 40 years of advertising research into one amazing piece. It only contains 1900 words. It ran during the 1960’s and 1970’s in newspapers for his company. Ogilvy wrote Confessions of an Advertising Man, quite probably the most prominent and celebrated books authored on Advertising. He started his lengthy vocation employed by Gallup. Knowing what Gallup does, that’s likely to be most perfect point for an advertising man to start a stunning profession.

So We Begin… Part One

In this Ogilvy quintessential masterpiece “How to Create Advertising that Sells” Review, we’ll cover the initial 7 maxims. Now, covering seven rules out of 38 can appear to be insignificant at first glance. However, one would at their wit’s end to stuff this quantity of information concerning the ad biz into a more condensed study.

Maxim One: Position

Ogilvy considers Dove soap as the ideal illustration. They have a few choices for the campaign. Would selling clean hands be their best option? OR, would selling soft skin be a better option? The decision ad execs made that day was the first-rate answer for Unilever as proprietor of the Dove brand. When getting ready to sell a product or service, begin here.

Maxim Two: The Promise

With making a very large promise, Ogilvy said the ad can’t be wrong. Make the “obligation” exclusive. Make it a real contender. Lastly, the product or service had MUST ACCOMPLISH the promise given. If it can’t, start over.

Maxim Three: Image

When considering branding a person or business, create the “most sharply defined personality” for the brand. When every ad campaign goes in several different directions and lacks a concise focus, that business is likely to fail. A big picture is what is missing. Advertising should be based on a campaign, not a single ad. Lacking a consistent theme from one ad to the next is a kiss of death. With social media, coming across as a slightly bi-polar is easily possible. Successful social media campaign ideas have to pull together this idea as a foundation. Make the brand image consistent every place, every time.

Maxim Four: ONE LARGE Idea

Ogilvy said it’s normally a very basic concept. It just takes one idea, though. It required because it “gives the customer a jolt” and makes them pay attention to the ad. It’s no secret that a business must stand apart from the competition in order to get noticed. Agreed? But, in order for a customer to take action, it’s a completely different thing. Developing over-the-top, complicated ideas are amazingly easier than coming up with ONE Straightforward, uncomplicated LARGE idea, according to Ogilvy. It requires pure genius. They will withstand the test of time.

Maxim Five: Superior

Its common sense, but it’s often overlooked. Consumers consider an unattractive product with an “inferior image.” The world in which we live is extremely visual. The way things appear always alters perception, without exception. It’s always been this way. Garbage in… Garbage out.

Maxim Six: Don’t Be Boring

Be very charming. Attempt to engage the viewer and get him or her involved. “Make him hungry.” Next, get him to participate. It isn’t difficult to be interesting, but pushing for involvement is slightly harder.

Maxim Seven: Innovate

Be the starter of trends. Don’t blindly follow crazes and trends. Ogilvy discovered that ad campaigns that followed trends were RARELY successful. He recommended engaging in some market testing with real consumers. It IS a bit precarious to head off into an uncharted direction. Market testing allows ad developers to exercise caution and gain a level of security.

Maxim Eight: Glory Hogs

I bet this was extremely controversial for the time. In fact, it’s probably still controversial because of society. It’s expected that we give a list of our accomplishments and qualifications. Any awards are expected in this list. Ogilvy felt creative awards for ads deludes creativity in people and steers them away from goals. What is the goal? In successful campaigns, the goal is the quest of sales. Ponder upon on what persuades the consumer and not what gains awards.

Review in Summary

So, this was the first quarter of David Ogilvy’s How to Create Advertising that Sells Review. Pretty amazing? Considering how old it is, it is still so relevant and very timely. The value of this document is priceless. Hundreds of thousands had to be spent on worthless, unsuccessful ads in order to gather data and determine what creates success. So, figure out what will be sold and remember to sell the sizzle. Make a large promise, and then deliver. Create a laser-focused brand and place it at the front of each ad. Create ONE LARGE idea. Continue the thread through every campaign. Favorable visuals correspond with more successful campaigns. Boring is bad. Take out some insurance and start a trend. Think profit not recognition.

Part two of How to Create Advertising that Sells Review promises more value along with breathtaking, profit-generating maxims by the advertising legend.

Managing Information Better In Construction

In a conventional highway design model, the data consist of points and lines that define the outline of the planned works. Other information critical to successful completion such as design data and specifications is disassociated. In typical engineering application data is not only stored in different locations, it is often linked via a human or paper intermediary. This segregation of data occurs because, in the common file based data management environment, there is no direct link between a drawing and a document. Changes in one may not be reflected in the other. This state of affairs is accepted historically as the design process has evolved to produce a final paper output with documents and drawings as separate entities. This is the focus of established design processes that have evolved over the years.

In a typical large highways project under the Early Contractor Involvement model, systems such as Business Collaborator (BC) share information among the parties. However in a typical application the data set held on BC is incomplete. BC is often used to issue information to team members rather than as an information or knowledge repository. The effect of this approach is to create duplication between data stored in the collaboration system and data held internally on file servers. This duplication may further increase inside the design organisation as different teams or groups maintain their own file systems. Multiple asynchronous copies of information may be held (and relied upon) that are not subject to a consistent update policy.

The lack of compatibility means that it is not possible to go to a “single source of truth” for project information it is necessary in many cases to know first what is being looked for and where it may be stored. This increases the workload to locate information and introduces a risk that it may not be found or when found may be (dangerously) out of date. A user cannot be totally confident that he has discovered the true and complete information needed to complete his task. The secondary effect of this is that often it will be easier for a person to go direct to the source of the information and the result is uncontrolled information. Additional workload is created within teams from making and responding to these requests. Multiple requests may be made over time for essentially the same information.

Should information need updating it is not possible to be confident that all versions on the system have been updated, and team members, as a result, have low confidence that information on the system is up to date. The output may, therefore, be subject to additional and unnecessary validation and control stages. Authors may hold back information in which they have little confidence, but is still useful information. This creates additional inefficiencies.

Where out of date information is held on the system this may result in rework when new information comes to light or it is corrected. A culture of making do emerges where tasks are commenced even though faith in the information is reduced, or it is known that input data will be subject to change. To enable work to advance assumptions are made to avoid future correction that in themselves may require correction at a later date. Hidden contingency is built in to cover these assumptions increasing base costs and extending project time.

Within many organisations the culture of “design iteration” remains embedded as it is implicitly accepted that information will change through the design cycle and that the design will be changed several times in response to this changing information. Supported by better information and better management of that information it should be possible to deliver better designs, earlier and cheaper, by eliminating wasteful iteration, risk and rework.

To adopt new ways of working and managing information, we must first recognise that deliverable and document focused systems are based on a paper model. In such a model information is collated into paper based documents such as reports and drawings. Information based methodologies eclipse paper and focus on delivering the right information to the right person at the right time. How information is delivered, and consumed can be variable, depending on the receiver. It is not necessary, therefore, to maintain information in different forms just because the consumer of that information has different needs. Information kept in different forms may result in omissions when updated if one of the forms is overlooked.

Much current technology for managing and indexing information is based on the assumption that information arrives in paper form or a paper analogue (e.g. email). In fact, what is essential is that the information can be found by those needing to know it. Such information is better found, not from the paper mindset of looking through all likely documents, but through search.

Traditional filing systems are based on a paper methodology with information collated into folders (files) browsed as a file analogue. The division into files can be arbitrary and at odds with how information is sought by the user. Within a traditional filing system, vertical navigation is straightforward, but horizontal navigation between folders is more difficult. The analogy would be that to move from the east wing of a 40 floor building to the west wing it was necessary to take a lift first to the lobby. If the constraint of the paper is broken, and the appropriate technology adopted, it becomes possible to obtain information by whatever method (for example full text search) is best and most effective.

It is clear, therefore, that paper based approaches to information management in a world in which almost all project information is either electronic or convertible to electronic form creates an unnecessary overhead. Search based approaches will locate information more thoroughly and more efficiently. We are used now to the internet and Google, would we gladly give up Google to use a library instead? By continuing to use deliverable and document focused systems, as opposed to information focused, this is in effect what we force teams to do.

An effective information system must provide assurance as to the quality of the information being delivered. The current position of document controller on a project will change to information manager in order that the system is properly managed and controlled.