Can’t make it up

Can’t make it up

A note on LinkedIn on why managements need IT usage policies to prove their compliance and to act legally and fairly towards their employees. I suggest that ISO27001 is useful as a technical standard and COBIT as an organisational one.

This was written in the light of a couple of cases I had to deal with as an accompanying rep. or as an advisor.

You can’t claim that users are not performing if you can’t prove the IT systems work as documented. You can’t pursue a conduct disciplinary against people operating a policy. You can’t fulfil FOI or SAR requests if the data retention policy is suspect. You can’t be sure that corruption has not occurred if there is inadequate segregation of duties.

Having policy will help the organisation answer the following questions. Is our software supported?  Why and how was that data deleted? What should be logged? Who has permission to read, amend and run these programs and/or this data? Are our vendors signed up to our IT security goals? Why do you not know this?

This is all defined in these standards, and the GDPR makes certification to good practice evidence of good will. ISO27001 and COBIT are the big boys in town to prove technical and organisational protection.

You can’t make it up anymore. …

Anti-semitism, what the Party has done?

While considering my response to the leaking of the General Secretary's investigation into the activities of its senior management and its compliance department in conducting invesigations into complaints about anti-semitic behaviour I had cause to consider the Party's reaction to these complaints. It would be hard to say that collectivley it had ignored them although reasons for the delay in asking Conference to change the rules should be determined. Harassed by the press, Labour’s membership and NEC have rightly fought to ensure there is no place for antisemitism in the Party, they have launched two enquiries, issued two or three codes of conduct, and changed the disciplinary rules three times. This blog article was originally part of another, but the article became too long, the remainder of this article (overleaf/below) looks at the enquiries and rule changes undertaken to fight anti-semitism within itself and concludes the thought that I wonder where the original good will & unity of purpose went.

Some IT technology & economics history

Some IT technology & economics history

I have finally installed a version of CA-Superproject under W98/Virtualbox and the experience reminded me of a couple of things, about the software, about its final custodian, Computer Associates (CA) and also some critical software project management issues. I have written a more formal note on Linkedin and this is my mirror/pointer to that; the rest of this article précises that article. For more, see overleaf/below. …  …

Fallout from a Road Trip

Fallout from a Road Trip

The press have been full of the story of Dominic Cummings’ trip to Durham (from London) while he was isolating due to CV19 infection. “Led by Donkeys” have their own inimitable take on this; they took it to Cummings’ London home. However, he has been supported by various members of the Cabinet, including the Attorney General, probably in an act of prejuidice, in the legal sense, and capped off last night, by Boris Johnson who took the daily press conference, for the first time in a while and, not for the first time told the nation to fuck off. It seems that what Cummings did is responsible and legal. Johnson also restated that the Govt. planned to re-open the schools, starting with the youngest, against the will of most parents and most school workers. Johnson’s press conference was followed by an extraordinary hostile tweet from the Civil Service twitter account, allowing us to draw the conclusion that Johnson is “arrogant & offensive”; I mean it’s not exactly news.

What the Tory Government fail to recognise is the elitism and arrogance of this behaviour. A number of twitter users have expressed their anger and sadness that they were able to see, visit and comfort their dying relatives, even when living much closer than Cummings’ 500 mile round trip. It took me a while to realise how important it is to spend some time with the dying to properly say goodbye. As a child, I had been protected from family deaths and had thus learned not to see them as important events; I even almost missed saying good bye to my mother, through choices of my own, and can now see how important the visits to my dying father in the ICU were. My solidarity goes out to all those who have lost relatives and others precious to them during this crisis, I know that my grief would have been harder to overcome, if I had not been able to see my Dad although I only know this looking back helped by the insights and grief expressed by those writing today. The grief will hurt for a longer time then if they’d been able to visit them. I am sorry for your loss. …

Technology lessons

Technology lessons

It seems the police have found insufficient evidence to prosecute Boris Johnson for misconduct in a public office with respect to his alleged relationship with Jennifer Arcuri and decisions taken by the Mayor's Office to support her business. His day-time visits to her home, presumably during working hours, were, it seems, for 'technology lessons'. It seems that some emails seem to be unavailable, possibly in contravention of the Mayor's statutory record keeping rules and duties. The rest of this blog looks at alternative legal approaches to investigating if wrong doing has occurred. It looks at how good good IT Security controls are needed to allow essential audit questions to be answered.

On Labour’s Money

On Labour’s Money

I was looking through the LP’s finance report presented to#Lab19, which has the 2018 7 2017 figures in it. I had previously discovered that at the end of 2018, the Labour Party had £20.8m “cash in hand” and so it had become a surprise to me that we had only spent £8m on the General Election, when we had spent £11m in 2017.

But this time round I found some other things that piqued my interest

  1. The Labour Party made a surplus of £1.4m in 2017, the year of a General Election that we lost by 2,500 votes. Why is this?
  2. Income from Affiliations is the third largest source of income, after membership fees, and the front bench “short money” grant.
  3. On the expenditure front, they spent £3m (6%) on “Grants and payments to CLPs”.

For context, total income in 2018 was £46.3m and membership fell by 8.1% (45,914) from 564,433 to 518,519.

There’s a chart of the sources of income oveleaf/below … …

New Blood, New Labour

The NEC are considering whether to use STV for the CLP division of the NEC. This is important, and much discussion is to be had about whether and how this will change the power on the NEC and if its desirable. My helpful contribution is that we never use STV because our preferential systems are for single positions, maybe it would be good, particularly now that many CLPs send multiple delegates to Conference, but we are not talking about that yet.

Much more interesting are Charlie Mansell’s comments.

The results of the last NEC which were narrowly won by the right may underestimate their support.

Mind you, if we’re having STV for the CLPs we can have it for the ALC positions.

It all reinforces my feeling that the Left need, as a priority, to talk and listen to those who voted for Jeremy in 2016 and for Kier or Lisa in 2019. …

Fighting Corruption

Fighting Corruption

Sadly I have been looking to see what’s being said about Corruption and Anti-Corruption. I made a wiki post which includes some links on management strategy, which includes an article from McKinsey’s Journal which offers a brief taxonomy of corrupt practices, this is augmented by Transparency International’s tool kit, to which I link. TI also note that, “The UK Bribery Act, which was passed in 2010, introduces an offence of corporate failure to prevent bribery.”. There are also some specific action plans inc. current advice from the MoJ. Interestingly, to me, the action plans share many ideas from risk management practices and IT Security controls that I have been working with for many years, and that having a robust programme of controls is the only defence against the aforementioned corporate crime.

Construct a taxonomy, develop controls, measure the effectiveness of the controls and fix those that are broken.

This costs money and time, and companies may lose business because of it. No-one says it’s easy.

I have now made a post on my linkedin blog, which while repeating some of that I say here, looks at the MOJ Guidance and their six principles and offers some important definitions of pertaining to bribery.  I highlight the concept of ‘improper behaviour’ from within the legislation. …

Sectarianism

Sectarianism

This article is a review of Anatomy of the Micro-Sect, by Hal Draper, dated 1973. It thus refers to political sectarianism. I was particularly taken by this quote,

What characterizes the classic sect was best defined by Marx himself: it counterposes its sect criterion of programmatic points against the real movement of the workers in the class struggle, which may not measure up to its high demands. The touchstone of support (the “point d’honneur,” in Marx’s words) is conformity with the sect’s current shibboleths – whatever they may be, including programmatic points good in themselves. The approach pointed by Marx was different: without giving up or concealing one’s own programmatic politics in the slightest degree, the real Marxist looks to the lines of struggle calculated to move decisive sectors of the class into action – into movement against the established powers of the system (state and bourgeoisie and their agents, including their labor lieutenants inside the workers’ movement). And for Marx, it is this reality of social (class) collision which will work to elevate the class’s consciousness to the level of the socialist movement’s program.

There’s more below/overleaf, including a commentary on the featured image. … …