One of the outcomes of blockchain technology has been the development of smart contracts. At first blush, it sounds like a great idea - contracts that execute themselves without needing help from humans. The opportunities for automation and cost savings lurch into view.
The leader in this field has been Ethereum, which uses blockchain and its own bitcoin type currency to process transactions without the need for a trusted third party. Others are emerging.
There are definitely situations where smart contracts can be very useful, but as with any IT application, there are risks involved. One of the oldest rules around computer processing is that of GIGO (Garbage in, Garbage out). This applies in spades for smart contracts, since they at some point require inout from other systems, and the contracts will often execute wrong data as well as any other. This could goon for some time before being discovered.
Another basic issue is the computer code being used to write and execute the contracts and the transactions. Code can always be unreliable and or wrong. Possession of the encryption keys is always an issue as well.
So smart contracts might be useful, but it is really important to be cautious before implementing them. For a good summary, check out the ISACA Tech Brief "Understanding Smart Contracts" at https://www.isaca.org/Knowledge-Center/Research/ResearchDeliverables/Pages/understanding-smart-contracts.aspx
Zorba Research Blog
by Gerald Trites, FCA, FCPA, CISA. Zorba Research Inc.(www.zorba.ca)
Thursday, January 23, 2020
Monday, November 04, 2019
Gartner's Top Ten Technology Trends
Gartner has released a
report on the top ten technology trends for 2020. The 10 strategic technology
trends highlight trends that enterprises need to consider as part of their
five-year strategic technology planning process. Strategic technology trends
have the potential to both create opportunity and drive significant disruption.
The list incorporates
items that would be expected, such as AI and Internet of Things, but takes them
a step further to focus on the aspects of those obvious trends that will be
most important.
In the case of AI, the
focus is on AI related security, which is and will be a major issue along with
ethics. For Blockchain the focus in making it more usable. With the cloud it’s
on distributed cloud.
The report includes the
following recommendations for companies:
■ Center their innovation efforts on people and use tools
such as personas, journey maps, technology radars, and roadmaps to evaluate
opportunities, challenges and time frames for adoption.
■ Build an overarching view across functional and process silos
and exploit a complementary set of tools including RPA, iBPMS, DTO, application
development, and AI domains that guide how the tools are used and the systems
they create are integrated.
■ Embrace multiexperience and implement development platforms
and design principles to support conversational, immersive and increasingly
ambient experiences.
■ Establish governance principles, policies, best practices
and technology architectures to increase transparency and trust regarding data
and the use of AI.
The report is
available at this
link. https://www.gartner.com/en/doc/432920-top-10-strategic-technology-trends-for-2020
Tuesday, October 15, 2019
Incorporating Data and Analytics into Corporate Strategy
Recent Gartner research provides some great guidance into the management of data and analytics for companies. It urges companies to go beyond simply declaring that data is an important asset and begin treating it like one. It points out that not only must data be specifically incorporated as an asset but the related competency of data analytics must also be recognized and developed within the enterprise.
In one of their reports on this topic, they make the following recommendations:
• “Express to executive leadership your intent to manage information as an actual asset, which requires you to measure it as if it is one.
• Enlist the support of your CFO to develop or adapt established information valuation models, first expressing an understanding that they are not balance sheet assets but that you intend to measure them as if they are.
• Audit, valuate and communicate the improved (or degraded) potential and actual value of key information assets. And do this periodically. Since information valuation standards do not yet exist, emphasize the change over time rather than the discrete metrics.
• Apply information valuations to influence culture, priorities, resources and investments in information-related initiatives — and not just those for information management, but also information deployment (such as analytics). And, of course, use these valuations to demonstrate your own performance and success.
• Experiment with an enterprise strategy for sharing your estimated financial valuations of your information portfolio with investors, partners and potential licensees.”
To obtain and read the report, “Predicts 2019: Data and Analytics Strategy”
published 26 November 2018, follow this link.
In one of their reports on this topic, they make the following recommendations:
• “Express to executive leadership your intent to manage information as an actual asset, which requires you to measure it as if it is one.
• Enlist the support of your CFO to develop or adapt established information valuation models, first expressing an understanding that they are not balance sheet assets but that you intend to measure them as if they are.
• Audit, valuate and communicate the improved (or degraded) potential and actual value of key information assets. And do this periodically. Since information valuation standards do not yet exist, emphasize the change over time rather than the discrete metrics.
• Apply information valuations to influence culture, priorities, resources and investments in information-related initiatives — and not just those for information management, but also information deployment (such as analytics). And, of course, use these valuations to demonstrate your own performance and success.
• Experiment with an enterprise strategy for sharing your estimated financial valuations of your information portfolio with investors, partners and potential licensees.”
To obtain and read the report, “Predicts 2019: Data and Analytics Strategy”
published 26 November 2018, follow this link.
Thursday, October 10, 2019
Data Lakes May Help With Big Data
Big data is a
generally poorly defined term, despite it being one of the most common terms
used these days. There is a general recognition that data is expanding rapidly
in volume, and is being used for various purposes more often, thanks to the
many tools available for using it.
Indeed, it’s become
something of a mantra that data is a major asset of many a business.
This is even more
compelling given the growth taking place in the Internet of Things, where
virtually every physical asset/item/thing opened by a business is potentially connected
to the internet and a source of reams of new data. The potential value of this
data is not lost on management and stakeholders of companies.
And so this gives rise
to several questions – Does the data need to be standardized? How does it get
stored? By what tools is it best used?
Data lakes constitute one
of the current favoured approaches to these questions.
Traditionally, data is
stored in data warehouses, which require some standardization and structure.
They are therefore limited in their capacity and therefore lacking in usefulness
for big data, which comes in all kinds of forms (structured, semi structured, unstructured,
etc.) from many sources (just about anything imaginable).
Data lakes accommodate
just about any form of data and are tied into analytical tools, such as Hadoop,
that can handle such data.
Like big data, data
lakes are poorly defined but they fit well with big data. Data, big data, data
lakes, Hadoop type tools, all form a critical new field for modern management.
One that cannot be ignored.
Tuesday, October 01, 2019
ThinkTWENTY20 Newsletter, September – October, 2019
The Fall issue was released in September. Here are some of the highlights:
• Making Auditing Standards Fit-for-Purpose in a High-Tech World
By Gregory Shields, CPA
Auditing standards urgently need to change, both to reflect the significant use of technology in business and to promote the use of automated audit procedures, including data analytics.
• Enhancing Relevance: Shaping the Future of Corporate Reporting
By Alan Willis, FCPA, FCA
Financial statements alone cannot provide the information necessary for stakeholder assessment of enterprise performance.
• Data Privacy and Confidentiality An Ethical Primer for Professional Accountants in Business and Private Practice
By Eric E. Cohen, CPA
What impact might emerging accounting and audit technologies have on a practitioner’s ethical responsibilities for data confidentiality and privacy?
• How to Succeed in Business in a Disruptive World
By Gundi Jeffrey, Managing Editor, ThinkTWENTY20
There are ten major political, social, environmental and technological transformations that will have profound implications for Canada’s business community and those who serve it.
• Advanced Technologies in Financial Accounting
By Gerald Trites, FCA, FCPA, CISA
The Internet of Things is pervading the supply chains of business and creates a high volume of data
• Book Review of Meltdown - Why Our Systems Fail and What We Can Do About It, by Chris Clearfield and Andras Tilcsik (Penguin Books, 2019).
By Jonathan Andrews, CPA
Meltdown is both entertaining and instructive, particularly for those with an interest in risk and risk mitigation.
NEWS ITEMS
The following news Items have been posted for the period August 15 – September 15
on www.ThinkTWENTY20.com – Your source for thoughtful news and blog items.
• Sept 27, 2019 - IASB Amends IFRS Standards in Response to the IBOR Reform
• Sept 27, 2019 - Tentative FASB Decisions
• Sept 19, 2019 - SEC Charges Silicon Valley-based Issuer With Misleading Disclosure Violations
• Sept 17, 2019 - FASB Proposes Guidance to Assist in Transition Away From Interbank Offered Rates to New Reference Rates
• Sept 17, 2019 - FASB Issues Revised Pproposal to Improve Balance Sheet Debt Classification
• Sept 12, 2019 - Statement on Status of the Consolidated Audit Trail
• Aug 29, 2019 - SEC Charges Brixmor Property Group Inc and Former Senior Executives With Accounting Fraud
• Aug 24, 2019 - Tentative FASB Decisions July 31, 2019
• Aug 24, 2019 - PCAOB Staff Provides Guidance for New Requirements on Auditing Estimates Auditor's Use of the Work of Specialists
• Aug 16, 2019 - SEC Proposes to Modernize Disclosures of Business Legal Proceedings and Risk Factors Under Regulation S-K
ERIC COHEN’S BLOG
Clarifying Auditor Coverage and Connecting for Context: Data Level Assurance
When XBRL was in its infancy, much of my attention was spent trying to improve the intersection between the auditor’s report and management’s financial statement.
Oh. the Places We’ll Go!
Dr. Seuss’s last book, on life’s journey and challenges, inspires the headline of this blog entry. As I last wrote on looking back on the twenty years since the FASB and IASC efforts to document the current state of Internet-based reporting and perhaps guess where the Internet might take corporate reporting, I also had time to think back on twenty years of XBRL.The Forum
THE FORUM
Look to Corporations for Action on Climate Change
A recent CEO Study on Sustainability, “The Decade to Deliver: A Call to Business Action”, conducted by the United Nations Global Compact and Accenture Strategy, involved obtaining the views of more than 1,000 top executives across 21 industries and 99 countries. The study shows some major change in the way corporate executives think about climate change and sustainability.- 27 September 2019
Disaster Recovery in the Age of Cloud and Edge Computing
Most companies are now running apps in the cloud and many are engaging in technology uses like Internet of Things (IoT), which calls for the installation of many computing services on the edge of the organization. The spreading out of computing services means that the IT department has less control and sometimes no control over the widespread resources in the organization. - 18 September 2019
Coming soon – Our Winter Issue
Wednesday, September 18, 2019
Disaster Recovery in the Age of Cloud and Edge Computing
Most companies are now running apps in the cloud and many are engaging in technology uses like Internet of Things (IoT), which calls for the installation of many computing services on the edge of the organization. The spreading out of computing services means that the IT department has less control and sometimes no control over the widespread resources in the organization.
Traditionally, IT has had responsibility for disaster recovery and it used to conduct tests and organize the responses in the event of a shutdown or protracted outage of IT services. They still generally have that responsibility, but now, with cloud and edge computing, their task is a lot more difficult. With other people in the organization responsible for those spread-out resources, it can be a lot like herding cats.
IT's role becomes one of coordination and oversight. System and Disaster planning documentation must be standardized and distribute in ways that will survive outages. Testing must be carried out on a coordinated basis, perhaps rotated around the organization and certainly reviewed and supervised by IT.
IoT often means that devices are being brought into the system on the edge regularly. The data from such systems, can enter into the main system databanks quickly and used for analysis. Therefore it must be accurate and secure. Routines for adding in new data sources must be part of the oversight done by IT and easily adapted to the parts of the organization adopting IoT Systems.
Living on the edge is risky and calls for extended controls to manage that risk.
Wednesday, July 17, 2019
How IoT, Big Data, AI and Blockchain all Tie in Together
IoT, or the Internet of Things, is one of the most rapidly growing elements of internet usage. As everyone knows by now, IoT involves "smart" devices, like home appliances, heating systems, alarm systems. cars, indeed almost any device imaginable. The devices are connected to the internet and generate loads of data.
But it goes beyond mere collection of data - big data. "Intelligent devices will continuously acquire, configure, restock, refresh, optimize, repair, and otherwise manage every material and virtual facet of our lives." So your refrigerator orders milk and butter when they run out. Or calls the repairman if your security system encounters a bug. This is increasingly accomplished through the use of Artificial Intelligence.
"Essentially, the IoT is becoming the world’s most pervasive transactional platform."
In order to be relied upon for business transactions, the IOT needs an infrastructure that can be trusted. That's where blockchain comes in. By ensuring that all data is cryptographically verified and tamper proofed in a distributed hyperledger that is shared by all commerce participants."
Most of our day-to-day activities will be automated in this fashion. That applies to business as well as homes.
And the big data can be analyzed using advanced analytics augmented by AI for financial management and reporting purposes. But that's another story.
For more on this, check out this link.
But it goes beyond mere collection of data - big data. "Intelligent devices will continuously acquire, configure, restock, refresh, optimize, repair, and otherwise manage every material and virtual facet of our lives." So your refrigerator orders milk and butter when they run out. Or calls the repairman if your security system encounters a bug. This is increasingly accomplished through the use of Artificial Intelligence.
"Essentially, the IoT is becoming the world’s most pervasive transactional platform."
In order to be relied upon for business transactions, the IOT needs an infrastructure that can be trusted. That's where blockchain comes in. By ensuring that all data is cryptographically verified and tamper proofed in a distributed hyperledger that is shared by all commerce participants."
Most of our day-to-day activities will be automated in this fashion. That applies to business as well as homes.
And the big data can be analyzed using advanced analytics augmented by AI for financial management and reporting purposes. But that's another story.
For more on this, check out this link.
Monday, May 20, 2019
New Blog/Forum
The Zorba Research Blog is being published by the ThinkTWENTY Forum to be found at
http://www.thinktwenty20.com/index.php/blog-issues-forum
Comments on the forum entries are encouraged.
http://www.thinktwenty20.com/index.php/blog-issues-forum
Comments on the forum entries are encouraged.
Ten Questions Directors Should Ask About Cybersecurity Culture
A Board of Directors
has a responsibility for overall cultural direction in an organization. To
exercise this responsibility the organization must first have a cybersecurity culture
that will minimize the risks. Cybersecurity culture
is “the knowledge, beliefs, perceptions, attitudes, assumptions, norms and
values of people regarding cybersecurity and how they manifest themselves in
people’s behavior with information technologies.” (European Union Agency for
Network and Information Security (ENISA), Cyber
Security Culture in Organizations, Greece, 2017)
The directors need to ask
the following questions:
1.
What are
the business functions in the enterprise with the highest exposure to
technology breaches?
2.
Is there a
cybersecurity policy in place?
3.
Has the
policy been infused into the cybersecurity culture of the organization?
4.
Has the
policy been reflected in the operational processes of the organization, particularly
in those areas of greatest risk
5.
Have
people with the appropriate skills been empowered to implement those policies
and procedures?
6.
What steps
are being taken to reinforce the cybersecurity culture?
7.
Are appropriate
educational and training programs in place?
8.
Is there a
process in place for regular and periodic review of the health of the cybersecurity
culture?
9.
Have the
main policies and procedures supporting the cybersecurity culture been documented
to provide a cohesive understanding of that culture?
10.
Are there steps
in place for regular reporting and discussion with the Board of Directors involving
the most responsible personnel?
Subscribe to:
Posts (Atom)