Constitui um conjunto - Free Essay Example

Sample details Pages: 28 Words: 8273 Downloads: 4 Date added: 2017/06/26 Category Statistics Essay Did you like this example? INTRODUO A segurana da informao, especificamente em banco de dados, constitui um conjunto de atividades e tcnicas essenciais para qualquer organizao empresarial. Antigamente, acreditava-se que os investimentos em segurana eram desnecessrios, pois no podiam ser mensurados, sendo considerado um exagero da equipe e profissionais de Tecnologia da Informao (TI) (VIEIRA, 2009). A base de dados de uma organizao pode auxiliar na gerao de informaes importantes para tomada de decises, sendo uma estratgia da empresa para se manter no mercado. Deste modo, o dado considerado como um dos principais ativos que a organizao possui, sendo parte integrante de todos os processos empresariais. Don’t waste time! Our writers will create an original "Constitui um conjunto" essay for you Create order Entre as dcadas de 50 e 70, as empresas tinham como seu maior patrimnio as instalaes, mquinas do setor de produo e o hardware. Com o avano tecnolgico e a produo de software com qualidade seguindo mtodos, ferramentas, procedimentos e com o mercado cada vez mais globalizado, a viso e os objetivos empresariais mudaram, e a gesto do conhecimento por meio do armazenamento e disseminao de dados passaram a ser valorizados (PRESSMAN, 2006). Conseqentemente, as empresas comearam as investir em tecnologia e em profissionais capazes de utilizar tcnicas para proteger os dados, a fim de agregar valor ao negcio tornando o armazenamento de dados mais confivel. Os dados passaram a ser tratado de forma estratgica, refletindo tambm a gerao de informaes importantes para as reas de negcio e gesto empresarial. Portanto, necessrio que todas as empresas procurem implantar uma poltica de segurana adequada e com normas bem definidas, essenciais para atingir o objetivo que se espera, visando proteger a informao e o conhecimento sobre seus negcios e processos. Os Sistemas Gerenciadores de Banco de Dados (SGBD) possuem mecanismos para administrar todas as bases de dados armazenadas. Estes mecanismos e interfaces dos SGBDs possuem como caracterstica principal a capacidade de organizao dos dados, aplicaes e pacotes de aplicaes que auxiliam na segurana. Isto permite facilitar a administrao de dados e do banco de dados por parte do Administrador de Banco de Dados (DBA) e outros profissionais da rea. De acordo com Dewson (2006) as principais ferramentas do SGBD da Microsoft so o SQL Server Databases Services, o Analysis Service, o Reporting Services, Integration Service e a Workstation Components. Tais ferramentas so capazes de administrar o banco de dados com integridade e confiabilidade dos dados. Alm disso, permitem gerenciar cpias de segurana criao de usurios e nveis de acesso. Dewson (2006) descreve ainda que atravs dessas ferramentas sejamos capazes de criar views de tabelas, roles para permisso de acesso, backup e restore dos dados, enfim manipular todas as informaes e realizar aes necessrias para uma administrao confivel e segura que um banco de dados necessita. Outros SGBDs tambm oferecem interfaces e comandos que facilitam a gerencia dos dados e usurios que acessam as bases de dados, podemos citar alguns exemplo de SGBD como Oracle, MySQl entre outros. O Oracle possui uma srie de ferramentas que possibilitam uma maior segurana do seu SGBD como: Oracle Database Vault, Audit Vault, Label Security, Advanced Security, Advanced Compression e Secure Backup. Essas ferramentas so capazes de administrar e garantir a integridade e confiabilidade de um SGBD lder de mercado no mundo coorporativo. Para Maj (2005) o MySQL tem por objetivo atingir o mais alto nvel de segurana em sua instalao, para que isso possa ocorrer, a instalao deve ser executado em um ambiente chrooted. Os processos armazenados no servidor de banco de dados, devem rodar sobre um UID/GID nico, isto , que no seja utilizado por outros processos de sistema, a segurana nos acesso devem ser feitas apenas por acessos locais ao MySQL e como forma de garantir integridade do SGBD a conta de root (superusurio) do deve possuir uma senha difcil de ser quebrada. O DBA tem como premissa principal de segurana renomear a sua conta de acesso e desativar a conta de nobody para que no haja falha no acesso de usurios annimos ao banco de dados (MAJ, 2005). Segundo Maj (2005) o MySQL ainda vem com funcionalidades de segurana como o ACID Transctions para construir aplicativos mais seguros e confiveis para utilizao desse SGBD no mercado. Diante dos recursos e tcnicas de segurana desenvolvidas e oferecidas pelos SGBDs, como implementar rotinas de segurana em banco de dados? Deste modo, este trabalho tem objetivo geral realizar uma pesquisa bibliogrfica a fim de investigar as melhores prticas utilizadas para a segurana da informao no contexto do gerenciamento de banco de dados. Alm disso, este trabalho ter como estudo de caso a implementao de rotinas de segurana em banco de dados seguindo as Normas da Sociedade Brasileiras de Informtica em Sade (SBIS). Como ferramenta para implementao das rotinas de segurana de dados, esta monografia utilizar o SQL Server 2005, por oferecer todas as funcionalidades necessrias para o desenvolvimento deste trabalho, e por ser o SGBD utilizado pelo autor em sua vida profissional. referido trabalho ter os seguintes objetivos especficos: Produzir um texto que descreva a segurana em um SQL Server, demonstrando os conceitos existentes em empresas; Descrever como o mercado de Sade Suplementar est se adequando a uma poltica de segurana a fim de garantir o que de mais importante para uma organizao, ou seja, o valor que tem a informao. Esta monografia est dividida em cinco captulos que so expostos de acordo com a importncia de cada tpico. Capitulo 1 a introduo. Neste captulo apresentada a motivao, finalidade e os objetivos especficos deste trabalho. Captulo 2 relaciona os conceitos de Segurana da Informao, banco de dados e a origem do SQL Server. Discute tambm as principais funcionalidades deste SGBD para o gerenciamento da segurana dos dados. Captulo 3 descreve as medidas utilizadas para garantir a segurana dos dados de acordo com as normas da Agncia de Sade Suplementar (ANS) seguindo a SBIS. Captulo 4 apresenta as tcnicas adotadas para garantir a segurana de dados por meio do SQL Server 2005, baseada nas normas descritas no Captulo 3. Captulo 5 faz as consideraes finais do trabalho. REFERENCIAL TERICO Inicialmente o papel da internet era ser um grande fornecedor de dados. Informaes financeiras, meteorolgicas, educacionais, institucionais, governamentais, alm de texto e imagens sobre uma in-finidade de assuntos, so disponibilizados atravs dos mecanismos de busca atuais. A Internet est em plena evoluo, e alm de dados, agora ela fornece diversos servios. Compra e venda de produtos, leiles, transaes bancrias e financeiras so apenas alguns exemplos de servios que j podem ser contratados on line. Na ltima dcada, setores da indstria, governo e educao tm tentado estabelecer os padres para a produo e a utilizao desse tipo de servios na rede, tambm conhecidos como Web Services. Nos dois primeiros anos do novo milnio, quando a euforia em torno do e-commerce comeou a dar lugar a experincias bem mais modestas do que alardeavam as previses do final dos anos 90, novas promessas sobre o potencial da Internet comeou a ganhar volume. No entanto, os protagonistas dessas novas promessas no foram as ponto-coms e seus propagandistas, mas grandes fornecedores de hardware, software e servios. O que eles vm promovendo ultimamente uma nova abordagem para os sistemas de informao corporativos e que vem sendo proclamada atravs de uma srie de nomes diferentes: a Microsoft a chama de NET; Oracle associa-a aos network services; IBM identifica-a por web services; Sun fala sobre um ambiente de rede aberto. No entanto, a idia central dessa nova abordagem que as corporaes logo iro comprar suas tecnologias de informao como servios providos atravs da Internet. Esses servios, que so genericamente conhecidos por web services, tm alguns atributos peculiares. Diferentemente dos web sites tradicionais, projetados para as pessoas interagirem com informao, os web services conectam aplicaes diretamente com outras aplicaes. E a idia bsica que essa conexo se d sem que seja necessrio efetuar grandes customizaes nas prprias aplicaes. Alm disso, uma das premissas fundamentais que o padro usado pelas conexes seja aberto e independente de plataforma tecnolgica ou linguagens de programao. Conceitos de Web Services De acordo com Breitman (2005), no existe uma nica definio para esse termo. A seguir listamos algumas que julgamos ser bem esclarecedoras: Um web service um aplicativo de software que pode ser acessado remotamente atravs de diferentes linguagens baseadas em XML. De modo geral, um web service definido atravs de uma URL, da mesma forma que qualquer site na Internet. O que distingue um web service o tipo de interao fornecida (Stephen Potts Mike Kopack, 2003) Um web service um sistema de software identificado atravs de uma URI cujas interfaces pblicas e interconexes so descritas em XML. Sua definio publicada de modo a po-der ser descobertaÂÂ ´ por outros sistemas de software. Web services podem interagir com outros sistemas ou web services do modo prescrito em sua definio, utilizando mensagens baseadas no padro XML produzidas atravs de protocolos de Internet (Glossrios do W3C). Web services so um novo tipo de aplicao para a Internet. Eles so autocontidos, autodescritivos, modulares e podem ser publicados, localizados e chamados atravs da rede. Os web services realizam funes que vo das mais simples at processos de negcio complexos. Uma vez tornado pblico, outras aplicaes (ou web services) podem descobrir e fazer uso do mesmo (Tutorial de web services, IBM). Web service uma soluo utilizada na integrao de sistemas e na comunicao entre aplicaes diferentes. Com esta tecnologia possvel que novas aplicaes possam interagir com aquelas que j existem e que sistemas desenvolvidos em plataformas diferentes sejam compatveis. Os Web services so componentes que permitem s aplicaes enviar e receber dados em formato XML. Cada aplicao pode ter a sua prpria linguagem, que traduzida para uma linguagem universal, o formato XML (Wikipdia, a enciclopdia livre) Para as empresas, os web services podem trazer agilidade para os processos e eficincia na comunicao entre cadeias de produo ou de logstica. Toda e qualquer comunicao entre sistemas passa a ser dinmica e principalmente segura, pois no h interveno humana. Essencialmente, o Web Service faz com que os recursos da aplicao do software estejam disponveis sobre a rede de uma forma normalizada. Outras tecnologias fazem a mesma coisa, como por exemplo, os browsers da Internet acedem s pginas Web disponveis usando por norma as tecnologias da Internet, HTTP e HTML. No entanto, estas tecnologias no so bem sucedidas na comunicao e integrao de aplicaes. Existe uma grande motivao sobre a tecnologia Web Service, pois possibilita que diferentes aplicaes comuniquem entre si e utilizem recursos diferentes. Um web service, portanto, um componente de software, ou uma unidade lgica de aplicao, que se comunica atravs de tecnologias padres de Internet. Esse componente prov dados e servios para outras aplicaes. Essa tecnologia combina os melhores aspectos do desenvolvimento baseado em componentes e a Web. Como componentes, representam uma funcionalidade implementada em uma caixa-preta, que pode ser reutilizada sem a preocupao de como o servio foi implementado. As aplicaes acessam os Web Services atravs de protocolos e formatos de dados padres, como HTTP, XML e SOAP. O que os Web Services Fornecem O grande entusiasmo acerca da tecnologia de web services justificado pela promessa de interoperabilidade dos ambientes computacionais. medida que os computadores vo se tomando presentes no s no ambiente profissional, mas tambm em nossas casas, a diversidade de ambientes computacionais (sistemas operacionais e aplicativos de software) cresce quase que exponencialmente. A arquitetura de web services baseada na troca de mensagens XML em um formato especfico, portanto: independente de plataforma; E independente da localidade (do mundo) de onde a mensagem est sendo enviada; independente da linguagem do aplicativo de software do cliente; No exige que o cliente saiba que tipo de processador est sendo utilizado pelo servidor. Os Web Services so identificados por um URI (Uniform Resource Identifier), descritos e definidos usando XML (Extensible Markup Language). Um dos motivos que tornam os Web Services atractivos o fato deste modelo ser baseado em tecnologias standards, em particular XML e HTTP (Hypertext Transfer Protocol). Os Web Services so utilizados para disponibilizar servios interativos na Web, podendo ser acedidos por outras aplicaes usando, por exemplo, o protocolo SOAP (Simple Object Access Protocol). Em suma, essa tecnologia realmente habilita a utilizao da Internet em nvel global. Atravs de web services cada aplicativo de software na rede tem a potencialidade de falar com qualquer ou-tro aplicativo, mesmo que no outro lado do mundo. Se a troca de mensagens entre servios estiver em conformidade com os protocolos de comunicao estabelecidos, possvel que dois aplicativos possam interagir, independentemente de seu sistema operacional, sua linguagem de programao e protocolos internos. Objetivos dos Web Services O objetivo dos Web Services como a comunicao aplicao para aplicao atravs da Internet. Esta comunicao realizada com intuito de facilitar EAI (Enterprise Application Integration), que significa a integrao das aplicaes de uma empresa, ou seja, interoperabilidade entre a informao que circula numa organizao nas diferentes aplicaes como, por exemplo, o comrcio eletrnico com os seus clientes e seus fornecedores. Esta interao constitui o sistema de informao de uma empresa. E para alm da interoperabilidade entre as aplicaes, a EAI permite definir um workflow entre as aplicaes e pode constituir uma alternativa aos ERP (Enterprise Resource Planning). Com um workflow possvel otimizar e controlar processos e tarefas de uma determinada organizao. Como Funcionam os Web Services INTEGRAO DE SISTEMAS CORPORATIVOS Introduo J faz alguns anos que os gerentes de TI se vem frente ao desafio de integrao das diferentes aplicaes corporativas que suportam os processos de negcio nas empresas. Nos ltimos anos observou-se um crescimento, sem precedentes, do nmero de aplicaes, sistemas, repositrios de informaes que coexistem dentro de uma corporao. Por outro lado, intensificou-se o esforo de integrao desses diferentes ativos de sistemas e dados provocados pelos movimentos de integrao e racionalizao dos processos de negcio, pelas estratgias de relacionamento com clientes e pela necessidade de gerao de informaes de apoio a tomadas de deciso. Analisemos o cenrio da TI nas empresas na segunda metade dos anos 90. A corrida contra o relgio fez com que as empresas reavaliassem seus antigos sistemas (legados) e os adaptassem ao fantasma do Ano 2000. Alm disso, as novas tendncias batiam porta das corporaes: milhes de dlares foram gastos no redesenho dos processos e implantao dos grandes sistemas de gesto empresarial (ERP) e de gerenciamento do relacionamento com clientes. Esses novos conceitos migraram o foco do gerenciamento de dados para o gerenciamento dos processos e clientes. Nesse contexto, a necessidade de integrao dos diferentes ambientes, sistemas, plataformas, bases de dados e todos os demais ativos de informao ocupou as mentes dos gerentes de TI. Surgiram com enorme fora os conceitos de EAI (Enterprise Application Integration) e as grandes e caras solues de sistemas de middleware. No entanto, uma revoluo ainda maior ocorria, adicionado mais variveis complexa equao da integrao de sistemas: a Internet. A possibilidade (ou necessidade) de disponibilizar parte das informaes corporativas a usurios ou sistemas que extrapolavam as fronteiras corporativas, fez com que o paradigma se alterasse novamente. O pice das aplicaes cliente-servidor parecia estar com os dias contados. Novos modelos de acesso s informaes foram criados, todos baseados em transaes leves, atravs dos novos protocolos da Web. Alm disso, novos sistemas foram adicionados ao contexto, entre eles, sistemas mais sofisticados de segurana, aplicativos diversos para intranet e extranet, etc. nesse cenrio que as empresas se inserem hoje. A diversidade de sistemas coexistindo nas empresas enorme, indo de grandes pacotes comerciais a aplicaes desenvolvidas sob-medida por diferentes software houses, com diferentes tecnologias (host-centric, cliente-servidor, n-tier, etc), em diferentes plataformas (mainframes, Unix, Windows, etc). J se verificou que a estratgia mais adequada para as empresas efetuar uma integrao dessas aplicaes j existentes ao invs de se tentar uma unificao de ambientes, plataformas e tecnologias, dados ao alto custo, tempo e aos investimentos j realizados com os atuais sistemas. O desafio agora definir o caminho mais adequado para os projetos de EAI. As Vantagens da Integrao de Sistemas atravs de Web Services As solues tradicionais de EAI provem uma mquina de integrao centralizada e monoltica, que usa tecnologias proprietrias para integrar os sistemas, e adaptadores especializados para conectar fontes de dados e sistemas legados. Essa abordagem monoltica tem as seguintes desvantagens: dependente de plataforma requerendo uma nova verso tanto da mquina de integrao quanto dos adaptadores para cada plataforma a ser suportada ou integrada; Introduz uma linguagem proprietria no core da integrao; Resulta num nico ponto de falha; Prov um mtodo de integrao que baseia-se na replicao dos dados dos diversos sistemas ao invs de consolidar os dados das vrias fontes. Alm disso, as solues tradicionais de EAI requerem um investimento inicial substancial, que quando combinado com a complexidade da tecnologia proprietria, gera um alto grau de dependncia do fornecedor. Como resultado, o prprio EAI se transforma em mais um sistema legado. Na verdade, a abordagem dos sistemas tradicionais de EAI, monolticas e centralizadas, no levam em conta a atual dinmica imposta pela Internet, onde os sistemas de uma empresa no podem ser isolados do resto do mundo. E nesse contexto, os requisitos de integrao se alteram constantemente fazendo com que as solues tradicionais tornem-se pouco geis e caras diante de qualquer alterao demandada. Qualquer nova tentativa de se integrar uma nova tecnologia quase to difcil e cara quanto a integrao inicial. No modelo de web services, cada sistema da organizao atua como um componente independente na arquitetura de integrao. Todas as interfaces, transformaes de dados e comunicaes entre componentes so baseados em padres abertos e vastamente adotados, independentes de fornecedores e plataformas. As vantagens de se utilizar essa abordagem so: Simplicidade: mais simples de se implementar que as solues tradicionais que utilizam CORBA ou DCOM; Padres abertos: utilizam padres abertos como HTTP, SOAP, UDDI, ao invs de tecnologias proprietrias; Flexibilidade: alteraes nos componentes so muito mais simples para o sistema como um todo do que alteraes nos adaptadores tradicionais; Custo: as solues tradicionais so muito mais caras; Escopo: cada sistema pode ser tratado de maneira individual, j que para componentiz-lo basta implementar uma camada que o encapsule. Na abordagem tradicional, todos os sistemas devem ser tratados ao mesmo tempo, j que faro parte da mesma soluo monoltica de integrao. Interoperabilidade de Web Services Na prtica, web services no so 100% interoperveis. Ainda existem diversos gaps para realizar a comunicao, mas existe uma organizao, a WS-I, que define os padres de comunicao para padronizao de interoperabilidade de web services. No total existem mais de 50 especificaes de Web services mantidas por trs organizaes (W3C, OASIS, WS-I). O WS-Basic profile 1.1 no cobre todas as especificaes de web services, mas cobre especificaes como SOAP, WSDL, UDDI, XML e HTTP. Nveis de Acesso A caracterstica de definio de acesso ao SGBD e as definies de acesso a determinada Tabela de Dados ou a possibilidade de o usurio obter o direto a um Insert, Select e Update e at mesmo Delete de fundamental importncia para que o SGBD se mantenha seguro e confivel no que diz respeito s normas(CFM e SBIS, 2009). Cada usurio ter um perfil de acesso, indicando os produtos, os arquivos, os aplicativos, as funes dos aplicativos e os dados que podem ser executados, lidos e gravados (UNIMED BRASIL, 2006). Em conformidade com as regras impostas os aplicativos disponibilizados pela Unimed do Brasil as Unimed que aderiram ao seu sistema de Gesto receberam um sistema com capacidade de cumprir as exigncias da TISS segundo a SBIS e o CFM, 2009. Exemplo de um script de restrio de um Formulrio da aplicao para garantir a integridade dos dados do SGBD: SELECT ALL TelosUserUrl.* FROM TelosUserUrl WITH (NOLOCK) WHERE ((TelosUserUrl.Usr = Fabricio) AND (TelosUserUrl.Url = frm:999000530) AND (TelosUserUrl.Application = 28)); UPDATE TelosRole SET TelosUpDt = convert(datetime, 2009-10-24 14:15:36, 120), TelosUpUs = Fabricio, Name = teste WHERE ((TelosRole.AutoId = 21)); DELETE FROM TelosRoleMenu WHERE ((TelosRoleMenu.Role = 21)); INSERT INTO TelosRoleMenu (RegAction, AllowVisualize, RegReport, RegEdit, AllowPrint, RegNew, RegDelete, TelosRgUs, TelosUpDt, AllowSchedule, TelosRgDt, Menu, Role, AllowSearch, AllowNew, TelosUpUs, AllowEdit, AllowSaveOutput, AllowDelete) VALUES (1, 1, 1, 1, 1, 1, 1, Fabricio, convert(datetime, 2009-10-24 14:15:36, 120), 1, convert(datetime, 2009-10-24 14:15:36, 120), 1281, 21, 1, 1, Fabricio, 1, 1, 1); Cpias de Segurana e Restaurao de Dados O primeiro produto da parceria SBIS/CFM foi elaborao da resoluo n. 1639/2002 que aprovou as Normas Tcnicas para o Uso de Sistemas Informatizados para a Guarda e Manuseio do Pronturio Mdico, dispondo sobre o tempo de guarda dos pronturios, estabelecendo critrios para certificao dos sistemas de informao e dando outras providncias. Conforme a SBIS e CFM (2009) a resoluo CFM n 1638/2002 define pronturio mdico e atribui as responsabilidades por seu preenchimento, guarda e manuseio. A Resoluo CFM n 1821/2007 aprova as Normas Tcnicas Concernentes Digitalizao e Uso dos Sistemas Informatizados para a Guarda e Manuseio dos Documentos dos Pronturios dos Pacientes, Autorizando a Eliminao do Papel e a Troca de Informao Identificada em Sade. Essa resoluo aprova o Manual de Certificao para Sistemas de Registro Eletrnico em Sade, verso 3.0 e/ou outra verso aprovada pelo Conselho Federal de Medicina, autoriza a digitalizao de pronturios mdicos conforme normas especficas e estabelece a guarda permanente para pronturios mdicos arquivados eletronicamente, em meio ptico ou magntico e microfilmados, bem como o prazo mnimo de vinte anos para a preservao dos pronturios mdicos em suporte de papel (SBIS e CFM, 2009). De acordo com a SBIS e CFM, (2009) os backups ou a cpia de segurana devem ser feita cpia de segurana dos dados do pronturio pelo menos a cada 24 horas. Recomenda-se que o sistema de informao utilizado possua a funcionalidade de forar a realizao do processo de cpia de segurana diariamente. O procedimento de back-up deve seguir as recomendaes da norma ISO/IEC 17799, atravs da adoo dos seguintes controles: Documentao do processo de backup/restore; As cpias devem ser mantidas em local distante o suficiente para livr-las de danos que possam ocorrer nas instalaes principais; Mnimo de trs cpias para aplicaes crticas; Protees fsicas adequadas de modo a impedir acesso no autorizado; Possibilitar a realizao de testes peridicos de restaurao. Seguindo as normas da SBIS e da Unimed do Brasil elaboramos um descrio da rotina implementada na Unimed Alm Paraba para a realizao e acompanhamento dos Backups e Restores como segue: Para garantir integridade do backup e dos dados (arquivos, sistemas, banco de dados, e-mail, etc.) nos servidores, quando houver necessidade de executar os processos aps os horrios estipulados no item anterior, as reas comunicam ao profissional de TI at as 18h00min. A IMPLEMENTAO DAS PRTICAS DE SEGURANA DE DADOS PERVISTAS NA SBIS USANDO O SQL SERVER 2005 A partir das normas e prticas mencionadas no Captulo 3, este captulo descreve a implementao da segurana de dados em SQL Server 2005, a fim de demonstrar como atender as exigncias que o mercado de Sade Suplementar, respeitando as resolues do CFM e da SBIS. Inicialmente, ser criado um banco de dados de exemplo com nome de CFMSBIS09 e as algumas tabelas como Beneficirio, ModuloBeneficirio e Pessoa, tem por objetivo a breve apresentao de um modelo de Bancos de Dados explicando brevemente cada um dos princpios do CFM e SBIS. Como a criao de Login com a permisso de leitura e a impossibilidade de roles de escrita no SBGBD. Criao de Logins Um dos primeiros passos para acessar o banco de dados CFMSBIS09 a criao de um login que possa ter acesso a todas as tabelas e seus dados. Conforme Script-2, segue a sintaxe de na linguagem Transact-sql para a criao do logins de acesso para utilizao desse usurio ao SGBD e conseqentemente ao Banco de dados CFMSBIS09. CREATE USER [Fabricio] FOR LOGIN [Fabricio] Caso haja necessidade de criar uma senha para o usurio Fabricio, o qual foi criado com objetivo de somente ter acesso ao Banco de Dados CFMSBIS09 e no ao SGBD, pode ser feito por meio da execuo do comando abaixo: Nota-se que a senha anterior desse usurio estava em branco, aconselhvel que voc crie uma senha segura e que no esteja em branco j que a prtica de segurana descrita nos Manuais online do SQL Server recomenda que no seja criado usurio de um SGBD em branco, evitando assim que Worms, Hackers se utilizem essa conta para acessar o SGBD. Esta falta de ateno, caso exista por parte do DBA, se ope s normas de segurana do CFM e SBIS quanto a Confiabilidade, Integridade e Disponibilidade dos dados confidenciais dos beneficirios registrados nos SGBDÂÂ ´s das Operadoras de Plano de Sade. Criao de Nveis de Acesso O SQL Server 2005 consegue realizar inmeros controle capazes de garantir que o sistema fique mais seguro conforme descreve Pichiliani (2003) que os nveis de permisses que podem ser atribudas aos usurios, permitem um controle e gerenciamentos dos dados e objetos de maneira mais especfica sobre as tabelas , dados , e a utilizao de sintaxe de comandos que podem garantir ou inviabilizar a segurana de dados contidos no SGBD , desse modo podemos ento afirmar que a criao dos nveis de acesso para os usurio de extrema importncia , j que a normal do CFM e da SBIS preconiza que todos os sistemas precisam garantir a confiabilidade, integridade e disponibilizar , consideramos que a melhor maneira quanto ao acesso ao banco de dados por parte dos usurios do sistema de gesto das Operadoras e mesmo aqueles que utilizam de alguma forma o SGBD para relatrios , consultas via Transact-sql , precisam estar em ressonncia com as normas aplicadas pelo DBA visando garantir a segurana. A criao dos nveis de acesso no SQL Server 2005 passa pela criao de Schemas e Roles de controles , continuaremos demonstrando como realizar esses controles , utilizando o nosso banco de CFMSBIS09 para criao de Schemas e Roles de acesso ao SGBD. Como exemplo e atribuio de esquemas, os usurios abaixo tero acesso aos SCHEMAS como db_securityadmin,db_datareader,db_datawriter, os quais permitem ao usurio gerenciar permisses e roles , ler e modificar todas as tabelas do SGBD : ALTER AUTHORIZATION ON SCHEMA::[db_securityadmin] TO [Fabricio] ALTER AUTHORIZATION ON SCHEMA::[db_datareader] TO [Fabricio] ALTER AUTHORIZATION ON SCHEMA::[db_datawriter] TO [Fabricio] GRANT ALTER ON SCHEMA::[db_datareader] TO [Fabricio] GRANT EXECUTE ON SCHEMA::[db_datareader] TO [Fabricio] Alm disso, possvel dar as permisses de GRANT e DENY para permitir ou negar uma determinada permisso desses usurios quanto utilizao de comandos atravs da sintaxe Transact-sql, como segue: GRANT INSERT ON SCHEMA::[db_datareader] TO [Fabricio] GRANT SELECT ON SCHEMA::[db_datareader] TO [Fabricio] GRANT UPDATE ON SCHEMA::[db_datareader] TO [Fabricio] DENY DELETE ON SCHEMA::[ db_datawriter ] TO [Fabricio] Essas caractersticas de definio de acesso ao SGBD e as definies de acesso a determinadas Tabelas de Dados ou a possibilidade dos usurios de obterem diretos a executar comando de Insert, Select ,Update e Delete de fundamental importncia para que o SGBD se mantenha seguro e confivel no que diz respeito s normas do CFM e SBIS. Criao da Rotina de Cpias de Segurana Uma das principais atribuies de um DBA zelar pelo bom funcionamento do SGBD e pela sua integridade e segurana dos dados, de nada adianta uma poltica de segurana bem definida se o DBA no utilizar de forma correta a tarefa de Backup e Restaure. Conforme descreve Battisti (2005) a informao o bem mais valioso da sua empresa e estando estas informaes armazenadas no banco de dados da empresa, de fundamental importncia que tenhamos uma estratgia bem definida de proteo deste bem, devemos nos preocupar no somente com as perdas, mas tambm com acesso indevido ou at mesmo com o roubo de informaes. O SQL Server 2005 oferece quatro mtodos de Backups e cada mtodo possui caractersticas e dependncias especficas, que so utilizadas pelo DBA para decidir quando cada um ser utilizado na sua poltica de backup. Estes mtodos so: Full Backup; Differential Backup; Transaction Log Backup; Filegroup Backup; Para garantir que a norma do CFM e da SBIS seja atendida temos que realizar backups de dados periodicamente de todos os Bancos de Dados do SGBD, para isso ser utlizado como exemplo a sintaxe de comando de um mtodo de backup que o Full Backup, sempre usando como exemplo o nosso banco CFMSBIS09. Segue abaixo a sintaxe bsica para a criao de um backup full,ou seja , backup completo do banco de dados: USE CFMSBIS09; Restaurao do Banco de Dados A restaurao de um banco consiste, basicamente, em operaes que recriam os objetos da base de dados at um ponto especfico no tempo.Este ponto o momento em que a criao do backup foi realizada e finalizada e que diferente da criao do backup, o processo de restaurao seqencial. Uma observao importante que deve ser considerada que durante todo o processo de restaurao, o banco fica inacessvel para todos os usurios e volta a se tornar acessvel no momento em que o banco estiver no estado Restored , ou seja, quando o backup j est restaurado. O SQL Server 2005 oferece duas formas para a restaurao de backup: atravs do SQL Server Management Studio ou usando comandos Transact-SQL. Em ambos os casos, possvel restaurar todos os tipos de backups. O SQL Server 2005 atravs da interface grfica possibilita ao DBA de realizar um restore de um banco de dados de forma mais simples e sem a necessidade de conhecimento em Transact-SQL para se utilizar o SQL Server Management Studio. As normas do CFM e a SBIS recomenda que todo o sistema de informao utilizado possua a funcionalidade de forar a realizao do processo de cpia de segurana diariamente e que sejam feitos teste de restore a cada 30 dias. O SQL Server 2005 uma ferramenta capaz de cumprir essas normas, esse sistema adotado por inmeras operadoras de plano de sade garantindo assim o cumprimento as leis e normas as quais esto submetidas. Por meio dos comandos da linguagem Transact-SQL pode-se realizar restore e backup. Mas existe tambm a possibilidade atravs do SGBD de criarmos agendamento desses servios utilizando os JOBs , ou seja, trabalhos agendados pelo SGBD para que a realizao de backups e esses devem ser realizados em horrios em que o sistema menos utilizado. Assim como no processo de backup , o processo de restore no SQL Server 2005 oferece quatro mtodos de Restore. Estes mtodos restauram os seguintes tipos de backup: Full Backup; Differential Backup; Transaction Log Backup; Partial Backup. Utiliza-se o mtodo de restore do Backup Full para restaurar com segurana o backup que criamos atravs do mtodo de backup e para isso utilizarei o nosso banco de dados de exemplo o CFMSBIS09. CONSIDERAES FINAIS No desenvolvimento desse trabalho foi notada a importncia de ser adequar s normas do Conselho Federal de Medicina (CFM) e da Sociedade Brasileira de Informtica em Sade (SBIS) se utilizando de recursos tecnolgicos existentes no mercado, o que antes eram bem menos acessveis e de difcil acesso. Atravs do aprofundamento dos conceitos de segurana utilizando o SQL Server 2005 pode-se concluir que esse documento leva ao DBA, mais especificamente para os DBAÂÂ ´s de uma operadora de plano de sade as diretrizes de como se adequar, quais controles e configuraes devem ser feitas no SGBD e tambm na cultura da empresa quanto a poltica de segurana da informao para garantir a integridade e disponibilidade dos dados. Vale observar que para gerar uma poltica de segurana satisfatrio na empresa necessrio evolver o elo mais fraco, que o ser humano, e de nada adianta uma poltica de segurana bem implementada se os que dela se utilizam no o fazem como deveriam. Muitos empresrios vem a segurana da informao como gastos, tendncia de mercado e outros para serem vistos como visionrios e estarem frente da concorrncia, mas o que realmente importa e desejam no perder recursos financeiros e se para isso for preciso investimento em segurana, que seja feita a vontade do DBA de sua empresa. Em todo o processo de criao dessa poltica de segurana deve-se envolver os conhecimentos tcnicos do DBA e estar sempre em sintonia com os usurios dos sistemas, j que estes so o elo importante para o aprimoramento e continuidade da segurana da informao. Quanto ao SGBD da Microsoft, alvo principal desse estudo a fim de se atender as normas do CFM e da SBIS, pode-se considerar que atualmente o SQLServer 2005 capaz de contribuir para um resultado mais dinmico e veloz na busca por informaes nos nveis tticos e estratgicos. Tais informaes so fundamentais para as empresas se manterem atualizadas no mercado cada vez mais globalizado e sem fronteiras. importante ressaltar tambm que o SQL Server 2005, em comparao com outros bancos existentes no mercado como Oracle, Mysql, Postgres, possui mecanismos de segurana muito eficazes, sendo mais fcil de ser configurado. Em fim a poltica de segurana numa organizao essencial para mante-l segura, j que com essa polcia bem implementada, ainda assim no pode garantir 100% de segurana, imagine sem ela a falta de segurana seria ainda maior. Considera-se ainda, que o SQL Server 2005 possui recursos de segurana suficientes para que os usurios possam seguir corretamente as regras impostas pelo DBA e que se essas regras forem deixadas em segundo plano podem vir a surgir problemas que certamente levaro as empresas a um prejuzo de ordem intelectual, estratgico e financeiro incalculvel. Por fim as empresas devem acompanhar a evoluo tecnolgica, mas sem se esquecer da segurana que garantir a continuidade do negcio e no se limitando a solues paliativas de problemas isolados, deve investir em uma poltica de segurana contnua protegendo o bem mais valioso que a informao. REFERNCIAS ANS Resoluo Normativa n. 153, 2007. Disponvel em https://www.ans.gov.br/portal/site/_hotsite_tiss/pdf/rn153.pdf. Acessado em: 15 de Agosto de 2009. Battisti, Jlio. SQL Server 2005 Administrao Desenvolvimento Curso Completo. Traduo: Gisella Narcisi. 1. ed. Rio de Janeiro: Axcel Books, 2005. Brazo, Adriano. Administrando a segurana no SQL Server parte I Bsico, 2009. Disponvel em https://www.bf.com.br/a rtigo_details.aspx?ID=129. Acessado em: 29 de Agosto de 2009. Chapple, Mike. Microsoft SQL Server 2008 para Leigos For Dummies. Traduo: Lia Gabrieli. 1. ed. Rio de Janeiro: Alta Books,2009. Dewson, Robin. SQL Server 2005 para Desenvolvedores do Iniciante ao Profissional. Traduo: Betina Macedo. 1. ed. Rio de Janeiro: Alta Books,2006. SITES PESQUISADOS: https://www.developer.com/services/ https://www.webservicesarchitect.com/ https://www.w3.org/2002/ws/ https://en.wikipedia.org/wiki/List_of_Web_service_specifications https://www.dextra.com.br/empresa/artigos/webservices.htm Enclicopdia Livre, Wikipdia, Web service, 2009. Disponvel em https://pt.wikipedia.org/wiki/Web_serviceAcessado em: 28 de Dezembro de 2009. FERREIRA, Adriana, Principais Caractersticas do PostgreSQL, 2004. Disponvel em https://www.sqlmagazine.com.br/Artigos /Postgre/01_Caracteristicas.asp. Acessado em: 25 de Setembro de 2009. Leo, Beatriz de Faria, Alves, Cludio Giulliano da Costa e Silva da, Marcelo Lcio e Galvo, Stanley da Costa. Manual de Certificao para Sistemas de Registro Eletrnico em Sade (S-Res), 2009. Disponvel em https://www. cfo.org.br/download/pdf/manual_certificacao_sbis-cfm_2009_v3-3.pdf. Acessado em : 15 de Agosto de 2009. Paiva Pontes, Herleson Criao e Restaurao de Backup no SQL Server 2005 Parte I, 2008. Disponvel em https://www.devmedia.com.br/articles /viewcomp.asp?comp=4417. Acessado em: 19 de Setembro de 2009. Paiva Pontes, Herleson Criao e Restaurao de Backup no SQL Server 2005 Parte Ii, 2008. Disponvel em https://www.devmedia.com.br/articles /viewcomp.asp?comp=6193Acessado em: 19 de Setembro de 2009. Paiva Pontes, Herleson Criao e Restaurao de Backup no SQL Server 2005 Parte III, 2008. Disponvel em https://www.devmedia.com.br /articles/viewcomp.asp?comp=6323 Acessado em: 19 de Setembro de 2009. FREITAS, Andrey, A histria do SQL server Disponvel em https://sqlserversecurity.blogspot.com/. Acessado em: 15 de Agosto de 2009. Resoluo CFM n 1.638/2002, 2002. Disponvel em https://www.portalmedico.org.br/resolucoes/cfm/2002/1638_2002.htm. Acessado em: 17 de Outubro de 2009. Resoluo CFM n 1.639/2002, 2002. Disponvel em https://www.portalmedico.org.br/resolucoes/cfm/2002/1639_2002.htm. Acessado em 19 de Setembro de 2009. Resoluo CFM n 1.821/2007, 2002. Disponvel em https://www.portalmedico.org.br/resolucoes/cfm/2002/1621_2007.htm. Acessado em: 17 de Outubro de 2009. Revista SQL Magazine Edio 22 Backup, 2005. Disponvel em https://www.devmedia.com.br/articles/viewcomp.asp?comp=5900.Acessado em :08 de Agosto de 2009. Revista SQL Magazine Edio 23 Segurana no MySQL, 2005. Disponvel em https://www.devmedia.com.br/articles/viewcomp.asp?comp=6019hl=Acessado em: 31 de Outubro de 2009. Revista SQL Magazine Edio 29 Oracle Fashback, 2006. Disponvel em https://www.devmedia.com.br/articles/viewcomp.asp?comp=6622.Acessado em: 08 de Agosto de 2009. Revista SQL Magazine Edio 59 SQL Server e Oracle, 2008. Disponvel em https://www.devmedia.com.br/articles/viewcomp.asp?comp=11064.Acessado em: 08 de Agosto de 2009 Rosa, Adriana Conceito sobre Banco de Dados, 2008. Disponvel em https://www.adrianorosa.com/artigos.asp?categoria=banco%20de%20dadoscod=495548artigo=conceito-sobre-banco-de-dados Acessado em: 08 de Agosto de 2009. Smola, Marcos. Como ser nossa relao com a informao em 2019?, 2009. Disponvel em https://www.semola.com.br/disco /Coluna_IDGNow_107.pdf. Acessado em: 29 de Agosto de 2009. Smola, Marcos. Em segurana da informao, menos pode ser mais, 2006. Disponvel em https://www.semola.com.br/disco /Coluna_IDGNow_77.pdf. Acessado em: 29 de Agosto de 2009. Smola, Marcos. Segurana em aplicaes public key infrastruture ready, 1999. Disponvel em https://www.semola.com.br/disco /Coluna_IDGNow_14.pdf. Acessado em: 29 de Agosto de 2009. Smola, Marcos. Segurana tolerncia zero, 2006. Disponvel em https://www.semola.com.br/disco/Coluna_IDGNow_72.pdf. Acessado em: 29 de Agosto de 2009. Smola, Marcos. Segurana: muito mais do que tecnologia, 2000. Disponvel em https://www.semola.com.br/disco/Coluna_IDGNow_18.pdf. Acessado em: 29 de Agosto de 2009. Site Oficial da Microsoft, Aprimorando a Segurana de Dados por meio do SQL Server 2005, 2009. Disponvel em https://technet.microsoft.com/pt-br/library/bb735261.aspxAcessado em: 19 de Setembro de 2009. Vieira, Luiz Segurana da Informao: necessidades e mudanas de paradigma com o avano da civilizao, 2009. Disponvel em https://imasters.uol.com.br/artigo/13075/seguranca/seguranca_da_informacao_necessidades_e_mudancas_de_paradigma_com_o_avanco_da_civilizacao/. Acessado em: 25 de Setembro de 2009. Wolf Oselka, Gabriel E Lipke, Ana Maria Cantalice. Resoluo CFM N 1331/89, 2002. Disponvel em https://www.conarq.arquivonacional.gov.br /cgi/cgilua.exe/sys/start.htm?infoid=155sid=55. Acessado em: 22 de Agosto de 2009. Zapater, Mrcio e Suzuki, Rodrigo. Segurana da Informao, 2005. Disponvel em https://www.promon.com.br/portugues/noticias/download /Seguranca_4Web.pdf. Acessado em: 08 Agosto de 2009.

Supply Chain Management By Nature Essay - 788 Words

Trade and Supply Chain Supply chain management by nature depends on the relationships and networks. There are some relationships that play a significant role in attaining supply chain success. The word â€Å"relationship† covers a broad area in supply chain management. Strategic relationship, transactional relationship and internal relationships are just a few of the relationships types in supply chain management. Within the supply chain, there are working relationships between supplier and customers. These relationships are called partnerships. The use of strategic alliances and joint ventures are becoming more popular with a rising number of multinational companies. An alliance is considered an agreement between two or more companies from different countries in supply chain activity ranging from research and development to sales. Supply Chain Relationship between Solomon and Hiram Solomon and Hiram work together to build a temple. 1Kings 5:7 states â€Å"When Hiram received Solomon’s message, he was very pleased and said â€Å"Praise the Lord today for giving David a wise son to be the king of a great nation of Israel†. This is a testament of Solomon and Hiram working together and creating a partnership. This agreement forms a mutual benefit - that is building a temple to honor the name of Lord. Normally when acquisitions occur, another company and its assets are being obtained by the acquiring companies. This sometime leads to unsatisfying employees. It may take years toShow MoreRelatedCompetitive Supply Chain Relationship Management Essay1416 Words   |  6 PagesCOMPETITIVE SUPPLY CHAIN RELATIONSHIP MANAGEMENT PRACTICES IN ORGANIZATIONS PRACTICES THROUGH COMPETITIVE PRIORITIES. Over the years, the competition landscape for most companies has shifted from the highest-quality, lowest priced product or best performing product to the ability to respond to market needs quickly and get the right product at the right time to the right customer. This has in turn forced organizations to compete with their supply chain. Understanding supply chain management and puttingRead MoreRobin Van Persie1682 Words   |  7 PagesGreen Supply Chains * According to Handfield and Nicols 1999, the nature of how supply chains are defined as â€Å"supply chain contains all activities that involve the flow and transformation from raw materials†. Following on from this description I will describe the nature, first of all, the supply chain is a network of facilities that distribute and output the performance from their findings of raw materials that which associates themselves with the products that already exist in supply chainsRead More Apply Chain Management vs Traditional Mananagement Systens Essay1406 Words   |  6 Pagescustomers. (FORMAN WEB 13). Supply chain management and customer relationship management are some of the many systems used by firms to accomplish the aforementioned functions. Before comparing Supply Chain Management and customer relationship management systems to Tradition Systems, a brief description of Supply chain management and the activities it involves is fully warranted. This brief easy attemp ts to compare and contract SCM and CRM systems to traditional management systems in terms of approachesRead MoreManaging the Complexities of the Change Process Relating to Supply Chain Performance1093 Words   |  4 PagesManaging The Complexities of the Change Process Relating To Supply Chain Performance Introduction With every industry facing greater turbulence and uncertainty there is a corresponding urgent need for concepts, frameworks, models and methodologies that provide enterprises with greater intelligence and agility in responding to threats and opportunities. The unique or special series of issues that complicate the change process are detailed in this analysis. Of the many industries faced with theRead MoreCase Study : Supply Chain Management1004 Words   |  5 PagesDiary Flat Highway, Albany, Auckland – 0632. Assignment – 2 Supply chain optimisation Introduction A supply chain management may be defined as the process involving all the activities like planning, organising, implementing and controlling the cost effective flow of goods from the point of origin to the point of consumption. This involves various other activities which is required to add value to the product along the supply chain like procurement, sourcing and conversion of the products. ThereRead MoreSupply Chain Management : Supply Chains1476 Words   |  6 Pages1.3 Supply Chain Supply chains encompass the companies and the business activities needed to design, make, deliver, and use a product or service. Businesses depend on their supply chains to provide them with what they need to survive and thrive. Every business fits into one or more supply chains and has a role to play in each of them. The pace of change and the uncertainty about how markets will evolve has made it increasingly important for companies to be aware of the supply chains they participateRead MoreDHL: Service Quality1646 Words   |  7 Pagesaffects an organization. It is therefore going to help us relate these to DHL as a company, and help us look at ways through which they can be used as a guide to related companies. Question 1: How does service quality relate to the purchasing/supply chain function? Service quality is an important competitiveness determinant, and should be considered by an organization as key to differentiating itself from other organizations. An organization can use service quality to set itself apart from otherRead MoreQuiz Questions On Supply Chain Management1170 Words   |  5 PagesQuiz 1 Supply chain management Supply chain management: It is defined as effective control of flow of material, information and finance in a network consisting of suppliers, manufacturers, distributors and customers. Schematic representation: Effective functioning of supply chain requires †¢ Coordination: proper coordination should exist in supply chain to meet the demands of the customers at right time, right place with right quality †¢ Collaboration: there should be proper collaboration betweenRead MoreSupply Chain Management : Practice, Theory, And Future Challenges Essay999 Words   |  4 Pages Supply Chain Management: Practice, Theory, and Future Challenges Name Institution â€Æ' Abstract Purpose – To analytically assess current changes in the theory and practice of supply management and through this assessment identify possible barriers, and key trends. Design approach – The paper is based on an exhaustive study of eight supply chains which included ten companies in America. Managers from at least four levels of the supply chain were interviewed, and the supply chains were outlinedRead MoreSupply Chain Plan For N S Company1460 Words   |  6 Pages Supply Chain Plan for NS Company Ninderjit Kaur MGMT 444 Supply Chain Plan Availability and quality of suppliers N S is an established organization and the issue of supplies would not really be stressful. However, entry into the new country as a subsidiary company requires the identification of new suppliers for raw materials necessary in the production process. The new market is still within the developed countries and has a stable distribution of supplies necessary for the running

Discipline Its Members Differently Scrutiny â€Myassignmenthelp.Com

Question: Discuss About The Discipline Its Members Differently Scrutiny? Answer: Introducation A companys code of ethics and professional behaviour include the principles every staff member is expected to follow. Such principles are aimed at guiding the decision-making and behaviour at the workplace. Typically, such codes considerably impact workplace practices, as the employees will comply with these principles while working, however, the accounting of impact a code has, is based on how the company uses it. This is because, without strict execution by the business, the employees may not even be aware of the ethics code in the company. Hence, it becomes the responsibility of people in authoritative positions, like a manager, to lead by example so that their subordinates can learn from them and inculcate ethics in their work (Baker Comer, 2011). In the present report, a financial accountant working at a managerial level has been interviewed face-to-face to understand how the code of ethics impact their work life and attitude toward work. This financial accountant is employed w ith a private firm. Besides this, research has also been conducted on a professional accounting body to comprehend the issues that arise from it and how it polices its codes. Series Of Interview Questions As the goal of the present report is to investigate how professional behaviour and ethics impact individuals in their real work life, hence below mentioned interview questions have been formed: Q1. Does your company have a well-documented code of ethical conduct and professional behaviour? Q2. If your answer to the above question is Yes, then what is your awareness level regarding concerned policies and procedures? Q3. Does your company require ethics training? Q4. Are there adequate procedures in place to report an unethical behaviour? Q5. Is ethical behaviour a norm in your company? Q6. If yes, how does it impact your working attitude and professional behaviour? Q7. Is unethical behaviour penalized in your company? What are the implications of breaching the companys codes? Q8. Does the presence of a penalizing system impact how you approach ethics at the workplace? Q9. Is ethical conduct rewarded in the company? Q10. Do the senior managers of the company display high ethical standards? Q11. What is the amount of pressure you feel in your company to get involved in what is deemed as unethical behaviour? Conducting The Interview A1. The company has a properly documented and communicated code of ethics in place. This Code outlines the basic ethical dos and doesn't and it also outlines what a member should do when faced with an ethical dilemma. There are several courses of action; one is required to take as per the Code when faced with some ethical issue. Though this does not provide a complete solution to a problem, it definitely guides in decision-making. A2. My personal awareness level with the companys Code of Conduct policy is very high. I am totally aware of what is expected out of me in terms of my professional conduct and behaviour. Apart from me, I strongly believe that my colleagues and subordinates are also aware of the companys policies because it reflects in their workplace behaviour. Moreover, our organization ensures that every member is introduced with the Code at the time of Induction. A3. Ethics training is given time-to-time because accounting ethics education is seen by our management as a promising remedy for addressing the ethical crisis facing our profession. Despite having a full-proof code of conduct, we also face ethical issues time and again and hence provision of ethics training is imperative. A4. Yes, there are clearly defined procedures for reporting any unethical or illegal behaviour observed in the company. There are whistleblower resources which an employee can use to bring to notice any such act. The identity of the whistleblower is completely confidential, and hence people do not have a second thought about making waves regarding any such unprofessional conduct. In fact, our organization has set up an Office of Ethics and Compliance for overseeing these matters. Hence, employees are always encouraged to report their concerns. A5. I would not say it is 100% a norm, but the majority of us try to embody ethics in our workplace behaviour. Most of the managers try to lead by example, and their subordinates try to follow the lead. However, we have not been immune to any unethical or unlawful act. There have been instances when a few people place their self-interests above the professional requirements. They get induced by gifts, self-interest, self-review or familiarity to the client. A6. Personally, I always stick to ethical norms and rules of professional conduct at work. I stay away from any such thing that can hamper my objectivity and integrity. Moreover, being on a managerial level, I have to set an example for my subordinates. I work with professional competence and due care, always defend the confidentiality of information at hand and comply with applicable rules to avoid doing anything which may discredit my position and profession. A7. Yes, ethical behaviour is definitely penalized at our company. The case is first overseen by the Office of Ethics and Compliance. The people there look at the severity of the misconduct and then decide a suitable punishment. If the breach is regular, then the employee is given a warning and his work is monitored for a long time. If the violation is severe, the Office takes the case to a review panel in the management, or an independent review panel if the management is at fault. The maximum punishment ranges from suspension to expulsion. A8. Although I am naturally guided to work ethically, the presence of a penalty system definitely helps me stay away from even the thought committing a wrongful act. A9. There is a proper mechanism for rewarding people who report unethical misconduct because the information of the whistleblower is kept confidential and hence no one can know reported the issue. However, that individual is definitely appreciated by the management, and this thing is considered during his/her performance evaluation. So, it is not completely the case that there is no motivation behind reporting unprofessional behaviour. A10. To the extent I know, most of the senior people in my company practice and preach ethical and professional conduct. The managers are very cautious about their position in the company and do not want to disparage it. A11. I definitely feel the pressure to not engage in any unethical activity because the people around me are also acting in moral ways plus there is always the fear of negative implications associated with the violation. Ethics issues and codes to police them All through 2001 and 2002, financial scandals in Australia and the USA exhibited how the efficacy of the financial market is underpinned by the assumptions of ethical behaviour and trust of corporate managers. The collapse of firms like OneTel and HIH Insurance in Australia, and Global Crossing, Enron and WorldCom in the US has resulted in a loss of trust in the system of financial accountability and reporting by the investing parties. The CPA Australia was researched to identify the ethical issues facing the accounting profession and how it polices its codes (BPP Learning Media, 2016). In discharging their professional duties, members of the body, i.e. the CPAs are expected to comply with auditing and accounting standards outlined in the AASB respectively. They are also obligated to conform to tax rules promulgated by regulatory and government bodies. Like in other professions, some accountants face ethical dilemmas. Most cases of violations could be categorized as either regular ethical dilemmas which are simple to resolve or as complicated cases who resolutions are difficult to achieve (CPA Australia Staff, 2013). These ethical dilemmas include payroll confidentiality, conflict of interest, fraudulent or illegal activities, pressure from the top to inflate earnings, and customers requesting manipulation of financial records to name a few. Compliance with the basic principles and code of ethics laid down by the Accounting Professional and Ethical Standards Board (APESB) might be potentially threatened by a wide spectrum of circumstances (Leung, Coram Cooper, 2012 ). Several threats belong to the below-mentioned categories: Self-review E.g. discovering considerable error while re-evaluating work of professional accountant; reporting operation of financial systems after being part of their design and/or execution; prepared the initial data utilized for generating records which pertain to the engagement (Marley Pedersen, 2015). Self-interest E.g. monetary interest in a client or having joint monetary interest with a client; contingent fee pertaining to an assurance engagement; having close ties with the client, likely future employment with the client (De Cremer et al., 2011). Familiarity E.g. an engagement team member having immediate family or close relations with client officer or employee, who can exert significant and direct influence on the subject matter; accepting preferential treatment or gifts from client, unless the gift value is evidently immaterial, long-term connection of senior people with assurance client (Shafer, 2013). Advocacy E.g. promoting shares in a listed company when the company is a client; serving as an advocate on the part of an assurance customer in disputes or litigation with third parties (Bazley, Hancock Robinson, 2014). Intimidation - E.g. being coerced with litigation, replacement or dismissal pertaining to client engagement; being forced to decrease the amount of work wrongly to mitigate fees (Cunningham et al., 2014). Exhibit 3 emphasizes the different violations done by practising CPAs. As identified by Tidrick, there were 327 cases where the institute penalized members between 1980 and 1990. Of these: 41 pertained to domain of technical standards 37 concerned failure to cooperate with an inquiry or abide by its requisites 28 related to acts discreditable (CPA Australia Staff, 2013) 21 pertained to breach of general 7 were independence breach 170 ethics cases were identified from Jan 1994 to December 1995 in 32 states in the country by Badawi and Rude who surveyed the bodys CPA letters during that period. The most often breached rules were: Rule 202 Conforming to standards Rule 203 Accounting Principles Rule 501 Acts Discreditable (BPP Learning Media, 2016) Rule 201 A Due Professional Care Rule 201 B Due Professional Care Of these 170 cases, 38 involved crime and criminal-related convictions, spanning from making incorrect claims to a federal agency to mail fraud to conspiracy and bank fraud. Rest of the cases involved everything from hiding assets, impediment of justice, money laundering, bribery and theft, and even murder (Trevino Nelson, 2016). APESB, is an autonomous body which was set up in 2006 by CPA Australia and Chartered Accountants in Australia and New Zealand, to reorganize its Rules of Conduct and set up the APES 110 Code of Ethics for Professional Accountants (Code) in 2006. This is the code that members of this professional body know and follow now. Exhibit 2 states the contents of the Code which has two segments. The first one titled Principles has six articles concerning the basic norms of ideal conduct, widely highlighting the responsibility of accounting profession to the clients, public and other practitioners (Bennie Mladenovic, 2015). This Code is binding on every practising as well as non-practising CPA who is a member of the Institute. They should conform to the majority, but not all, of the norms mentioned in the conduct in every type of engagement or be ready for disciplinary actions. Penalties for violation Besides entering a Joint Ethics Enforcement Program, the CPA Australia, as well as several state CPA societies, have an ethics committee for hearing complaints. Both these societies can also act autonomously on a case or can consent to taking the case to CPA Australia trial board panel. This panel has the authority to: a) acquit the member; b) admonish the member; c) suspend the membership for two years; and d) expel the member (Van Akkeren Tarr, 2014). The CPA Australia bylaws (not the Code) rule automatic expulsion of members who have not file tax returns, committed a crime or assisted in the preparation of fraudulent and false tax returns. CPA Australia penalties for ethical misconduct and wrongdoing range in severity. In several cases, the panel suspends or reprimands a CPA, obligating the member to finish a definite number of hours of continued professional education. The objective is to help the member acquire a suitable degree of professional awareness and competence (Bampton Cowton, 2013). Though aimed at a positive resolution, the CPE demands are same as serving time. People who do not meet these CPE conditions are made responsible for acts discreditable to the professions and debarred as second-time offenders. State accountancy boards also have their individual norms of conduct and panels for enforcing them. These boards can reprimand a member, but, they can also revoke or suspend the license to practice. This is a very severe penalty because the punished individual will no longer be able to use the title CPA and hence will not be able to sign audit reports. On the other end, when the CPA Australia expels a CPA, it does not prevent him/her from continue practising accounting (Abbott, 2014). However, the body can suspend or expel the membership, and the person should eliminate any mention of his/her connection with the CPA Australia or the states CPA society from their website, letterheads and other materials used in the office. CPAs whose violation of ethics need some kind of corrective measures might also be subject to more monitoring by the body. For instance, the CPA may have to recruit an unaffiliated accounting company to audit the formers work, like financial statements he made for a customer. Such monitoring might go on a frequent basis for a long-time period (Henderson et al., 2015). ; Differences And Similarities In Expectations While there are some differences in the way professional bodies and individuals working in accounting profession adhere to codes, there are some similarities as well. It is believed that supported by a robust ethical culture, every accountant could be immensely effective in playing his/her key role drawing on both their comprehension and training of professional ethics, plus their abilities in auditing, assessing and acting on management information to help their companies and clients in achieving long-run sustainability. While some accountants may get induced to go the unethical way, professional bodies are always very strict as far as their rules are concerned (Cameron O'Leary, 2015). Compliance with these rules is their top-most agenda, and they have stringent measures in place to police any wrongful behaviour. On the other hand, some accounting professionals may not keep their interests first before that of their profession and hence not follow the ethical path. It could be alluring to lie low and not respond as required when faced with an ethical issue. However, for accountants with high integrity, they owe it to their profession, career and community to react to breaches they may find rather than being complicit in illegal activities (Knechel, Salterio, 2016). Barriers to proper adherence to codes of professional conduct could be a) the organization does not have a well-documented and communicated code of standards and ethics; b) if there is a code of ethics, it is not advocated by the leaders; c) the individual does not understand the code of ethics and has ethical dilemmas; and/or d) despite awareness of code of ethics, the person chooses to give priority to self-interest (Muzio et al., 2016). Reflection Thinking about my career in the accounting industry, I have come to realize that as an Accountant, I will be handling a broad spectrum of sensitive and privileged data in my routine tasks. Moreover, because I will be working with numbers which may have implications on stock prices and bonuses, I might also be faced with ethical issues. However, I need to make sure that I never let such dilemmas get to me and I always follow the path of ethics. This is because, if during the very beginning of my career, I indulge in fraudulent activities or get induced, I may face serious repercussions like being suspended or even expelled (Sheehan Schmidt, 2015). In order to always perform in the correct interests, if ever I am faced with a dilemma or issue, I will first identify whether it is regulated by policy or law. For this, I would look up the Code established by the APESB plus the policies and procedures book of my employer. These will help me if I am not certain about the ethics of a case I am confronting. Secondly, I would assume an outsiders view, i.e. when I was a student, what I learnt about accounting ethics. Separating the issue from the professional and personal feelings will help me view the issue in a different light (Half, 2017). I will also think about the stakeholders, people or companies that will be impacted by the issue or by my decision to take or not take a certain action. Lastly, if I am required to report an illegal or unethical conduct of my employer or colleague, I would seek legal counsel either from an autonomous firm or in-house or will resort to the whistleblowing resources of my company. Though an in-house protocol may not provide a sure-shot solution, but it will certainly direct my decision making (Baada-Hirche Garmilis, 2016). Conclusion Accounting offers vital and valuable services to both private and public sectors essentially to everyone who utilizes information. These services are normally discharged by honourable, qualified professional with a robust sense of public duty. Nonetheless, similar to other professions, there are unethical professionals whose behaviour must not belittle the whole profession (Mescall, Phillips Schmidt, 2017). For regulating such critical profession and assure its integrity, people licensed to practice accounting are subject to rules and laws of the professional bodies like CPA Australia and State Boards of Accountancy. Such boards are government bodies comprising of non-CPA and CPA officeholders. CPAs who work for private companies are also subjected to the code of ethics of these groups. Although there is not sufficient literature on this matter, violations of accounting codes are being looked into, judged and being exposed publicly. The penalties for violations range from suspensio n to expulsion (Shafer, Simmons Yip, 2016). References Abbott, A. (2014).The system of professions: An essay on the division of expert labor. University of Chicago Press. Baada-Hirche, L., Garmilis, G. (2016). Accounting Professionals Ethical Judgment and the Institutional Disciplinary Context: A FrenchUS Comparison.Journal of Business Ethics,139(4), 639-659. Baker, S. D., Comer, D. R. (2011) Business ethics everywhere: An experiential exercise to develop students ability to identify and respond to ethical issues in business. Journal of Management Education, 36, 95-125. Bampton, R., Cowton, C. J. (2013). Taking stock of accounting ethics scholarship: A review of the journal literature.Journal of Business Ethics,114(3), 549-563. Bazley, M., Hancock, P. Robinson, P. (2014) Contemporary Accounting PDF. Cengage Learning. Bennie, N. Mladenovic, R. (2015) Investigation of the Impact of an Ethical Framework and an Integrated Ethics Education on Accounting Students Ethical Sensitivity and Judgment. Journal of Business Ethics, 127(1), 189-203. BPP Learning Media. (2016) CPA Australia Ethics and Governance: Passcards. BPP Learning Media. Cameron, R. A., O'Leary, C. (2015). Improving ethical attitudes or simply teaching ethical codes? The reality of accounting ethics education.Accounting Education,24(4), 275-290. CPA Australia Staff. (2013) Auditing, Assurance and Ethics Handbook. Pearson Australia. Cunningham, B., Nikolai, L., Bazley, J., Kavanagh, M., Slaughter, G. Simmons, S. (2014) Accounting: Information for Business Decisions. Cengage Learning. De Cremer, D. D., Dick, R. V., Tenbrunsel, A., Pillutla, M., Murnighan, J. K. (2011) Understanding ethical behavior and decision making in management: A behavioral business ethics approach. British Journal of Management, 22. Half, R. (2017) Ethical Issues in Accounting: 4 Pieces of Advice. [Online]. Available through: https://www.roberthalf.com/blog/salaries-and-skills/ethical-issues-in-accounting-4-pieces-of-advice . [Accessed on 26 September 2017]. Henderson, S., Peirson, G., Herbohn, K., Howieson, B. (2015).Issues in financial accounting. Pearson Higher Education AU. Knechel, W. R., Salterio, S. E. (2016).Auditing: Assurance and risk. Taylor Francis. Leung, P., Coram, P. Cooper, B. (2012) Modern Auditing and Assurance Services, Google eBook. John Wiley Sons. Marley, S. Pedersen, J. (2015) Accounting for Business: An Introduction. Pearson Higher Education. Mescall, D., Phillips, F., Schmidt, R. N. (2017). Does the Accounting Profession Discipline Its Members Differently After Public Scrutiny?Journal of Business Ethics,142(2), 285-309. Muzio, D., Faulconbridge, J. R., Gabbioneta, C., Greenwood, R. (2016). Bad barrels and bad cellars: a boundaries perspective on professional misconduct. Shafer, W. (2013) Ethical Climate, Social Responsibility, and Earnings Management. Journal of Business Ethics, 126(1), 43-60. Shafer, W. E., Simmons, R. S., Yip, R. W. (2016). Social responsibility, professional commitment and tax fraud.Accounting, Auditing Accountability Journal,29(1), 111-134. Sheehan, N. T., Schmidt, J. A. (2015). Preparing accounting students for ethical decision making: Developing individual codes of conduct based on personal values.Journal of Accounting Education,33(3), 183-197. Trevino, L. Nelson, K. (2016) Managing Business Ethics: Straight Talk about How to Do It Right. John Wiley Sons. Van Akkeren, J., Tarr, J. A. (2014). Regulation, compliance and the Australian forensic accounting profession.Journal of Forensic and Investigative Accounting,6(3), 1-26.

Terminator and the Matrix Essay Example

Terminator and the Matrix Essay The dictionary term for stereotyping is a fixed image or idea of a type of person or thing that is widely held. Stereotyping was very popular towards women before the 1980s. This was called sexism. Women were treated very badly for instance there was talk of a glass ceiling, this was a term used to describe how women were prevented to reach top positions. Stereotyping can be used in a number of ways. One way was in films, such as Legally Blond and Miss Congeniality. The act of stereotyping in the film Legally Blond is when a woman is portrayed as a Barbie doll. Then takes advantage of her looks and uses it to get what she wants. Soon after she was finally, respected or her brain than her choice of style. However Miss Congeniality is known for a different and unexpected type of stereotyping. This time the main character was shown quite manly. Subsequently she went through a process of becoming very feminine. Those films prove that it might be difficult but woman can do practically anything that men can do. We will write a custom essay sample on Terminator and the Matrix specifically for you for only $16.38 $13.9/page Order now We will write a custom essay sample on Terminator and the Matrix specifically for you FOR ONLY $16.38 $13.9/page Hire Writer We will write a custom essay sample on Terminator and the Matrix specifically for you FOR ONLY $16.38 $13.9/page Hire Writer In both films the Terminator and the Matrix stereotyping has been used frequently and very blatantly. For instance in the film Terminator, Sarah Connor is represented as a typical girlish woman. This is revealed the audience when her only outfits are mostly pink. In contrast to Sarah, Trinity has been represented stereotypically as well, however in the complete opposite of Sarah Connor. For example she has been shown very manly and heroic, this through the CGI which makes trinity perform special powers. Also the choice of Trinitys name is ironic because it is quite feminine, which would be given to someone who is very womanly. Whereas at the, beginning of the film Trinity comes across as a dark and mysterious person. This is given away in different aspects of he the film such as in the intro the soundtrack is very tense and wiry. The director also made the music fast and high tuned during the chase scene between Trinity and Mr Smith. This emphasises the fact that there is action going on. The effect of this can let the viewers really feel and imagine what Trinity is thinking and doing. Following a different area of the film the lighting reveals a lot about Trinitys personality. When introducing the film it is very dark and spooky with a few spot lights from the policemens torches. This achieves the introduction of Trinity to be very dark and tense. It also gives the setting a very scary atmosphere; this edges the reader to anticipate what, might happen next. The lighting, as well, is very dim in the first shot of her. This shows Trinity to be androgynous; it creates a sense of mystery to what sex she is. And as it changes to a close up shot of Trinity confirms that she is a woman. It also reveals in that scene that she is calm and in control, even though there was many police men with guns right behind her. However she still seems to be androgynous through her choice of costume and make up. For instance in a shot of Trinity she is wearing a P.V.C, black cat suit which represents her strength and power. This is also expressed from the bold, strong colour of her black clothes. Even when she goes out, other than wearing a dress, she still dresses down by wearing the same colours and no jewellery. This gives the audience an impression of how mature, independent and strong she is. She is, coincidently as the men around her, this shows the director wanted to present that Trinity is no different to any one else. Her natural use of make-up portrays her as a man, such as the way she always has her hair tied back even in a club. This explains to us that she doesnt look like shes trying to impress or attract any one. I think the director did this whole plain look of Trinity to make people see how different women have different qualities. The special effects used in the Matrix lets Trinity seem very heroic. This done through CGI, computer generate imagery. One example of this is when she could jump a long distance, from one building to another. The CGI used in this is demonstrating that gravity has no effect on trinity. Whereas the police men chasing after her didnt even try to imitate trinity because they knew it was impossible. This proves that Trinity has the ability to do skills that men cant do, let alone skills that are ridiculously not possible to humans. Therefore she is superhuman. For instance Trinity uses her own powers instead of using and relying on guns, which is a contrast to the policemen. This gives the viewers an impression that women can be stronger than men. Another way that showed Trinity to be heroic is when Trinity manages to get out of a situation when she was about to give up. By persuading and forcing her to overcome her fear and carry on. This will most likely inspire women all over the worl d to be just like her. On the other hand Sarah is a complete different character to Trinity. This time, Sarah has been shown different in ways that are quite sexiest. Starting of with the soundtrack, this was very gentle in the introduction of Sarah Connor. I think the director did this so that Sarah can come across very innocent and sweet almost like a child. However as the viewer gets into the film the music changes into heart beat sound while Sarah walks outside by herself at night. This gives a tense atmosphere and makes you feel as if something is going to happen. We also get the sense that Sarah feels the same, thats why she went into a night club. Coincidently it has a lot of people in it. The atmosphere in the club was very jumpy. It had fast music and flashing lights which reveals how desperate Sarah might have felt. The fact that she has to go to a club shows she doesnt have enough confidence and the ability to defend herself. Therefore she is exposed to be a helpless victim. However she also sho ws some intelligence because Sarah probably knew that whoevers behind her has a less chance of capturing her in a crowed place. I think the director used the lighting to make Sarah seem even more ladylike. For instance, in one scene as she goes to work the lighting is very bright and sunny. Also the music almost sounds like s harmony. This emphasises Sarahs feminist side. The directors decision of clothing is very such as in her job, the colours used in Sarahs outfits are very feminine. She constantly wears pink for instance the first shot of her is in a soft pink jacket. This gives the impression of Sarah gentle, calm and soft. Her uniform is quite skimpy and pink as well, which is not a unisex colour therefore the job of waiting in a fast food restaurant was often only meant for women also that Sarah doesnt mind. Finally her nightgown has cartoon characters, of the Jetsons, on it. This tells us that she is immature and childlike. Plus she uses a lot of make-up. I know this from a scene where he adds on more make-up no top of the make-up she already has on just because she is going out. The whole image of he was down so that she portrayed as a dome blond. Since this was made in the 1980s I think women were preceded that way. I n Sarahs case no special effects were used this demonstrate that she is ordinary, normal and just like us. However there were different ways in showing what Sarah is like. In the scene where Sarah is in a night club she tries to call someone. I suppose the phone symbolises how scared she is and how frantic she is for help. Also the scene before she goes to work she talks to a statue, this stresses the point that she is very juvenile and babyish. If we compare the two we find out that they both conflict each other. And they both represent their character in different ways, for instance Trinity is shown to be very independent and strong. Such as in a scene a police man is being patronises towards Trinity by saying whats one little girl going to do. This is ironic because later on Trinity manages to defend herself. By attacking about half a dozen police men, which each had a gun, and out run them to. Also in the club scene, when Trinity meets Neo, Neo is shocked to find out that Trinity was actually a girl. This is made known when he says youre Trinity? This is stereotyping Trinitys abilities, which reveals that Neo is quiet sexist, that he thinks only a job like cracking into computers is done by men. Sarahs character can be known in the scene where her boyfriend cancelled on her up but yet she didnt react like an upset girlfriend would do, this shows a weakness to her personality that she is too lenient. It also seems like they both live in parallel worlds. This highlights the point of how the world has changed from 1980 to the 1990s. And how it has grown from women being stereotyped to them gaining the rights they deserve.

Summary and Reflection of ‘Future of Medicine Perfection and Beyond’ (Chapter 3) of Physics of the Future by Michio Kaku Essay Example

Summary and Reflection of ‘Future of Medicine: Perfection and Beyond’ (Chapter 3) of Physics of the Future by Michio Kaku Essay The chapter takes the reader through an imaginative journey of medicine in the future. Although some of the possibilities proposed appear like material from a science fiction novel, they are based on emerging scientific breakthroughs. One of the themes discussed in the chapter is the increasing mastery of human beings to ‘play God’. Evolving new technologies allow the medical professional to perform astounding feats of genetic engineering. This could happen at various stages of life – from neonatal to palliative. With this capability, people can augment their life spans, develop immunity to various viruses and even thwart cancer using nanotechnology. In chapter 3, Michio Kaku makes predictions and depictions of future of medicine in all its possible manifestations. We read of ‘nanobots’ that would operate at sub-molecular levels in dealing with infections and diseases. The author also envisions advancement in stem cell extraction and utilization, whereby, new organs can be ‘harvested’ merely with the seed of a few stem cells. If this becomes a reality then the need for organ transplants will be reduced. More importantly, by using organs from the patient’s own stem cells, post operative complications are diminished. There is consensus within the scientific community about the use of such technologies for benign and remedial purposes. However, questions and doubts are raised in using these technologies for cosmetic or enhancement reasons. These enhancements are above and beyond what a healthy human existence requires. They are meant to give ‘competitive’ advantage over peers in the evol utionary game of selecting the ‘fittest’ genes. We will write a custom essay sample on Summary and Reflection of ‘Future of Medicine: Perfection and Beyond’ (Chapter 3) of Physics of the Future by Michio Kaku specifically for you for only $16.38 $13.9/page Order now We will write a custom essay sample on Summary and Reflection of ‘Future of Medicine: Perfection and Beyond’ (Chapter 3) of Physics of the Future by Michio Kaku specifically for you FOR ONLY $16.38 $13.9/page Hire Writer We will write a custom essay sample on Summary and Reflection of ‘Future of Medicine: Perfection and Beyond’ (Chapter 3) of Physics of the Future by Michio Kaku specifically for you FOR ONLY $16.38 $13.9/page Hire Writer The author’s projections into the future are based on extrapolations of technologies that are in their nascence. Hence there are numerous factors that bear on their future development, chiefly along political, socio-cultural, legal and ethical dimensions. But, disappointingly, Michio Kaku does not deal with the intersection of these domains upon the future prospects of a technology. In particular, it is fairly obvious that the author’s primary concern is not the ethical issues surrounding these medical developments. To this extent, the chapter in question, and the book as a whole, is incomplete. They are at best, selective and wishful anticipations of what will unravel in future technological societies. It falls short of showcasing our species’ future as an inevitable submission to technocracy. In conclusion, the work makes for an interesting read but lacks the conviction that accompanies fact. Despite this flaw, one cannot dismiss it off-hand, for it offers key insights into many of the cutting-edge technological innovations that have taken place in recent years. For a general audience that is not acquainted with scientific terminology, understanding these concepts can be difficult. To the author’s credit he alleviates this problem by keeping the jargons to a minimum. He also uses lucid expressions and easy logic to flesh out his arguments. Overall, reading the chapter will be a thrilling yet thought-provoking experience for the reader, as it had been for me. Reference: Kaku, Michio (March 2011). Physics of the Future: How Science Will Shape Human Destiny And Our Daily Lives by the Year 2100. Doubleday. The chapter takes the reader through an imaginative journey of medicine in the future. Although some of the possibilities proposed appear like material from a science fiction novel, they are based on emerging scientific breakthroughs. One of the themes discussed in the chapter is the increasing mastery of human beings to ‘play God’. Evolving new technologies allow the medical professional to perform astounding feats of genetic engineering. This could happen at various stages of life – from neonatal to palliative. With this capability, people can augment their life spans, develop immunity to various viruses and even thwart cancer using nanotechnology. In chapter 3, Michio Kaku makes predictions and depictions of future of medicine in all its possible manifestations. We read of ‘nanobots’ that would operate at sub-molecular levels in dealing with infections and diseases. The author also envisions advancement in stem cell extraction and utilization, whereby, new organs .

Factors that compelled Tesco to exit the Japanese Market The WritePass Journal

Factors that compelled Tesco to exit the Japanese Marketï » ¿ Executive summary Factors that compelled Tesco to exit the Japanese Marketï » ¿ ). Tesco failed to establish enough scalable business after its 8 years operation in Japan. According to CEO, Philip Clarke, Japanese shopping habits were very different from those envisioned in business strategies and business processes of Tesco. According to Clarke, the British consumers enjoy carrying out a â€Å"big shop† once in a week since there is enough room to keep their shopping. In contrast, for many Japanese, space is premium and carrying out a big shop is not an option. Tesco, like other foreign retail companies, failed to adapt fully to the local shopping habits of the Japanese consumers. Consumers switching from branded luxury products in Tesco stores to more affordable private labels. Despite the demand for staple food and household items remaining flat, some consumers switched from purchasing branded luxury products to private labels that are more affordable. However, the penetration of such private labels products has not been popular compared to branded products because the Japanese consumers are still conscious of the product brand of the item they purchase. A series of food safety scares hit the market. The outbreak of Bovine Spongiform Encephalopathy (BSE) in Japanese cows, use of non-approved additives in packaged foods and product origin being mislabeled eroded consumer confidence and caused a series of food safety scares in the grocery retail market. The British business format of Tesco failed to compete with department and supermarket stores in Japan. The people of Japan put much emphasis on the quality and freshness of food items. They, therefore, prefer to shop many times in a week instead of carrying out a single bulk shopping in a weekly basis. Departmental store food halls began offering high price but high quality foods while low priced standard food products were offered by supermarkets. Although discount stores started increasingly introducing fresh food product to encourage more customer visits, they were considered to be at the lower end of the market along with convenience stores. The small retail channels have increased their market share in recent years because their business format meets the Japanese consumers’ preference for shopping several times each week. They have also widened their range of services such as the provision of added-value services, bill-paying facilities, cash machines and delivery services. The small retail channels business format is in contrast with Tesco business format. As a result, Tesco faced a challenge of penetrating the highly competitive business segment. The Japanese people are highly demanding and fussy consumers who need to be provided with a wide selection of goods and foodstuffs. The Japanese consumers also value freshness of their produce, and they are likely to question of the stock in a hypermarket such as Tesco. Japanese consumers make frequent visits to many different stores per week instead of carrying out a one stop-shop within a single supermarket store. Conclusion In summary, the expansion strategy taken by Tesco into the Japanese market was a well-timed one. However, the Japanese market posed many difficulties which prevented Tesco penetrating the market and achieving profits. Despite that Tesco invested many resources and formulated strategies to gain the Japanese retail market, its failure to establish a business format to suit the Japanese consumers’ lifestyle envisaged its eventual exit. Other foreign retail companies such as Carrefour SA of France had failed to attain profit. Economic factors also led Tesco’s exit as consumers changed preference. The consumer patterns of the Japanese can be difficult to accommodate and formulate a business format to suit their demands and lifestyle. References Humby C, et al. (2008) Scoring Points: How Tesco Continues to Win Customer Loyalty. London: Kogan Page Publishers. Tesco’s internal data, 2009 (www.tesco.com) Williamson C, et al. (2013) Strategic Management and Business Analysis. London: Routledge.

History Essay Example | Topics and Well Written Essays - 500 words - 16

History - Essay Example nce and Technology were taking place, there were a lot many uncertainties pertaining to the stability and political administration of various kingdoms across Europe. It won’t be an exaggeration to say that progress and prosperity came to a halt, if not a decline, during this period primarily due to rampant warfare, theological uncertainty and natural calamities. The Great Famine of the early fourteenth century and the subsequent Black Death (the mysterious epidemic breakout) nearly reduced the European population by one thirds. Given the backdrop of this catastrophe, one can understand the stagnation of fine arts; as at this time basic survival proved a challenging proposition in itself. Other contributors to a general social unrest during this era included collective rebellion of the peasants, witnessed especially in France and England. The other conflict on a larger scale was the notorious Hundred Years’ War. But the most destabilizing event during the period was the decline in authority of the Catholic Church, due primarily to internal disagreements between different denominations. Hence, the Late Middle Ages were a period of chaos, confusion and listless in many aspects. Yet, much of Europe had endured these tough times and had managed to keep the uniqueness of its civilization intact, till the advent of Renaissance, wherein the dormancy of European culture gave way to a new blooming. What prevented Europe from sinking into the abyss of the Dark Ages that was suffered by kingdoms in the Mediterranean, was the continued progress seen within the faculties of arts and sciences, albeit at a less vigorous pace. The most critical element of the artistic preservation and improvement during this era came in the form of a revival in ancient historical texts, especially the ones left behind by the Great Roman Empire. In effect, the founding principles of the Renaissance are to be found within this historical framework. While resources were being made

The Scientific Method Lab Report Example | Topics and Well Written Essays - 250 words

The Scientific Method - Lab Report Example The quantity of oxygen dissolved would be controlled by beginning from 20ppm and twenty fish. After this the amount of oxygen would be lowered slowly up to 0ppm. In this instant, as per the hypothesis set, there would be zero fish within the water. The control variable for this experiment would be temperature of water. This is so because for accurate results of this experiment, the temperature of water needs to be kept constant. Otherwise it will alter or give out biased the results of the experiment. For this data set, a line graph would be most appropriate representation. This is so because line graphs are normally used in making comparison and representing data that have a time series. This graph is the most appropriate for this data, because it displays a clear magnitude change. In this observation, we hypothesize that the rate at which the plant grows depends on the quantity of sunlight. The null Hypothesis for this observation would be; the rate at which a plant grows is not controlled by the quantity or degree of sunlight. The approach used would be moving the plant around the specific room. The dependent variable shall be the plant growth whereas the independent variable shall be the sunlight amount. The control variable for this observation shall be a plant placed in the shade. Data shall be collected using a pencil, stopwatch, ruler and a clipboard. Presentation of data shall be done using a bar graph. This data would be interpreted using an excel program or an SSPS program. In this observation, we hypothesize that the Bank tellers having brown hair with brown eyes certainly would be taller in height. The null Hypothesis, in this case, shall be the bank tellers height has no relationship with their eye or hair color. The approach of experimentation to be used would be observing tellers who work at different banks. The dependent variable for this observation is the bank teller’s height and the independent variables are the bank teller’s

People's management of stress Essay Example | Topics and Well Written Essays - 750 words

People's management of stress - Essay Example As it is, stress was reported not to be classified as an illness. However, when people are persistently and constantly challenged by mental or emotional pressures over a long term, the effects could actually lead to serious illnesses (NHS 2012). The article by Allen (2011) published in The Guardian reveales that from a survey conducted by the Chartered Institute of Personnel Development (CIPD), stress has been identified to be the commonest cause of long-term sick leave in organizations. In this regard, the aim of the current study is to present the results of a survey conducted at the Sheffield City Centre where 100 adult people, both male and female, were asked five (5) questions related to stress. The method used was a questionnaire-survey through interview. The results would hereby be presented and appropriate recommendations in the concluding portion would be suggested. The purpose of the questionnaire was to determine the major responses to concerns such as frequency of stress, causes, ways of managing stress through relaxation, taking time off work due to stress, and who to confide in when in stressful situations. They were asked five questions and their responses were tabulated and percentage results were revealed. The five questions asked are as follows: When asked how often do they feel stressed, the following pie chart shows that 45% of the respondents indicated occasionally (a few time a week), followed by sometimes (about half the time) at 20%. The least percentage was 5%, both answered by the 5 respondents as all the time and also 5 respondents as never. For those who responded that they are stressed, the major cause of stress was dominantly exhibited as relationships with family and friends at 25%, followed by money at 20%, fast pace of modern life and others, both at 10%, and only 5% indicated work. As such, the findings indicate that majority or 35 of the 100 people surveyed indicated that watching TV is their means of

Commercial Management And Project Management Construction Essay

Commercial Management And Project Management Construction Essay Kalifomatos Consultants is a Quantity Surveying firm with a wide range of services provided for the potential Client. One of the fields KCQS specializes in is Project Management. Project Management aims to deliver any given Project ensuring the desired balance between Time, Cost and Quality. Feasibility reports, according to Douglas (1999), test whether the requirements initially set out can be actually met or not. Boyle (2003) suggests that feasibility reports can take different forms. Functional feasibility amongst others refers to physical requirements as well as soil conditions. Technical feasibility refers to the statutory consents as well as the time constraints whereas financial feasibility deals with the costs of the development and in essence creates a budget for the Client to decide on whether he can follow it or not. In addition to the above, business feasibility deals with the strategic brief analysis indicating if the qualitative aspects of the development match the business model of the Client. In this stage, the initial statement of requirements is developed into the design brief on behalf of the Client confirming the key requirements and constraints for the development, following the feasibility analysis taken earlier. The next step that follows is the identification of which procurement method is better for use which sufficiently meets the Clients requirements; the Project Manager could do this. The last step of the Design brief is to assemble the people that need to be involved in the development process which comprise of Architects, Quantity Surveyors etc. (Boyle 2003) According to the information our firm has been provided with, the borehole records the Client is said to have in his possession are of a neighboring site to the proposed one. The fact that a neighboring site has previously undergone a site investigation does not guarantee that for example the soil conditions for the proposed one will be the same. The strata could vary as well as the depth of the water table; maybe a new site investigation for the proposed site reveals that the site has been bombed during the war, resulting to a distortion of soil conditions in the site. This could be seen as a possible constrain which would have been identified if a site investigation had been undertaken. Another activity that has been undertaken was the acquiring of the site. Following the previous point, as well as the fact that our company has not been presented with an actual investigation for the proposed site, the site could be rendered as completely useless for the purposes its needed. Taking into consideration the fact that the Clients directors have previous development experience for some years, the acquiring of the site with no site investigation undergone could be seen as a very naà ¯ve move. According to Hacket (2007), Management Contracting and Construction Management are very similar in many aspects, nevertheless, there is one essential distinguishing characteristic which is fundamental to the understanding of the two systems; the contractual arrangements between the parties involved. In Management Contracting, the subcontractors are in contact with the Management Contractor whereas in Construction Management they are in direct contact with the employer; none of the subcontracts are entered into by the Construction Manager. The difference is illustrated by comparing the two diagrams provided. The most important requirement the Client has set out was that the quality level is to be prestige. The best quality is offered from traditional procurement method. Another requirement set out by the client is the flexibility of the design; also traditional procurement is the best suited for this but Design and Manage offers a high utility for this section as well. However, when it comes to high complexity of the design, Traditional procurement does not best suit the description whereas all the other methods do. The next requirement set out is asap completion; Traditional Procurement does not offer that whereas again, all the other methods do. Furthermore, Design and Manage offers the single point responsibility the Client is looking for as well as Design and Build. This feature would not be available with Traditional Procurement method nor with the Design and Build or the Management Contracting as illustrated in the previous schematics. Furthermore, two of HRD2010s directors have pr evious development experience, so the fact that in order to use Design and Manage one needs previous experience is seen as a disadvantage, is easily one to overcome here. The main reason Construction Management has been rejected even though it is very similar to Design and Manage, was the single point of responsibility required by the Client; thus total utility offered in the chart is 450. And last but not least, the Client welcomes the sharing of risks; Design and Manage can also satisfy that requirement. Based on the RIBA task allocation, the Client has not performed properly the Preparation stage. Vital points have been left out which could have major impacts on the projects development. KCQS has provided the Client with some recommendations for the successful progression of the development. These would be the immediate conduction of a site investigation for the proposed developments site in order to be able to proceed accordingly. The Client has failed to provide a proper feasibility report (recommended) which is vital in assessing the quality of the proposed development, its costs as well as the need to meet statutory consents. Following the above, the Client should be able to address to possible constraints with regards to the development and overcome them in due time. It is also recommended that the people that are to be involved in the development process are to be identified.