When I finished my proof-of-concept presentation to the CIO of a prospective client at a recent meeting, he was more than surprised – he was upset. He almost yelled at me: “How did you do it?”
For my demo, my client had to complete a paper application form used by his company’s sales force. He needed to do this by hand, as would any customer, but using a digital pen equipped not only with an ordinary ink cartridge, but also with a micro-camera that captured each trace of the pen on the paper. When he had finished the application, he checked one box at the end of it that read “Transmit.” While explaining the features of the digital pen, I opened my laptop and remotely connected to our demo server. From there, just a few seconds after he had completed the application, I could show to him not only a high-quality scan of the completed application, but also all the data already translated into usable fields: numbers, dates, addresses, ready for ERP integration. He stood up in astonishment and asked: “How did you do it? How??”
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a central concern of US organizations that are in any way involved with the creation, access, processing or storage of sensitive confidential health records – electronic protected health information (ePHI). The Security and Privacy Rules are a particular point of focus since violation of those guidelines often leads to federal fines and settlements; those parameters are covered under Title II of HIPAA.
As a 2003 CISA recipient and a former honorary secretary of the ISACA Singapore Chapter’s board of directors, I am honored to be selected as the ISACA liaison to the International Organization for Standardization (ISO) Technical Committee 309 – Governance of Organizations.
Having served nearly three years as the chair of the US Technical Advisory Group to ISO Project Committee 278 to help develop, draft and evangelize the ISO 37001 Anti-Bribery Management System Standard, I see this as a wonderful opportunity to not only keep both the ISACA and TC-309 communities informed of significant developments in the world of governance and compliance, but also to help shape and develop newly proposed ISO standards while supporting and strengthening existing ones.
Employees are at their best when they are encouraged to take calculated risks, rather than becoming complacent with what they know and what has become comfortable. The same holds true for enterprises.
Some of the best risks enterprises can take in our technology-driven business landscape involve deploying transformative technologies that allow them to connect with customers in new and innovative ways. Yet, in many cases, organizations are failing to capitalize on the widening array of opportunities.
ISACA’s new Digital Transformation Barometer research shows that only 31% of organizations frequently evaluate opportunities arising from emerging technology. Given the swift pace with which technology is introduced and refined, this shows that most enterprises are undercutting their ability to seize marketplace opportunities and better serve their customers.
Emerging technologies – such as machine learning, artificial intelligence (AI), blockchain, Internet of Things (IoT), augmented reality, and 3-D printing – are swiftly disrupting several industries. To paraphrase Klaus Schwab, co-founder of the World Economic Forum, these mind-boggling innovations are redefining humanity, pushing the thresholds of lifespan, health, cognition, and capabilities in ways previously considered to be preserves of science fiction.
This blog is intended to offer a way for ISACA leaders, constituents and staff to exchange information of interest pertinent to the association, the business environment and/or the profession.
The comments on this site are the author’s own and do not necessarily represent ISACA’s opinions or plans. ISACA does not endorse, monitor or control any links to external sites offered in this blog, and makes no warranty or statement regarding the content on those external sites.
Anyone posting comments on this site should ensure that the content remains on-topic and steers well clear of any statements that could be considered insensitive, offensive or threatening. Given ISACA’s global nature, the need to communicate in a way that is accessible and acceptable to many cultures should be taken into account. ISACA retains the right, at its sole discretion, to refuse content that is considered inappropriate.
To volunteer to write a blog or suggest a topic send an email here.