|
|
 |
Blogs
Toad and Database Commentaries |
Toad World blogs are a mix of insightful how-tos from Quest experts as well as their commentary on experiences with new database technologies. Have some views of your own to share? Post your comments! Note: Comments are restricted to registered Toad World users.
 Do you have a topic that you'd like discussed? We'd love to hear from you. Send us your idea for a blog topic.
|
|
|
|
|
|
|
Author: |
JohnWeathington |
Created: |
Thursday, March 27, 2008 |
 |
 |
John Weathington is President and CEO of Excellent Management Systems, Inc., a management consultancy that helps companies improve their regulatory and contractual compliance. John is a long-time, avid user of Quest products, and has partnered with Quest Software for guidance on future product development.
John's blog is a discussion for DBA's, database developers, and IT management observations, issues, and solutions, based on his consulting work.
Recent postings:
|
|
|
Control Convergence by Example |
|
JohnWeathington
|
Friday, October 03, 2008
|
|
|
|
Control convergence – the effort of staying in compliance while reducing the number of controls – is a big trend in the industry today. In this article, we demonstrate how the data professional can support a control convergence effort, by way of fictitious case study.
|
 |
|
|
Read More...
|
|
|
Policy Data Management in 3 Stages |
|
JohnWeathington
|
Thursday, September 25, 2008
|
|
|
|
In this article, we talk about policies – an important area of your companies governance, risk, and compliance program. We discuss what a good policy looks like, and how you can evolve a policy data management system in 3 stages.
|
|
|
|
|
Read More...
|
|
|
People Make Mistakes |
|
JohnWeathington
|
Thursday, September 18, 2008
|
|
|
|
Human beings, by their very nature, make mistakes. Even seasoned professionals make simple errors on occasion. In this article we explore the “mistake database”, an architecture to help your company minimize errors.
|
|
|
|
|
Read More...
|
|
|
|
Getting Risk Right – How Probable is Your Probability? |
|
JohnWeathington
|
Thursday, September 04, 2008
|
|
|
|
Inaccurate risk probabilities can wreak havoc on the applicability of your risk database. Why go through the trouble of setting it up, if bad probability entries render your database unusable? In this article, we explore the importance of getting the risk probability correct, and ways to improve your accuracy.
|
|
|
|
|
Read More...
|
|
|
Beyond Compliance – Understanding Risk |
|
JohnWeathington
|
Thursday, August 28, 2008
|
|
|
|
Compliance usually starts with a fire drill, however intelligent companies take the time to step back and put their compliance into perspective. Risk is the key to understanding and optimizing your compliance program. In this article, we discuss risk as an evolution from compliance, and look at some ways to model it in the enterprise.
|
|
|
|
|
Read More...
|
|
|
Who’s on First? How to Model Accountability |
|
JohnWeathington
|
Thursday, August 14, 2008
|
|
|
|
A consistent pattern that emerges in compliance best practices, is the notion of accountability. Demonstrating accountability is a key component of building a solid compliance program. In this article, we explore the motivation, requirement, model, and architecture to make accountability a reality in your company.
|
|
|
|
|
Read More...
|
|
|
How to Survive a Death March |
|
JohnWeathington
|
Thursday, August 07, 2008
|
|
|
|
A death march is a project that is doomed to fail. If you are in IT, and you are dragged onto a compliance project, chances are you will find yourself stuck here. In this article, I'll give you my tips for identifying a death march, and more importantly surviving one.
|
|
|
|
|
Read More...
|
|
|
How to Help Your Company with Financial Risk |
|
JohnWeathington
|
Thursday, July 31, 2008
|
|
|
|
The new SEC standards for SOX compliance have made it clear that your company should spend more time focused on financial risk. In this article, we’ll explore what’s driving this, how you as a database professional can help out, and some design considerations for a Financial Risk Compliance Data Mart.
|
|
|
|
|
Read More...
|
|
|
Coping with Disaster |
|
JohnWeathington
|
Thursday, July 24, 2008
|
|
|
|
This article wraps up the series on the types of controls and our discussion of architectures, by taking a look at the adaptive control. We’ll explore how you can support your business deal with the impact of risks, when there is no contingency plan.
|
|
|
|
|
Read More...
|
|
|
3 Key Tips for Surviving a Firefight |
|
JohnWeathington
|
Thursday, July 17, 2008
|
|
|
|
Nobody likes a firefighting effort, but unfortunately it’s a fact of life that we need to deal with as database professionals. In this article I share my 3 favorite tips for getting through without getting burned.
|
|
|
|
|
Read More...
|
|
|
How to Correct a Bad Situation |
|
JohnWeathington
|
Thursday, July 10, 2008
|
|
|
|
This is a continuation of a skip series that I’m doing on the architecture of different control types. In this article, we discuss Corrective Controls; why we need them, and how to design for them.
|
|
|
|
|
Read More...
|
|
|
|
When Prevention Fails, What’s Next? |
|
JohnWeathington
|
Thursday, June 26, 2008
|
|
|
|
Okay, we’ve already learned the prevention is the best medicine. But what do we do when we cannot put preventive controls in place? This article answers that question and more, with more examples and data architecture considerations.
|
|
|
|
|
Read More...
|
|
|
Automated Process Auditing |
|
JohnWeathington
|
Thursday, June 19, 2008
|
|
|
|
In this article, we discuss the importance of understanding your “Really As-Is” process, and the big mistake companies make when building process documents. Then, we explore a data architecture for continuously auditing your process in an automated fashion.
|
|
|
|
|
Read More...
|
|
|
Prevention over Intervention |
|
JohnWeathington
|
Thursday, June 12, 2008
|
|
|
|
In today’s article, we discuss the different types of controls, the best type of control, and considerations for how these controls can be worked into the data architecture of your company.
|
|
|
|
|
Read More...
|
|
|
Solving for Data Privacy |
|
JohnWeathington
|
Thursday, June 05, 2008
|
|
|
|
In this article, I scratch the surface on the growing concern of data privacy. We’ll discuss how the industry has reacted to the concern, and how you might start to solution for it.
|
|
|
|
|
Read More...
|
|
|
How to Deal with Chronic Weakness |
|
JohnWeathington
|
Tuesday, June 03, 2008
|
|
|
|
What do you do when your company consistently has compliance weak points that don’t seem to go away? This article explores this condition, and provides the steps that your company will need to go through – and how you will support it.
|
|
|
|
|
Read More...
|
|
|
How to Survive an Agile Project as a DBA |
|
JohnWeathington
|
Thursday, May 22, 2008
|
|
|
|
For years now, agile development has been an extremely efficient way to get results while keeping the customer happy. However there are perils, especially for the database people. This article gives you a primer for what to expect, and how to succeed.
|
|
|
|
|
Read More...
|
|
|
How to Keep Dead People Out of Your Database |
|
JohnWeathington
|
Thursday, May 15, 2008
|
|
|
|
If dead people are accessing your database, data breach is right around the corner. In this week’s blog, we discuss database access management concerns, and how to architect a compliance system to handle them.
|
|
|
|
|
Read More...
|
|
|
To Write, or Not to Write? Good Question! |
|
JohnWeathington
|
Thursday, May 08, 2008
|
|
|
|
Here we take a look at end users sending data back to the database. Is it a good idea? What are some of the reasons why your end users would want to do this? And, four key tips to consider when designing in this functionality.
|
|
|
|
|
Read More...
|
|
|
Keep It Under Control With SOD |
|
JohnWeathington
|
Thursday, May 01, 2008
|
|
|
|
For the last couple of weeks we’ve been talking about controls. Here we round out our series by talking about Segregation of Duties ( SOD ) as a way to keep things in control. Here are some key tips for designing systems that demonstrate control with SOD.
|
|
|
|
|
Read More...
|
|
|
Keep It Under Control With Approvals |
|
JohnWeathington
|
Thursday, April 24, 2008
|
|
|
|
As a follow on to last week’s blog about controlling with reconciliation, in this blog we look at another common control – approvals. Here are some key tips for designing systems that demonstrate control with approvals.
|
|
|
|
|
Read More...
|
|
|
Keep It Under Control With Reconciliation |
|
JohnWeathington
|
Thursday, April 17, 2008
|
|
|
|
In the compliance world, reconciliation is more than just making sure your data loaded properly. Here are some key tips to using reconciliation as a control in your compliance data system.
|
|
|
|
|
Read More...
|
|
|
Prove It or Lose It! |
|
JohnWeathington
|
Thursday, April 10, 2008
|
|
|
|
When audits are involved, you are guilty until proven innocent. Here are 4 key strategies to employ in the design of your compliance data system, that will prove your company’s innocence.
|
|
|
|
|
Read More...
|
|
|
|
Let's Talk About Compliance! |
|
JohnWeathington
|
Thursday, March 27, 2008
|
|
|
|
Inaugural entry for John Weathington’s Quest for Compliance. Here we get introduced to John, get clear on some compliance related definitions, and get acquainted with the impact compliance has on DBAs, database developers, and IT managers.
|
|
|
|
|
Read More...
|
|
|
|
|
|
|
|
|
|
|