 |
Blogs
Toad and Database Commentaries |
Toad World blogs are a mix of insightful how-tos from Quest experts as well as their commentary on experiences with new database technologies. Have some views of your own to share? Post your comments! Note: Comments are restricted to registered Toad World users.
 Do you have a topic that you'd like discussed? We'd love to hear from you. Send us your idea for a blog topic.
|
|
|
|
|
|
|
Author: |
JohnWeathington |
Created: |
Thursday, March 27, 2008 |
 |
John Weathington is President and CEO of Excellent Management Systems, Inc., a management consultancy that helps companies improve their regulatory and contractual compliance. John is a long-time, avid user of Quest products, and has partnered with Quest Software for guidance on future product development.
John has close to 20 years experience in software application development, web application development, database administration, and business intelligence architecture. He is also an accomplished PMP certified project manager, a process improvement specialist, and a pioneer in using agile development methodologies to construct business intelligence solutions.
John's blog is a discussion for DBA's, database developers, and IT management on compliance concerns, observations, issues, and solutions, based on the consulting work of John Weathington.
Recent postings on compliance issues: |
|
Black Box Data Store: Lessons Learned from the NTSB |
|
JohnWeathington
|
Friday, January 16, 2009
|
|
|
|
US Airways flight 1549 teaches us that improbable events actually do occur sometimes. When the NTSB goes to investigate, the airplane’s black boxes will prove vital in the determination of cause. We can leverage this concept to fortify our chances of surviving a serious investigation. In this article I introduce design considerations for what I call the Black Box Data Store, the important data you need to prove your innocence in an investigation.
|
 |
|
|
Read More...
|
|
|
How to Survive a Break Without Breaking the Company |
|
JohnWeathington
|
Thursday, January 08, 2009
|
|
|
|
Coming off of a break myself, it seems appropriate to discuss the architectures what support continuity, when your company takes a break from following compliance policy. In this article, we discuss why this might happen, and what you can do to minimize the disruption this type of break can cause.
|
|
|
|
|
Read More...
|
|
|
Control Convergence by Example |
|
JohnWeathington
|
Friday, October 03, 2008
|
|
|
|
Control convergence – the effort of staying in compliance while reducing the number of controls – is a big trend in the industry today. In this article, we demonstrate how the data professional can support a control convergence effort, by way of fictitious case study.
|
|
|
|
|
Read More...
|
|
|
Policy Data Management in 3 Stages |
|
JohnWeathington
|
Thursday, September 25, 2008
|
|
|
|
In this article, we talk about policies – an important area of your companies governance, risk, and compliance program. We discuss what a good policy looks like, and how you can evolve a policy data management system in 3 stages.
|
|
|
|
|
Read More...
|
|
|
People Make Mistakes |
|
JohnWeathington
|
Thursday, September 18, 2008
|
|
|
|
Human beings, by their very nature, make mistakes. Even seasoned professionals make simple errors on occasion. In this article we explore the “mistake database”, an architecture to help your company minimize errors.
|
|
|
|
|
Read More...
|
|
|
|
Getting Risk Right – How Probable is Your Probability? |
|
JohnWeathington
|
Thursday, September 04, 2008
|
|
|
|
Inaccurate risk probabilities can wreak havoc on the applicability of your risk database. Why go through the trouble of setting it up, if bad probability entries render your database unusable? In this article, we explore the importance of getting the risk probability correct, and ways to improve your accuracy.
|
|
|
|
|
Read More...
|
|
|
Beyond Compliance – Understanding Risk |
|
JohnWeathington
|
Thursday, August 28, 2008
|
|
|
|
Compliance usually starts with a fire drill, however intelligent companies take the time to step back and put their compliance into perspective. Risk is the key to understanding and optimizing your compliance program. In this article, we discuss risk as an evolution from compliance, and look at some ways to model it in the enterprise.
|
|
|
|
|
Read More...
|
|
|
Who’s on First? How to Model Accountability |
|
JohnWeathington
|
Thursday, August 14, 2008
|
|
|
|
A consistent pattern that emerges in compliance best practices, is the notion of accountability. Demonstrating accountability is a key component of building a solid compliance program. In this article, we explore the motivation, requirement, model, and architecture to make accountability a reality in your company.
|
|
|
|
|
Read More...
|
|
|
How to Survive a Death March |
|
JohnWeathington
|
Thursday, August 07, 2008
|
|
|
|
A death march is a project that is doomed to fail. If you are in IT, and you are dragged onto a compliance project, chances are you will find yourself stuck here. In this article, I'll give you my tips for identifying a death march, and more importantly surviving one.
|
|
|
|
|
Read More...
|
|
|
How to Help Your Company with Financial Risk |
|
JohnWeathington
|
Thursday, July 31, 2008
|
|
|
|
The new SEC standards for SOX compliance have made it clear that your company should spend more time focused on financial risk. In this article, we’ll explore what’s driving this, how you as a database professional can help out, and some design considerations for a Financial Risk Compliance Data Mart.
|
|
|
|
|
Read More...
|
|
|
Coping with Disaster |
|
JohnWeathington
|
Thursday, July 24, 2008
|
|
|
|
This article wraps up the series on the types of controls and our discussion of architectures, by taking a look at the adaptive control. We’ll explore how you can support your business deal with the impact of risks, when there is no contingency plan.
|
|
|
|
|
Read More...
|
|
|
3 Key Tips for Surviving a Firefight |
|
JohnWeathington
|
Thursday, July 17, 2008
|
|
|
|
Nobody likes a firefighting effort, but unfortunately it’s a fact of life that we need to deal with as database professionals. In this article I share my 3 favorite tips for getting through without getting burned.
|
|
|
|
|
Read More...
|
|
|
How to Correct a Bad Situation |
|
JohnWeathington
|
Thursday, July 10, 2008
|
|
|
|
This is a continuation of a skip series that I’m doing on the architecture of different control types. In this article, we discuss Corrective Controls; why we need them, and how to design for them.
|
|
|
|
|
Read More...
|
|
|
|
When Prevention Fails, What’s Next? |
|
JohnWeathington
|
Thursday, June 26, 2008
|
|
|
|
Okay, we’ve already learned the prevention is the best medicine. But what do we do when we cannot put preventive controls in place? This article answers that question and more, with more examples and data architecture considerations.
|
|
|
|
|
Read More...
|
|
|
Automated Process Auditing |
|
JohnWeathington
|
Thursday, June 19, 2008
|
|
|
|
In this article, we discuss the importance of understanding your “Really As-Is” process, and the big mistake companies make when building process documents. Then, we explore a data architecture for continuously auditing your process in an automated fashion.
|
|
|
|
|
Read More...
|
|
|
Prevention over Intervention |
|
JohnWeathington
|
Thursday, June 12, 2008
|
|
|
|
In today’s article, we discuss the different types of controls, the best type of control, and considerations for how these controls can be worked into the data architecture of your company.
|
|
|
|
|
Read More...
|
|
|
Solving for Data Privacy |
|
JohnWeathington
|
Thursday, June 05, 2008
|
|
|
|
In this article, I scratch the surface on the growing concern of data privacy. We’ll discuss how the industry has reacted to the concern, and how you might start to solution for it.
|
|
|
|
|
Read More...
|
|
|
How to Deal with Chronic Weakness |
|
JohnWeathington
|
Tuesday, June 03, 2008
|
|
|
|
What do you do when your company consistently has compliance weak points that don’t seem to go away? This article explores this condition, and provides the steps that your company will need to go through – and how you will support it.
|
|
|
|
|
Read More...
|
|
|
|
|
|
|
|
|
|
|