July 2007 - Posts
Calcanis and others are writing about fcbk and how it's over-hyped and has other serious problems. And to some extent, they're right - it's easy to 'break' the program and have it annoy you. And also, despite the calls for use of its application to revolutionize business models and such other things, aside from making it unnaturally easy to stay in touch with people from elementary school, is its use in business all that important?
In the sense that it helps strengthen fragile bonds among co-workers into that of a stronger community, yes it can. And it can be good for networking and all those associated Good Things.
But is it as important or valuable as interesting or enlightening writings?
Dennis reports on a survey from the business software company Sage that talks about client needs and what accountants perceive themselves as, among other things.
I don't have much to say about that directly, but it reminds me of something loosely related.
There is a completely insane exercise still practiced around the world: the manual transfer of online timesheets from one computer system to the accounting system. And by "manual", I mean by hand.
What. The. Hell.
I want to know why there are no patches being offered up to automate the mundane process. Is if the fault of the online timesheet system, or of the accounting software? Or is the middleman interfering?
Many small businesses use Quickbooks or Simply Accounting. How hard would it be to connect them to the various online timesheet systems?
Or am I raging at a minor phenomenon? Do most clever companies already link the two systems together? If so, I wonder why I've been exposed to the Wrong method of doing things.
While numerous people lined up to pick up a book at midnight, I got to attend a midnight screening of Hairspray - and wow, the movie was really good. I could write up a detailed review, and was tempted to do that, but I want to go outside and enjoy a bit of the rare sunshine. So read this review instead - it's a rare example of a Toronto Star movie critic's review which I completely agree with.
The music, the stars, the fact that a good friend is an extra in the production which was filmed in my neighbourhood. So many reasons to go enjoy it. Go see it now.
There's an interesting article found courtesy of Dennis, where one "Mr. Murphy" argues that the Big 4 are doomed to implode because of the way they operate.
He argues that the main problem is that he thinks that all young auditors are trained to be assembly line audit monkeys rather than professionals. I'd say, from personal experience, that he puts forward a scary sounding argument, but lacks some hard proof to back up his claims, or to at least contradict my personal experiences.
Yes, it's true that if you're a rainmaker - you bring in sales - that's a Good Thing, but is there any business where it's not?
The point that "Mr. Murphy" glosses over in trying to argue that "Sales are King" is that Professional firms rely on the expertise, wisdom, and knowledge of their professionals to make sales.
No sane client will pick incompetent fools as their auditors or advisors if given a choice. You want the smartest people with the best reputation to help you - unless you're really stuck on getting the 'lowest bidder', but then your disregard for quality work will probably bite you in the end and make you wish you hadn't.
And if, as the proposed professional, you lie about your abilities, you're a horrid choice for an auditor. Such a charlatan will be discovered and flogged until dead. Career-wise, anyway. Unless you're working with some really harsh business partners, then you might as well take the observation literally.
His other observation, that the "up or out" system is in effect is also true- anyone with a passing knowledge of audit firms knows that - but to simply tar the entire profession the way he does borders on libel - I say borders because he doesn't "out" any particular individual or firm, but if he had, there would be some explaining to do.
Unless of course he's aware of things going on very poorly in other firms.
Eyes widen at the thought. Which was the thrust of his article.
Perhaps I should be glad there wasn't any hard evidence presented to back up his views.
My next project should probably be to dislodge Francine's #2 position in Google searches for Auditing Standard #5. She wonders why there isn't more discussion of the new set of rules and guides for auditors. I suspect it might have something to do with the fact that you also can't easily read the CICA handbook online either. Neil and I mused about this recently and I'm thinking it might have something to do with leaving your golden advice inside the barn for the paying customers. More discussion is necessary though.
I thought the new Potter book came out today. But that would be silly - that's Simpsons movie weekend.
Thanks to Mankiw's blog, I found this interesting article on the books.
This quote right here nails on the head a problem that was bothering me for a while, but I had not articulated:
"JK Rowling is not, to put it mildly, known for her seamless plotting or
the gripping realism of her characters, most of whom spend the latter
books pointlessly withholding information from each other that, if
shared, would end the installment somewhere around page ten."
Thank you, Megan. That's it exactly. Needless secrets, gah. It's irritating.
I'll probably end up reading the last book anyway to see what happens. I'll probably end up getting irritated anyway though.
In response to additional comments that lambaste the Potter series for glaring plot holes big enough to drive a truck through - and a completely dysfunctional economy, several people wrote in to complain that complaining about the books' brilliance, or lack thereof, is a Bad Thing.
The first comment in response belies how I react when I watch most Hollywood fodder:
"Ever hear the phrase "Too smart for your own good?"
About my third year of uni, I realised that my acquired knowledge
was sucking the fun out of many forms of entertainment. Hollywood
blockbusters, for example, ceased being a visual feast and just began
to seem stupid and contrived.
A few bitter and jaded years later, I, learned to sit back and stop thinking so much."
Unlike the commenter, I do keep thinking while watching movies. My friends teased me for laughing too hard at too many "wrong times" during Die Hard 4.0 (a.k.a. Live Free or Die Hard), but I couldn't help it.
The difference is that I didn't get upset at the glaring flights of fancy, like the 18-wheeler fighting a jet (what is this, Transformers?) and other plot problems, I found them to be sources of awesome comedy.
And so I laugh. Not out of haughty superiority - well, maybe because of a little bit of that - but mainly because I find it amusing that the writers or directors either A. thought someone would find this realistic, or B. were so lazy or tired that they just handed in this version of the script/cut and called it 'good enough'.
And their budget was how many millions of dollars?
This all brings to mind a completely unrelated article about how the MS Word style of writing on computers destroys productivity. Some people tease me for staying true to WordPerfect despite its pathetic market share.
I consider it a not-so-secret weapon in allowing me to be more productive than any given Word user.
The backup I use to carry my laptop around is well designed for carrying around a laptop.
Add a kilogram of paper files to it, though, and the awkward design of the bag makes it a back breaker.
It's not a large weight by any means. I routinely carry ten times as much in well designed bags - Mountain Equipment Co-op does good work.
I suppose a more accurate title for this posting would've been, "I really hate this backpack, it's lame and can't handle heavy loads and causes me nothing but headaches when I'm trying to shove it in an overhead storage bin because its bizarre natural resting form as an isosceles triangle cylinder."
But that title would probably sound too long.
Perhaps I should invest in a better backpack. Or, failing that, get staffed on jobs where I have a team of interns to ferry around papers for me. The only downside, of course, is that you have to keep finding stuff for said interns to work on aside from the paper ferrying, otherwise you're chewed out for wasting the intern's precious boundless energy on sending faxes to nowhere.
Not that I've ever done that. The faxes I had my interns send went somewhere. The main problem was that they never came back with answers.
I wish I could say that next week I'll be moving on to an all-digital file. And if it wasn't for the half dozen boxes of print-outs I have to ferry around with me, I would say that it will be the case.
Perhaps I'll get lucky next month. If not, I really need to get myself a new backpack.
I can't just pick up an intern at the store.
You can count on Francine's site to yield some interesting stories about audit work, and the latest post concerning the audit woes at Boeing is without a doubt the wildest epic of chaos and confusion wrought by a poor SOX job I've really ever seen.
The amount of money blown testing controls that had no chance of passing brings to mind a recent post by GeekLawyer bashing his profession, criticizing poor lawyers for spoiling their profession's reputation.
A lot of the highlighted points in Francine's article either look outlandishly grim or unintelligible, depending on your familiarity with the world of audit.
Deloitte performed the external audit, while Jefferson Wells and PricewaterhouseCoopers did internal audit work for Boeing.
Among other reasons to have them present, internal audits can test how your companies controls are working before the external auditors arrive. Since Boeing was paying a lot of money for PwC and JW to send people to test everything - the smart thing to do would be to leverage their work.
For example, if the internal audits finds that you can't rely on the controls, Deloitte shouldn't test them - they will already know the controls are 'broken'. According to the article, though, "Deloitte decided it would do its own tests to come to its own conclusion about control effectiveness". I don't know if the reporter Francine quotes has all the facts - there's a lot of he-said/she-said finger-pointing evident in the article - but assuming that the controls really weren't working, Deloitte just wasted Boeing's money by going to town with their own tests.
IT auditors have the luxury, you see, of being able to say "we can't test your system, we already know you're going to fail", and stopping there. The financial auditors still have to go in and see if everything's in order, which is a costly headache for everyone involved, but at least the IT auditors don't contribute to the bill.
The worst thing you can do, in this context, is to do full-on testing, and generate a huge bill, only to realize that the controls don't work and the financial audit team is going to have to do their intense testing.
If things are as bad as the article makes them sound, I wouldn't be surprised to see Boeing looking for a new auditor in the near future.
There are a few sensationalistic points in the article worth taking a closer look at. First, the article mentions allegations of internal audit fraud at Boeing. This would imply someone lied about whether or not they did their job. If that's the case, someone probably got a severe reprimand, or was even fired. The article doesn't go into detail, though, so just mentioning the topic is idle speculation which is rather weak journalism.
The same comment applies to the allegations of "infighting" between the two internal audit teams from JW and PwC. I suppose to depends on how much you count on the Seattle Post-Intelligencer to give you a true account of the "thousands" of internal e-mails they read in preparing their article.
Hopefully you noticed something strange there. The P-I got thousand of internal Boeing e-mails.
Talk about an information leak. How did that happen? It sounds, no doubt, like disgruntled employees were willing to talk and share a lot of information. I wonder how many people are glad Boeing 'just' makes planes, and doesn't actually safeguard personal information of the flying public?
P-I allows me to make a rare mini-case study, through use of an angry employee is quoted in the article - and his e-mail to the people auditing him is shared as a PDF, where he laments the trouble they're giving him. It turns out that a program the man was involved in setting up was being questioned by the auditors. A common step when auditing changes to a company's software is to find out whether someone approved the installation of the new program. There's other steps too, but this "authorization" is one of them - and Michael Du Pas became justifiably upset because he explains that he got evidence to prove someone provided the needed authorization.
Calling SOX "a terrorist attack on America" - great line, by the way - things get murky, fast.
His first claim is that it's "obvious" the program is approved. His second argument is that he had an e-mail to back up his claim.
I'm curious to know whether his claim that it approval is "obvious" because he had evidence, or because it's wishful thinking. I don't know, but it would matter in making a call on what happened there. In the same way, the e-mail that is cited in the PDF file is another thing an auditor would have to take a look at. Was it composed before or after the fact? The implication is the that the comment specifying when the approval was given was dated at some point in time before the program was actually installed, but that's yet another mystery.
This episode, the conclusion to which is unclear, handily illustrates the observation that "the level of emotion seemed unusual" at Boeing. And it's a shame, really. The article makes it sound like the hardy folks used to seeing auditors dropping by - the finance department denizens - were compliant with SoX demands, since they're used to being audited. The IT workers, on the other hand, are depicted as free spirits who get crushed by rules, or openly rebel against them.
That certainly happens, but when it does it's a sign that someone really dropped the ball.
People hate having their work audited in general. And depending on your attitude, it can be really grating to see some young punk subjecting you to the annual ritual of producing evidence that you dotted your i's and crossed your t's.
What makes the Boeing scenario interesting is that I've found it often easier to work with IT departments than the finance groups. While in all well managed, professional firms, you'll find friendly amiable people, there are bad eggs here and there. And some companies just have nasty work cultures.
In the spirit of over-broad generalizations, I've found that the finance department people often - though not always - are the group that's more resistant to auditors because they're used to dealing with fresh faced kids that do the low level field work on many audit jobs. The finance folks may have been doing their jobs longer than some auditors have been alive - not a far-fetched scenario when an A/P clerk is pushing 50 while the auditor is a young 20-something.
IT people, on the other hand, are usually more welcoming to intelligent auditors who treat them with the respect they feel they deserve. The counterpoint is that even if you give the curmudgeons in the finance area respect, they'll just use that as a tool to make your life tougher.
I don't mean to say Boeing's IT department has an unusually high ratio of curmudgeons to friendly people, nor do I imply that their auditors are incompetent bumbling fools who alienate their client.
I don't have enough information to make that claim. But that is the message delivered through anecdotal evidence from the P-I.
It must have been an uncomfortable day for the people in the Seattle accounting firms' offices today when this article came out. Deloitte declined to comment on the P-I story, which isn't terribly surprising given the negative spin: the P-I points out that "When it comes to telling shareholders all that it should, Deloitte
does not have a spotless record, according to government records." The article points out some findings from the Public Company Accounting Oversight Board, which criticize Deloitte for "dozens of decisions that made audit results appear rosier." This includes a finding in 2006 where the PCAOB wrote up "one Deloitte audit for certifying information
technology controls that the firm had not sufficiently tested."
The PCAOB is the American version of Canada's CPAB, a group that polices the police. They review some sample of all major audit firms' work, and it's a point of pride for any competent auditor to get a 'clean' opinion on their work.
Having said that, the P-I's move is a bit of a low blow. It'll be interesting to see if this just blows over or if a storm cloud is going to settle over this topic.
One of the things I like about Google is that once I set my preferences to 100 results instead of 10, it stays that way seemingly forever. Their recent blog post explains that's because their cookies were set to last about thirty years
They've cut down the amount of time those cookies stay valid, but that's not really a big deal. That's for two reasons: the cookies still live for two years, and their life gets 'renewed' when you visit Google, so if you visit once every two years, they won't forget your preferences.
What I find strange is that they make a big deal about it, saying that "cookie lifetime reduction (is) part of [their] ongoing plan to continue innovating in the area of privacy".
That's like saying "I'm going to innovate home security by closing the door once a year." No, I could come up with a strange analogy, but I won't, because strange marketing hyperbole about privacy just confuses me.
What's the point?
After writing this I looked at Scott Adams' post on 'duh news', about silly research that confirms the obvious. Not exactly the same thing, but it encourages the same feeling.
Conrad Black was convicted on four counts; it's hard to fight video evidence that shows him taking away evidence which a court had ordered.
Of course, his expensive lawyers will try anyway.
Trying to get him to go to jail seems to be akin to trying to stick a cat in a blender.
To pull off a sort of amusing shot at the iPhone and a bizarre online marketing campaign for blenders, anyway.
If you think that's disgraceful, you should read what the Star considers a highlight of the trial:
The trial was complex and involved arcane points of securities law and
corporate finance. The most memorable moments of the trial came when
Black, who did not testify, made statements outside the court asserting
his innocence and his wife Barbara Amiel Black called reporters
“vermin” and referred to one as a “slut.”
Vendorprisey's article on NetSuite and and A1S makes me wonder, what effect would this have on IT audits? Whenever you outsource an IT operation, you use an American SAS-70 or Canadian section 5970 report to determine whether you can rely on the IT systems to be secure and reliable. The reports do more than that, but that super-brief description will suffice for my purposes here.
The thing is, only one auditor needs to do a "-70" report. Afterwards everyone just relies on it.
If "online outsourced services" replace proprietary single servers, you could in theory watch as IT audit work in this area dries up, being concentrated in one single place.
A few things mean that this isn't something that'll have a huge, drastic effect, in the short term anyway. First off, this software mainly appeals to smaller or mid-sized companies that don't want or need a big expensive proprietary system. The question is, what about the larger companies run their own systems locally? If history is a guide, drastic change won't take place with any great speed.
But over the extreme long term, would these companies trust their critical financial data to another company's servers? Or will they still work on maintaining complete control 'at home'?
I'd say the likelier possibility is the former.
Which means, from a personal perspective, I wonder what effect there will be on the IT industry as the number of "big" and "small" companies shifts. If the ratio remains constant, then there'll continue to be lots of work for IT auditors. On the other hand, if small nimble companies take over the world, well, I better join them because it'll be the only place to be.
Still, this software isn't likely to cause massive shifts in whether the most dominant companies are large or small. Conventional wisdom suggests the Big People will continue to dominate and nothing drastic will occur anytime soon.
The virus in question is sent, as usual, by e-mail. I found one that didn't get caught by gmail's spam filters, so it must be pretty fresh.
One thing I really like about web-based e-mail, despite my predilection for keeping my data on my own system, is the fact that if there is a virus out there, it's cordoned off on the server, and not sitting on your computer, poised to wreak havoc.
The virus in question - it could just be spam with an attachment, actually - looks like a 12k PDF file.
When deciding whether I'm the proud recipient of a spam attachment, or a potential new virus vector that somehow will exploit a flaw in Adobe Acrobat, I'm willing to bet it's a virus.
Nuking it right away is, of course, the safest option. Given the non-commercial subject line, I'm doubly sure it must've been something nasty.
I'm no curious, though, to figure out how a PDF could harbour a virus, if it actually is a PDF. And if it's not, how did it convince gmail into believing that it is a PDF file.
It'll tell us if the lunch hour rush is already present, or whether it's finally gone.
It takes the guesswork out of perfectly timing an early or late lunch.
A webcam will tell you that quickly. Sure, you could just guess when things will be less busy - say, anything outside the hours of noon through 1 p.m., but an unnecessary gadget sounds like much more fun.
Another video courtesy of Videosift, this time featuring some wild Koreans. It has 84 votes as of right now, and it'll no doubt keep climbing when it hits #1 on the top 15 list tomorrow. Highlights include everything. For example, they form a foot, and a soccer ball, which gets kicked... it's then animated flying into a net.
The pixels used to create the animation are the dancers themselves. It's an eight minute show. Enjoy the embedded clip.
While bouncing around websites, waiting for my software to complete installation, I stumbled upon some interesting sites that don't really have much to do with my work, or perhaps are 100% in sync with what I do.
It turns out that Nurses and HR people have banded together to highlight the best of their online writings. While the Nursing site is very formal, the HR feature is a rotating thing, where people take turns highlighting their favourites.
There were two that I liked to see. First was an article explaining why it's a Good Idea to take a rejection well - the HR people might still have something up their sleeve if you don't go psycho on them. Second was a piece about how gaming is a good way to develop skills in corporate environments.
Can you imagine a world where you go on Facebook and play games and this is considered part of your job requirements.
Do the accounting sites have something of that sort? I mean sites that band them together and feature their articles, not the gaming thing. Although that would of course be incredibly great.
Each person I read has their own little blogroll - Neil and I have our own little lists, but they pale in comparison to the huge interface Dennis features. But it's not the same, really.
Unless my lazy approach to looking for such a thing means I overlooked a /. style site, I don't think one exists. An opportunity for someone to create their own niche, perhaps?
Next page »
CD keys are the string of letters and digits that many programs use to 'unlock' the program so you can use them. It's a relatively simple anti-piracy measure which will drive you completely mad if you ever need to reinstall a program and find that your CD key is not physically present with your actual CD.
After digging through a bunch of messy drawers, which I subsequently emptied - part of a long overdue late spring cleaning - I finally found the CD key I was looking for.
To avoid going mad in the future, I have two tactics. First, clean up the mess so things will be more organized.
But, more importantly, write up the list of CD keys in my possession so if I do lose the key again, I'll have it written down somewhere.
I can't believe I didn't think of doing this sooner. Hopefully this extremely simple idea will help at least one other person.