Wednesday, October 28, 2015


By John Kyriazoglou*
The main purpose of IT Controls is to ensure the safe and secure operation of information systems and the protection from harm or other potential damage of the organization’s I.T. assets and data maintained by these systems. These objectives are achieved by a set of policies, procedures, practices, methods, techniques and technological measures, collectively called ‘controls’.
IT systems and infrastructure controls are classified as General IT Controls, i.e., controls applying to the whole of an organization’s Information Systems activity, and as IT Application Controls, which are specific to a given application, such as payroll processing, general ledger accounting, accounts receivable, etc. Both of these types of controls, within any type of organization (private, public, etc.), must operate within the greater framework of corporate governance and internal controls system, to fulfill their purpose to the fullest.
Sometimes the boundary line between these control types  (General IT Controls, IT Application Controls) is rather arbitrary, particularly in client/server, web-based and cloud computing applications, most of which may run on several computers.
What is important and crucial is for IT management, systems development professionals and other stakeholders (auditors, fraud examiners, etc.) is to realize that a comprehensive and effective combination of both of these control types (General IT Controls and IT Application Controls) arer required to ensure, as much as possible, an adequately safe and secure processing environment. We need to be proactive, plan and prepare both ourselves and our organizations for possible attacks, frauds committed, and errors occurring to information systems, disasters to IT facilities, and unusual events.
We should probably note that modern intruders to IT systems and networks do not publish their tools, successful or failed attacks or profits. They act with anonymity, quietly, in a step-by-step approach, from both inside and outside the organization, across the planet, and they usually cover their trail.
The players now include terrorists, white collar criminals, hackers, open source. The global underground cyber criminal community is actually trying to do better than what we do. Ten years ago, people sold you user IDs and passwords. Now the menu includes your CVs, ATM and credit cards with pin numbers, whole e-mail inboxes. They will ship information to anywhere in the world for money.
There is an army of them with new skills and capabilities.
There are: mappers, scanners, hackers, crackers, password sniffers, readers and shooters with van Eck tools, programmers who write code to enter network and application systems without leaving a trail, moles (personnel) employed to work in an organization much before it is attacked, vendors who sell illegal and improper hardware and software, social engineers who get passwords and other sensitive information by various means, etc.
They need to be controlled by society on the one hand, by the enactment of rules, regulations, laws, ethics codes, etc., and by organizations on the other hand, by devising and implementing overall corporate and detail IT controls.
Corporate and IT control issues are quite complex and may be included in corporate and business strategic and operational concerns, rather than on their own ground, as such. Detail IT controls require far more than the latest methods, practices and software tools or technology. Organizations must understand very precisely what IT entities, data, media, systems, services, and assets they are trying to protect, and why, before selecting any general or specific IT control solutions.
We also must note that according to recent international data breaches cases data privacy and protection shortcomings can do irreparable harm to companies’ balance sheets, not to mention their brands, credibility and customer trust and relationships.
IT management, IT professionals, IT auditors, Internal auditors, fraud experts, etc., must be always on their guard to protect their organizations, the data stored and reported by their IT systems, and the greater society, by using, implementing and improving IT controls and methods in a most efficient and effective way.
IT controls, operating within the greater IT Governance Practices Framework, can create value for an organization, as we have seen in several consulting projects for various clients.
It is our mission, moral duty, responsibility and job to do this. IT application systems are the life-blood of organizations. Quick dissemination of correct and timely information drives forward, enables and facilitates our national and global economies, benefiting everyone across the globe.
We need to work hard to achieve effective and working IT controls. As Menander (ancient Greek writer, 342-291 B.C.) has said: ‘He who labors diligently need never despair; for all things are accomplished by diligence and labor’.
We need to both plan and act. And as William Shakespeare has said: ‘Be great in act, as you have been in thought’.
We must be persistent in reaching the goal of controls, and be aware of what Friedrich Nietzsce has said: ‘Many are stubborn in pursuit of the path they have chosen, few in pursuit of the goal’
Last but no least, we may require to be disciplined in our approach, because as Abraham Lincoln has said: ‘Be sure you put your feet in the right place, then stand firm’.
For more specific details on IT Controls as well as Business Management Controls see the following books by John Kyriazoglou:

1. Book ‘IT Strategic & Operational Controls’, 2010, IT Governance, U.K.
2. Book ‘Business Management Controls: A Guide’, 2012, IT Governance U.K.

3. Book ‘Business Management Controls: Toolkit’, 2012, IT Governance U.K.      

Wednesday, February 11, 2015

Free e-book: How to reduce occupational stress

Free e-book: ‘How to Reduce Occupational Stress’

Book inspired by ancient Greek wisdom
Published: Feb, 12 2015, by John Kyriazoglou
A self-help guide and an approach to manage and reduce occupational stress and improve the mental health of your people
Table of Contents


Chapter 1: The Stress Management Approach
Chapter 2: Occupational Stress Management Action Plan
Chapter 3: Strategy #1: Incorporate Basic Stress Reduction Actions
Chapter 4: Strategy #2: Add Spirituality to Your Basic Stress Reduction Actions
Chapter 5: Strategy #3: Improve Your Stress Reduction Management Process with Better Relationships
Chapter 6: Strategy #4: Strengthen Your Stress Reduction Management Process with More Robustness
Chapter 7: Improve Stress Efforts
Chapter 8: Concluding Remarks


Over 10 appendices with examples of Plans, Policies and Questionnaires that support Part A of the book.

Wednesday, December 10, 2014

New Book: Corporate Wellness: Management and Evaluation Toolkit

New Book: Corporate Wellness: Management and Evaluation Toolkit
I am glad to announce that this toolkit was just published and is available for your review and potential use at:

It contains material related to occupational stress and corporate wellness.
It contains:
1. A set of management improvement plans (with over 72 actions).
2. A stress policy.
3. Several stress performance measures.
4. Occupational Stress Audit Evaluation Questionnaires (Four audit questionnaires with over 87 questions to evaluate the stress level of people at all levels of your company, in terms of: Personal Happiness; Personal Stress; etc.).
5. Corporate Wellness Audit Questionnaires (18 audit questionnaires with over 90 questions to evaluate the Corporate Wellness of your company, in terms of: Tone at the Top; Understanding of the organization by the board; Operational philosophy; etc.).
6. Over 72 improvement actions.
7. An evaluation method that calculates an index for the person or entity taking going through the evaluation questions.

You may also check out the following documents for your business use.
1. Auditing and Improving Business Performance
2. Audit Report Model and Sample

Thank you,
John Kyriazoglou, CICA, B.A (Hon-University of Toronto),

Business Thinker, Consultant and Author of several books

Monday, December 30, 2013

Happy New Year

Happy New Year to all!


Here is an ancient Greek quotation for your consideration and enjoyment:

‘Do not spoil what you have by desiring what you have not; remember that what you now have was once among the things you only hoped for.’

   Epicurus (Greek philosopher, 341- 270 B.C.)


More sayings, quotations and maxims of ancient Greece and how these may apply and improve your personal, family and business life are included in my recent book

‘Ancient Greek Pearls of Wisdom for the 21ST Century’ (


Best and warmest regards,


John Kyriazoglou


Wednesday, December 11, 2013

Ancient Greek Wisdom for the 21st Century

New Book: ‘Ancient Greek Pearls of Wisdom for the 21st Century’




I am glad to inform you that this book was just published and is available at:   and


Authored by John Kyriazoglou

This book 'Ancient Greek Pearls of Wisdom for the 21st Century' is about guiding and supporting you to improve your personal, professional and business life in our current 21st century society.

This is achieved by:
1. Presenting a set of Ancient Greek Pearls of Wisdom in each area of life (wealth, governance, friendship, etc.) and proposing a solution in responding to basic questions in each such area (e.g. 'Why should I believe in the Supreme Being? and What do I need religion for in my business activities?)
2. Summarizing the impact of several noted ancient Greek thinkers to the world and the relevance of their contributions today.
3. Offering you, an Improvement Approach (The Pandora Way) based on Ancient Greek Wisdom (for each area: governance, wealth, association with others, self-management, education and family, etc.) including: over 60 'tips', more than 40 'golden rules' and numerous (over 20) 'recommendations' that you may consider and use to manage yourself, your family and your business more effectively and potentially make your life better.
The ancient Greek wisdom pearls relate to:
(a) The maxims, quotations and sayings (over 600) of the Oracle of Delphi, the Seven Sages and other well-known ancient Greek thinkers: Aristotle, Plato, Socrates, Pythagoras, Heraclitus, Epicurus, etc.
(b) Four hymns, the Hippocratic Oath, 9 fables of Aesop, several short stories (over 17) and the works and thoughts of noted ancient Greek philosophers, poets and intellectuals, such as: Aristotle, Plato, Socrates, Heraclitus, Epicurus, Pythagoras, etc.

(c) The real-life examples and stories of the every-day life and activities of ancient Greeks.

The book contains: A foreword, a preface, ten chapters (one for each area of living, such as: governance, wealth, etc.), three appendices, and a bibliography.

I would appreciate your comments if you have the time to review it.


Please like my ‘Ancient Greek Wisdom’ page on Facebook.

You may follow me on Twitter and Slideshare and connect with me on Facebook and LinkedIn.




Thank you for your support and my best wishes for the Holiday Season and the New Year 2014.


John Kyriazoglou



Saturday, October 19, 2013

Business Data Security Guidelines

Business Data Security Guidelines


John Kyriazoglou*


A business data security policy and related procedures should include protection controls and measures that cover the following issues:

1. Comprehensive due diligence of all critical staff, including external parties (outsourcing, external suppliers, sub-contractors, etc.). 

2. Authentication of all customers.

3. Non repudiation and accountability for all on-line transactions.

4. Segregation of duties.

5. Authorization controls.

6. Business data, transactions, records and information integrity.

7. Transactions audit trails.

8. Information confidentiality.

9. Appropriate disclosures for organizational services.

10. Data privacy.

11. Business continuity and contingency planning.

12. Security and other crises incident response planning.

13. Access controls: encryption, passwords, password control devices, tokens, user authentication devices, anti-hacking tools/techniques, digital signals origin identification, anti-tapping tools/techniques.

14. Data confidentiality.                              

15. Data integrity.

16. Anti-virus and e-crime detection software.

17. Time stamping.

18. Biometrics.

19. Digital signatures.

20. Smart cards.                            



John Kyriazoglou (

John Kyriazoglou, CICA, B.A (Hon-University of Toronto)

International IT and Management Consultant, author of several books

SSRN Free Publications:



The Beauty of Number 147

The Beauty of Number 147

By John  Kyriazoglou*

The maxims of the Oracle at Delphi (Maxims of Delphi), the most famous religious location of Greece for over 1000 years were made up of very brief quotations (two to five words) full of wisdom and moral values. The subject matter they deal with varies from religious faith, to obedience to law, how to treat friends, how to behave in a just manner, education, country, way of life, happiness, etc.


These maxims, 147 in total, were inscribed in the frontal columns at the temple of the god Apollo, at the Oracle of Delphi. They were copied on single marble tablets and were transported to all parts of the Ancient Greek World, as the writing on paper or on parchment was not known at the time.

It should be noted that these 147 maxims of Delphi embodied the complete universe of values for the ancient Greeks. The number 147 equals 3 times 7 times 7 (or 3x7x7). The meanings of numbers in the ancient Greek world were quite important.

Number 3 represents divine perfection, and in Pythagorean terms completion. 

Number 4 represents the whole creation, as there are 4 seasons in a year, 4 winds, 4 directions, 4 elements (fire, water, air and , earth), etc.

Number 7 is the combination of 3 and 4, and represents the universe. Also Apollo’s lyre (musical instrument) had 7 strings, there were 7 sages, etc. In Pythagorean terms 7 is a cosmic number with 3 of heaven and 4 of the world. Number 147, being 3x7x7, represented all divine values for all universes (a universe of a universe).

Most, if not all, of these maxims (e.g., ‘Follow God’, ‘Obey the law’, ‘Worship God’, ‘Respect your parents’, etc.) have been attributed to the seven sages of Ancient Greece: Thales, Pittacos, Bias, Solon, Cleovoulos, Periandros, and Chilon, who are also credited of having their own quotations, as well. For a full list of these maxims, quotations and sayings see my book ‘Pearls of Wisdom of the 7 Sages of Ancient Greece’ at Amazon.

Ethical maxims and quotations play a significant role in shaping our every-day life and social interactions with others, as they embody simple rules to memorize and follow and thus make our life easier as they provide a level of assurance that we are doing the right and accepted thing.

These Oracle of Delphi maxims and the quotations and sayings of the Seven Sages cover all areas of living, such as:

1. Religiosity (faith, worship, religious behavior, God, praying, etc.),

2. Governance (protect home country, society, laws, ruling),

3. Managing Property (wealth, protection of self and property, profit, finance, etc.), 

4. Principles, Virtues and Values for Association with Others (friendship and love, peace and hate, anger, justice, honor, goodness, murder and vice, wisdom, mercy and forgiveness, and happiness),

5. Personal Skills (self-control, efficiency, effectiveness, hope, fortune, etc.), 

6. Knowledge, Education and Training, and

7. Family, Values and Conduct in Life (marriage, family, wife, children and parents, conduct and virtues during life, and death).


How all of these can support and help you improve your life is described in detail in my book ‘Pre-Classical Greek Wisdom for a Better Life’, available at:

*John Kyriazoglou, CICA, B.A (Hon-University of Toronto, Canada)

Greek-Canadian Author, Business Thinker, and Management Consultant