An analysis of Information Security Governance in the Universities in Zimbabwe Essay

Abstract The complexity and criticality of information security and its governance demand that it be elevated to the highest organizational levels. Within a university setup, information assets include student and personnel records, health and financial information, research data, teaching and learning materials and all restricted and unrestricted electronic library materials. Security of these information assets is among the highest priorities in terms of risk and liabilities, business continuity, and protection of university reputations. As a critical resource, information must be treated like any other asset essential to the survival and success of the organization. In this paper the writer is going to discuss the need for implementing Information Security Governance within institutions of higher education. Further than that, a discussion on how to best practice Information Security governance within the universities in Zimbabwe followed by an assessment on how far the Zimbabwean universities have implemented Information Security Governance. A combination of questionnaires and interviews is going to be used as a tool to gather data and some recommendations are stated towards the end of the paper. Introduction Governance, as defined by the IT Governance Institute (2003), is the â€Å"set of responsibilities and practices exercised by the board and executive management with the goal of providing strategic direction, ensuring that objectives are achieved, ascertaining that risks are managed appropriately and verifying that the enterprise’s resources are used responsibly.† Information security governance is the system by which an organization directs and controls information security (adapted from ISO 38500). It specifies the accountability framework and provides oversight to ensure that risks are adequately mitigated as well as ensuring that security strategies are aligned with business and consistent with regulations. To exercise effective enterprise and information security governance, boards and senior executives must have a clear understanding of what to expect from their enterprise’s information security programme. They need to know how to direct  the implementation of an information security programme, how to evaluate their own status with regard to an existing security programme and how to decide the strategy and objectives of an effective security programme (IT Governance Institute, 2006). Stakeholders are becoming more and more concerned about the information security as news of hacking, data theft and other attacks happen more frequently than ever dreamt of. Executive management has been showered with the responsibility of ensuring an organization provides users with secure information systems environment. Information security is not only a technical issue, but a business and governance challenge that involves adequate risk management, reporting and accountability. Effective security requires the active involvement of executives to assess emerging threats and the organization’s response to them (Corporate Governance Task Force, 2004). Furthermore the organizations need to protect themselves against the risks inherent in the use of information systems while simultaneously recognizing the benefits that can accrue from having secure information systems. Peter Drucker (1993) stated: â€Å"The diffusion of technology and the commodification of information transforms the role of information into a resource equal in importance to the traditionally important resources of land, labor and capital.† Thus as dependence on information system increases, the criticality of information security brings with it the need for effective information security governance. Need for Information Security Governance within universities. A key goal of information security is to reduce adverse impacts on the organization to an acceptable level of risk. Information security protects information assets against the risk of loss, operational discontinuity, misuse, unauthorized disclosure, inaccessibility and damage. It also protects against the ever-increasing potential for civil or legal liability that organizations face as a result of information inaccuracy and loss, or the absence of due care in its protection. Information security covers all information processes, physical and electronic, regardless whether they involve people and technology or relationships with trading partners, customers and third parties. Information security addresses information protection, confidentiality, availability and integrity throughout the life cycle of the information and its use within the organization. John P. Pironti (2006) suggested that among many reasons for information security  governance, the most important one is the one concerned with the legal liability, protection of the organization’s reputation and regulatory compliance. With the university setup, all members of the university community are obligated to respect and, in many cases, to protect confidential data. Medical records, student records, certain employment-related records, library use records, attorney-client communications, and certain research and other intellectual property-related records are, subject to limited exceptions, confidential as a matter of law. Many other categories of records, including faculty and other personnel records, and records relating to the university’s business and finances are, as a matter of university policy, treated as confidential. Systems (hardware and software) designed primarily to store confidential records (such as the Financial Information System and Student Information System and all medical records systems) require enhanced security protections and are controlled (strategic) systems to which access is closely monitored. Networks provide connection to records, information, and other networks and also require security protections. The use of university information technology assets in other than a manner and for the purpose of which they were intended represents a misallocation of resources and, possibly, a violation of law. To achieve all this in today’s complex, interconnected world, information security must be addressed at the highest levels of the organization, not regarded as a technical specialty relegated to the IT department. Information security is a top-down process requiring a comprehensive security strategy that is explicitly linked to the organization’s business processes and strategy. Security must address entire organization’s processes, both physical and technical, from end to end. Hence, Information security governance requires senior management commitment, a security-aware culture, promotion of good security practices and compliance with policy. It is easier to buy a solution than to change a culture, but even the most secure system will not achieve a significant degree of security if used by ill-informed, untrained, careless or indifferent personnel (IT Governance Institute, 2006). In an interview the executive director and information security expert on IT Governance and cyber security with the IT Governance and Cyber Security Institute of sub-Saharan Africa, Dr Richard Gwashy Young has this to say â€Å"†¦remember in  Zimbabwe security is regarded as an expense not an investment† (Rutsito, 2012). Benefits of Information Security Governance Good information security governance generates significant benefits, including: The Board of directors taking full responsibility for Information security initiatives Increased predictability and reduced uncertainty of business operations by lowering information security-related risks to definable and acceptable levels Protection from the increasing potential for civil or legal liability as a result of information inaccuracy or the absence of due care. The structure and framework to optimize allocation of limited security resources Assurance of effective information security policy and policy compliance A firm foundation for efficient and effective risk management, process improvement, and rapid incident response related to securing information A level of assurance that critical decisions are not based on faulty information Accountability for safeguarding information during critical business activities. Compliances with local and international regulations will be easier Improved resource management, optimizing knowledge, information security and information technology infrastructure The benefits add significant value to the organization by: Improving trust in customer/client relationships Protecting the organization’s reputation Decreasing likelihood of violations of privacy Providing greater confidence when interacting with trading partners Enabling new and better ways to process electronic transactions like publishing results online and online registration. Reducing operational costs by providing predictable outcomes—mitigating risk factors that may interrupt the process The benefits of good information security are not just a reduction in risk or a reduction in the impact should something go wrong. Good security can improve reputation, confidence and trust from others with whom business is conducted, and can even improve efficiency by avoiding wasted time and effort recovering from a security incident (IT Governance Institute, 2004). Information Security Governance Outcomes Five basic outcomes can be expected to result from developing an effective governance approach to information security: Strategic alignment of information security with institutional objectives Reduction of risk and potential business impacts to an acceptable level Value delivery through the optimization of security investments with institutional objectives Efficient utilization of security investments supporting organization objectives Performance measurement and monitoring to ensure that objectives are met Best practices The National Association of Corporate Directors (2001), recognizes the importance of information security and recommends four essential practices for boards of directors. The four practices, which are based on the practicalities of how boards operate, are: Place information security on the board’s agenda. Identify information security leaders, hold them accountable and ensure support for them. Ensure the effectiveness of the corporation’s information security policy through review and approval. Assign information security to a key committee and ensure adequate support for that committee. It is critical that management ensure that adequate resources are allocated to support the overall enterprise information security strategy (IT Governance Institute, 2006). To achieve effective information security governance, management must establish and maintain a framework to guide the development and maintenance of a comprehensive information security programme. According to Horton, et al (2000), an information security governance framework generally consists of: An information security risk management methodology; A comprehensive security strategy explicitly linked with business and IT objectives; An effective security organizational structure; A security strategy that talks about the value of information both protected and delivered; Security policies that address each aspect of strategy, control and regulation; A complete set of security standards for each policy to ensure that procedures and guidelines comply with policy; Institutionalized monitoring processes to ensure compliance and provide feedback on effectiveness and mitigation of risk; A process to ensure  continued evaluation and update of security policies, standards, procedures and risks. This kind of framework, in turn, provides the basis for the development of a cost-effective information security program me that supports an organization’s goals and provides an acceptable level of predictability for operations by limiting the impacts of adverse events. In his article Kaitano (2010), pointed some characteristics of good corporate governance coupled with good security governance. These include and not limited to: Information security being treated as and organization wide issue and leaders are accountable. Leads to viable Governance, Risk and Compliance(GRC) Milestones It is risk-based and focuses on all aspects of security Proper frameworks and programs have been implemented It is not treated as a cost but a way of doing business Roles, responsibilities and segregation of duties are defined It is addressed and enforced by policy Adequate resources are committed and Staff are aware and trained It is planned, managed, measurable and measured It is reviewed and audited The overall objective of the programme is to provide assurance that information assets are protected in accordance with their value or the risk their compromise poses to an organization. The framework generates a set of activities that supports fulfillment of this objective. Principles for information security within the University In their article titled Information Security Policy: Best Practice Document, Hostland et al (2010) pointed out some guiding principles for information security within a university setup. The following are some of the principles they mentioned: 1. Risk assessment and management The university’s approach to security should be based on risk assessments and should be continuously done and the need for protective measures evaluated. Measures must be evaluated based on the university’s role as an establishment for education and research and with regards to efficiency, cost and practical feasibility. An overall risk assessment of the  information systems should be performed annually. Risk assessments must identify, quantify and prioritize the risks according to relevant criteria for acceptable risks. Risk assessments should be carried out when implementing changes impacting information security. Some recognized methods of assessing risks like ISO/IEC 27005 should be employed. Risk management is to be carried out according to criteria approved by the management at University. Risk assessments must be approved by the management and if a risk assessment reveals unacceptable risks, measures must be implemented to reduce the risk to an acceptable level. 2. Information security policy The Vice Chancellor should ensure that the information security policy, as well as guidelines and standards, are utilized and acted upon. He must also ensure the availability of sufficient training and information material for all users, in order to enable the users to protect the university’s data and information systems. The security policy should be reviewed and updated annually or when necessary, in accordance with principles described in ISO/IEC 27001. However, all important changes to university’s activities, and other external changes related to the threat level, should result in a revision of the policy and the guidelines relevant to the information security. 3. Security organization The Vice Chancellor is responsible for all government contact. The university should appoint CSO (Chief Security Officer). Each department and section should also be responsible for implementing the unit’s information security. The managers of each unit must appoint separate security administrators. The Registrar Academics has the primary responsibility for the information security in connection with the student registry and other student related information. The IT Director has executive responsibility for information security in connection with IT systems and infrastructure. The Operations manager has executive responsibility for information security in connection with structural infrastructure. He also has overall responsibility for quality work, while the operational responsibility is delegated according to the management structure. The Registrar Human Resources also has executive responsibility for information security according to the Personal Data Act and is the controller on a daily basis of the personal information of the  employees. The Registrar Academics and Research Administration have also executive responsibility for research related personal information. University’s information security should be revised on a regular basis, through internal control and at need, with assistance from an external IT auditor. 4. Information security in connection with users of University’s services Prior to employment security responsibility and roles for employees and contractors should be described. A background check is should also be carried out of all appointees to positions at the university according to relevant laws and regulations. A confidentiality agreement should be signed by employees, contractors or others who may gain access to sensitive and/or internal information. IT regulations should be accepted for all employment contracts and for system access for third parties. During employment, the IT regulations for the university’s information security requirements should be in place and the users’ responsibility for complying with these regulations is to be emphasized. The IT regulations should be reviewed regularly with all users and with all new hires. All employees and third party users should receive adequate training and updating regarding the Information security policy and procedures. Breaches of the Information security policy and accompanying guidelines will normally result in sanctions. University’s information, information systems and other assets should only be utilized for their intended purpose. Necessary private usage is permitted. Private IT equipment in the university’s infrastructure may only be connected where explicitly permitted. All other use must be approved in advance by the IT department. On termination or change of employment, the responsibility for termination or change of employment should be clearly defined in a separate routine with relevant circulation forms. The university’s assets should be handed in at the conclusion of the need for the use of these assets. University should change or terminate access rights at termination or change of employment. A routine should be present for handling alumni relationships. Notification on employment termination or change should be carried out through the procedures defined in the personnel system. 5. Information security regarding physical conditions IT equipment and information that require protection should be placed in secure physical areas. Secure areas should have suitable access control to  ensure that only authorized personnel have access. All of the University’s buildings should be secured according to their classification by using adequate security systems, including suitable tracking/logging. Security managers for the various areas of responsibility should ensure that work performed by third parties in secure zones is suitably monitored and documented. All external doors and windows must be closed and locked at the end of the work day. On securing equipment, IT equipment which is very essential for daily activities must be protected against environmental threats (fires, flooding, temperature variations). Information classified as â€Å"sensitive† must not be stored on portable computer equipment (e.g. laptops, cell phones, memory sticks). If it is necessary to store this information on portable equipment, the information must be password protected and encrypted in compliance with guidelines from the IT department. During travel, portable computer equipment should be treated as carry-on luggage. Fire drills should also be carried out on a regular basis. 6. IT communications and operations management Purchase and installation of IT equipment and software for IT equipment must be approved by the IT department. The IT department should ensure documentation of the IT systems according to university’s standards. Changes in IT systems should only be implemented if well-founded from a business and security standpoint. The IT department should have emergency procedures in order to minimize the effect of unsuccessful changes to the IT systems. Operational procedures should be documented and the documentation must be updated following all substantial changes. Before a new IT system is put in production, plans and risk assessments should be in place to avoid errors. Additionally, routines for monitoring and managing unforeseen problems should be in place. Duties and responsibilities should be separated in a manner reducing the possibility of unauthorized or unforeseen abuse of the university’s assets. Development, testing and maintenance should be separated from operations in order to reduce the risk of unauthorized access or changes, and in order to reduce the risk of error conditions. On system planning and acceptance, the requirements for information security must be taken into consideration when designing, testing, implementing and upgrading IT systems, as well as during system changes. Routines must be developed for  change management and system development/maintenance. IT systems must be dimensioned according to capacity requirements and the load should be monitored in order to apply upgrades and adjustments in a timely manner as it is especially important for business-critical systems. Written guidelines for access control and passwords based on business and security requirements should be in place. Guidelines should be re-evaluated on a regular basis and should contain password requirements (frequency of change, minimum length, character types which may/must be utilized) and regulate password storage. All users accessing systems must be authenticated according to guidelines and should have unique combinations of usernames and passwords. Users are responsible for any usage of their usernames and passwords. Data Gathering A structured questionnaire adapted and modified from previous questionnaires used by Corporate Governance Task Force, (2004) was used as the main instrument to gather data. Of the total 13 universities in Zimbabwe, 9 managed to participate in this research. The questionnaires were completed by the Executive Dean, IT Director, Operations Manager or Chairperson for the department. Section I: Organizational Reliance on IT The first section was designed to help in determining the institution’s reliance on information technology for business continuity. Table 1: Characteristics of Organization Questions Scores/Frequency 0 1 2 3 4 Dependence on information technology systems and the Internet to conduct academic, research, and outreach programs and offer support services 9 Value of organization’s intellectual property stored or transmitted in electronic form 2 7 The sensitivity of stakeholders (including but not limited to students, faculty, staff, alumni, governing boards, legislators, donors, and funding agencies) to privacy 2 3 4 Level of regulation regarding security (international, federal, state, or local regulations) 1 4 3 1 Does your organization have academic or research programs in a sensitive area that may make you a target of violent physical or cyber attack from any groups? 5 1 2 1 Total score 1 9 6 7 22 Scoring: Very Low = 0; Low = 1; Medium = 2; High = 3; Very High = 4 Section II: Risk Management: This section assesses the risk management process as it relates to creating an information security strategy and program. Table 2: Information Security Risk Assessment Questions Scores/Frequency 0 1 2 3 4 Does your organization have a documented information security program? 2 5 2 Has your organization conducted a risk assessment to identify the key objectives that need to be supported by your information security program? 2 4 3 Has your organization identified critical assets and the functions that rely on them? 2 2 5 Have the information security threats and vulnerabilities associated with each of the critical assets and functions been identified? 2 4 2 1 Has a cost been assigned to the loss of each critical asset or function? 1 3 3 2 Do you have a written information security strategy? 2 4 2 1 Does your written information security strategy include plans that seek to cost-effectively reduce the risks to an acceptable level, with minimal disruptions to operations? 4 2 2 1 Is the strategy reviewed and updated at least annually or more frequently when significant changes require it? 2 3 3 1 Do you have a process in place to monitor federal, state, or international legislation or regulations and determine their applicability to your organization? 2 2 3 2 1 Total 10 16 26 14 16 Scoring: Not Implemented = 0; Planning Stages = 1; Partially Implemented = 2; Close to Completion = 3; Fully Implemented = 4 Section III: People This section assesses the organizational aspects of the information security program. Table 3: Information Security Function/Organization Questions Scores/Frequency 0 1 2 3 4 Do you have a person that has information security as his primary duty, with responsibility for maintaining the security program and ensuring compliance? 4 3 1 1 Do the leaders and staff of your information security organization have the necessary experience and qualifications? 5 2 2 Is responsibility clearly assigned for all areas of the information security architecture, compliance, processes and audits? 3 4 1 1 Do you have an ongoing training program in place to build skills and competencies for information security for members of the information security function? 2 2 3 2 Does the information security function report regularly to institutional leaders and the governing board on the compliance of the institution to and the effectiveness of the information security program and policies? 2 3 3 1 Are the senior officers of the institution ultimately responsible and accountable for the information security program, including approval of information security policies? 3 4 2 Total 16 17 14 7 0 Scoring: Not Implemented = 0; Planning Stages = 1; Partially Implemented = 2; Close to Completion = 3; Fully Implemented = 4 Section IV: Processes This section assesses the processes that should be part of an information security program. Table IV: Security Technology Strategy Questions Scores/Frequency 0 1 2 3 4 Have you instituted processes and procedures for involving the security personnel in evaluating and addressing any security impacts before the purchase or introduction of new systems? 2 3 3 1 Do you have a process to appropriately evaluate and classify the information and information assets that support the operations and assets under your control, to indicate the appropriate levels of information security? 1 2 3 2 1 Are written information security policies consistent, easy to understand, and readily available to administrators, faculty, employees, students, contractors, and partners? 2 3 3 1 Are consequences for noncompliance with corporate policies clearly communicated and enforced? 1 3 2 3 1 Do your security policies effectively address the risks identified in your risk analysis/risk assessments? 2 3 4 Are information security issues considered in all important decisions within the organization? 3 2 3 1 Do you constantly monitor in real time your networks, systems and applications for unauthorized access and anomalous behavior such as viruses, malicious code insertion, or break-in attempts? 1 3 3 1 1 Is sensitive data encrypted and associated encryption keys properly protected? 2 3 2 1 1 Do you have an authorization system that enforces time limits and defaults to minimum privileges? 2 2 2 3 Do your systems and applications enforce session/user management practices including automatic timeouts, lock out on login failure, and revocation? 2 3 2 2 Based on your information security risk management strategy, do you have official written information security policies or procedures that address each of the following areas? Individual employee responsibilities for information security practices 4 3 1 1 Acceptable use of computers, e-mail, Internet, and intranet 2 3 2 2 Protection of organizational assets, including intellectual property 2 2 3 2 Access control, authentication, and authorization practices and requirements 1 2 3 1 2 Information sharing, including storing and transmitting institutional data on outside resources (ISPs, external networks, contractors’ systems) 2 1 3 2 1 Disaster recovery contingency planning (business continuity planning) 1 1 3 4 Change management processes 2 3 2 2 Physical security and personnel clearances or background checks 1 3 3 2 Data backups and secure off-site storage 1 1 3 4 Secure disposal of data, old media, or printed materials that contains sensitive information 2 3 4 For your critical data centers, programming rooms, network operations centers, and other sensitive facilities or locations: 2 3 4 Are multiple physical security measures in place to restrict forced or unauthorized entry? 1 2 3 3 Is there a process for issuing keys, codes, and/or cards that require proper authorization and background checks for access to these sensitive facilities? 2 1 3 3 Is your critical hardware and wiring protected from power loss, tampering, failure, and environmental threats? 1 4 4 Total 17 45 58 50 47 Scoring: Not Implemented = 0; Planning Stages = 1; Partially Implemented = 2; Close to Completion = 3; Fully Implemented = 4 Discussion As shown by the total scores on Table 1, a majority of the university has a very high reliance on the IT in their services. This is depicted by the structure and characteristics of the university. Information risk assessment and management leaves a lot to be desired by the universities. Most the universities have partially implemented such programs. A large number of employees in the IT departments of most universities do no have sufficient skills to implement good information security governance. Most universities lack the leaders who have the rightful know how on the subject. In addition  to that, there is no a representative in the council who will be an IT expert, hence most leaders lack interest and initiatives on information security. Due to lack of full responsibility of information security by the leaders, to implement processes for information security might also be a challenge especially to the IT department as normally is the department given the responsibility. Conclusion There is a need for institutions to start focusing on proper information security governance. For a start organization such as the Government, the Computer Society of Zimbabwe, Zim Law Society, POTRAZ, ICAZ, IIAZ, Zimbabwe Institute of Management and other industry governing bodies should put their heads together and define the appropriate legislations that mandates information security governance either by referring to existing international frameworks (PCI-DSS, SOX, COSO, ITIL, SABSA, Cobit FIPS, NIST, ISO 27002/5, CMM, ITG Governance Framework) or by consulting local information security and business professionals to come up with an information security governance framework. As the Zimbabwean economy is slowly sprouting, the art of information security governance in the universities should also take a leap. The adoption information security governance will ensure that security will become a part of any university and thus customers confidence will be boosted. References Drucker, P. ‘Management Challenges for the 21st Century’, Harpers Business , 1993. Corporate Governance Task Force, Information Security Governance: Call to Action, USA, 2004. IT Governance Institute, Board Briefing on IT Governance, 2nd Edition, USA, 2003, www.itgi.org. IT Governance Institute, Information Security Governance: Guidance for Boards of Directors and Executive Management, 2nd Edition, USA, 2006. ISO/IEC 38500: Corporate Governance of Information Technology, 2008. IT Governance Institute, COBIT 4.0, USA, 2005, www.itgi.org IT Governance Institute, COBIT ® Security Baseline, USA, 2004, www.itgi.org National Association of Corporate Directors, ‘Information Security Oversight: Essential Board Practices’, USA, 2001 John P. Pironti,  Ã¢â‚¬Å"Information Security Governance: Motivations, Benefits and Outcomes,† Information Systems Control Journal, vol. 4 (2006): 45–8. 21. Rutsito, T. (2005) ‘IT governance, security define new era’ The Herald, 07 November. Kaitano, F. (2010) ‘Information Security Governance: Missing Link In Corporate Governance’ TechZim. http://www.techzim.co.zw/2010/05/information-security-governance-missing-link-in-corporate-governance [accessed 02 May 2013]. Horton, T.R., Le Grand, C.H., Murray, W.H., Ozier, W.J. & Parker, D.B. (2000). Information Security Management and Assurance: A Call to Action for Corporate Governance. United States of America: The Institute of Internal Auditors. Hostland, K, Enstad, A. P, Eilertsen, O, Boe, G. (2010). Information Security Policy: Best Practice Document. Corporate Governance Task Force, (2004). Information Security Governance: Call to Action, USA

Attorney Client Privelege Essay

The attorney-client privilege, which dates back to the reign of Elizabeth I, was originally based on the concept that an attorney should not be required to testify against the client and, thereby, violate a duty of loyalty owed to the client. At that time, it was the lawyer who held the privilege. Today, the privilege is held by the client; while it may be asserted by the lawyer on behalf of the client, only the client can waive the privilege. Silverman, 1997) Although Silverman states that only the client can waive the privilege; he forgot to mention that if a client discloses to his attorney that he plans on committing a crime that would harm someone else, the attorney is then obligated to report it to the authorities. If a client is discussing a matter with their attorney in a public place and someone over hears it; that can be used in court. Only conversations between the attorney-client in private are considered privileged information. The attorney-client privilege is important to our criminal justice system for the simple fact that a client would be more apt to tell the truth to their attorney. When the attorney does not have all of the facts at hand; they may not be able to represent the client appropriately. If a client knew the information they were disclosing to their attorney wasn’t in confidence; they may not tell the attorney what they need to know. Our Constitution protects us from wrongful imprisonment and the US Supreme court upholds the very old legal concept. If there wasn’t attorney-client privilege then the defense would not need to fight for their client in court, thus making it easier for the prosecution to not have to properly present their case. This could result in innocent people going to prison being stripped of their liberty. One of the major concerns facing attorney-client privilege is e-discovery. With the prevalence of electronic communication, preserving client confidentiality during document production is more challenging than ever. An attorney must track and find all the information that is pertinent to their case. This includes investigating possible electronic information. If the attorney does not have the same information that the prosecution may have; it can damper the case. Electronic information is not included under attorney-client privilege. Therefore, the client should privilege the attorney with any information that may be available to the prosecution through e-discovery.

Admission to a Doctorate of Psychology

If necessity is regarded as the mother of invention, I consider necessity as the driving force that inspires and awakens us to be a man for others. We fail to open the doors of our hearts and listen to the woes of those in need due to our inability to decide on the things that we can do to improve the lives of people around us.Our reluctance to extend any assistance may also be a result of our failure to consider the value of the things that we are capable of doing. Life is not solely dependent on the material resources that we can give. The act of extending our selfless love, time, talents, skills and other resources are too valuable to ignore.One of my renowned accomplishments manifested my organization skills, self-confidence, ability to work under pressure and meet challenges, and to remain optimistic in achieving a goal.While I was in the Marine Corps, I was tasked to be the Pay Chief. Although the position requires a person to have at least ten years of work experience, I was t rusted to be the head of the section while working for only two and half years in the military. When I was assigned in the department, I discovered that the pay-roll auditing task was behind by three years.When a pre-inspection was made in our department, we were informed that there is a need to update the current records to reflect all the payroll transactions that were made during the last three years for 4,000 Marines. Normally, the completion of the task would require three years of forty-five minutes to eight hours of work each day by each person who was assigned in the department.However, we were only given eighteen months to complete the task. Initially, we all felt that accomplishing the task would require a miracle. However, I managed to motivate my people and to exemplify hope amidst our insurmountable challenge. We all worked overtime and maintained our focus to reach our goal.At the end of the eighteenth month period, we were able to update the payroll record and meet th e expectations of our superiors. My hard work was also rewarded when I was given the Navy and Marine Corps individual achievement medal for going beyond and above the call of duty of the U.S Marine Corps, Navy and U.S. government. This award was usually given as a unit award to most Marines and Sailors.My weakness is reflected in my inability to extend my patience to people whom I could only talk to over the phone. It is easier for me to settle disputes or to handle people as long as I meet them in person. Although a person may be reserved or silent, one can easily interpret a facial expression or body language.Unlike in most phone calls that I have handled as a Customer Care for Wyndham Hotel Group, I could only read a person’s feeling through the tone of their voice. In my current job, I deal with owners and managers of hotels. Most of them call and complain about issues that they are already fully aware of based on the information that are posted in the website. Since the owners of the company are practicing transparency, it is my task never to conceal nor withhold any information from the franchise investors.As a customer care representative, I counsel owners and managers about the hotel’s day to day operation and keep them updated on the current status of the hotel. The job has taught me to understand and empathize with the owners whose main concern is to know where their hard earned money is going and if their investments will yield a good return of investment.My array of blue and white collar jobs have prepared me to acquire the skills that will allow me to be flexible and compassionate to people who came from all walks of life. It is also in my exposure that made me realize the need to help the men and women in uniform who have risked their lives in fighting for our country.My passion to be of service is too strong to resist. Hence, I organized my life and decided to take a Bachelor’s degree in Psychology in spite of my lucrative b usiness venture in real estate. After getting my college diploma, I intend to take a Doctorate degree in Clinical Psychology and specialize in the treatment of Post Traumatic Stress Syndrome. Since I have directly witnessed the trauma and stress that my uncle has experienced as a result of the war in Vietnam, I can empathize with the soldiers and their families who are also suffering from the effects of their battle in a war zone environment.When I become a certified Clinical Psychologist, I will enlist in the U.S. Navy and address the need of people who are emotionally and psychologically suffering from the trauma of war and terrorism. Helping our soldiers heal from within will restore them into a life where they can be productive and fully functional in a war-free environment. Restoring the lives of our soldiers has a positive impact in our society in general and to the service members’ families in particular.When these people have recovered from the trauma and stress of wa r that are affecting their lives, they will be individuals who are capable of contributing to the growth of our nation. In addition to being able to work and raise their own families, their loved ones will be relieved from the burden of coping with the daily mental and psychological stress of a family member who has experienced the trauma of war.I believe that my optimism, empathy, determination, logical thinking ability, sensitivity to the needs of others, ability to pay close attention to what people are saying and my ability to cope with pressure and challenges will help me succeed as a clinical psychologist.

Metrics Research Paper Example | Topics and Well Written Essays - 750 words

Metrics - Research Paper Example Hence, the company would implement the HR metrics in order to develop proper total reward program (Carlson & Kavanagh, 2013). This paper would illustrate the various crucial metrics that will enable Amazon Inc to depict the potential employees to be rewarded under the total rewards program of the organisation. Contextually, the organisation will implement human capital value added metrics, turnover cost, prorating merit increases and absence rate among others. Discussion A company cannot be able to operate efficiently in the absence of a dedicated and efficient workforce. Contextually, this aspect influences them to encourage employees with rewards of various kinds under their total rewards programs. In this stand, it will further enable them to have maximum retention and satisfaction of workforce. Amazon Inc employs thousands of employees, for executing its operations worldwide. Correspondingly, a total rewards program will need to be developed with the help of the result obtained f rom the computation of various HR metrics. The first HR metrics that needs to be computed is the rate of absence in Amazon. Measuring the rate of absenteeism among the employees will enable the organisation to depict its current position with regard to employee health and other aspects that led to increased absenteeism. It would also be vital to mention that increased percentage of absence rate will directly impact the productivity, efficiency and quality of work of an organisation in a negative manner. The metrics of absence rate will enable the company to acquire data about the present rate of absence in the organisation along with the reason for same. It has been noted that, augmented rate of employee absence is at times owing to the reason of lack of satisfaction among the employees which, further arise from lack of proper reward. Hence, Amazon Inc would be able to design the total reward program with regard to overcoming the reason that leads to dissatisfaction of the employees (Hauser & Katz, 1998). Subsequently, the company will also require calculating the HR metrics of Human capital value added with regard to developing a proper reward program. Analysis of these matrices will enable the company to acquire data regarding the value added by an employee to the organisation. In this stand, this metrics will further enable the company to frame its total reward strategy in accordance to the value each and every employee ensures for the organisation. Additionally, with the computation of the prorating merit increases metrics of Amazon Inc., it will enable the organization to acquire data that will ensure hike to be given to an employee depending on the tenure of his/her work with the organisation. This analysis would be valuable for the company in order to determine the total reward program for the employees working within the company (Jackson, Schuler & Werner, 2011). Correspondingly, in addition to these aspects, Amazon Inc. might also implement the HR mat rices of turnover cost, which will enable them to know about the loss that the company incurred by losing a particular employee. These matrices will also depict the cost, which the company invested on recruitment, selection and training needs of an employee. Subsequently, the

Which Philosopher Benefits the Working Class Essay

Which Philosopher Benefits the Working Class - Essay Example For example, Karl Marx is well known as the Father of Communism and his theories are being followed by some modern governments. It is interesting to study the views and theories of these historical thinkers and see how they serve to explain modern day structures and events. Some philosophers can concretely be proved more accurate than others while some theories are still matters of debate. At the base, what truly matters is the individual and where they see themselves. One may take upon oneself a theory as their self-description while another may very well deny the same theory and choose an alternative or opposing view. Herein shall be examined the position of various philosophers: Lenin, Marx, Smith, and Ortega y Gasset, as they relate to the life of one who is deemed â€Å"working class.† Vladimir Lenin was one of the great Russian political figures and a great thinker of the twentieth century (Historical Figures n.p.). He is the one responsible for the political structure o f the USSR. In Russia, he took up a fight on behalf of the working class. It was his position that the working class needed to be rescued from the capitalist oppressors that placed heavy burdens upon them. According to Lenin, a communist lifestyle greatly benefits the working class. They have the right to be free from those who would exploit them for the sake of financial gain. In his eyes, the capitalists regarded the working class as no more than a commodity and they used them to benefit their own pockets without regard for the suffering that the working class had to endure. However, Lenin acknowledged the fact that the tendency of the working class is not to take upon themselves a socialist society and that they, if the opportunity was presented, would simply switch from being the proletariat to being the bourgeois. As it has been reported, â€Å"†¦Lenin therefore concluded that if the proletariat was ever to realize its class interest the socialist idea would have to be br ought to it â€Å"from without† by those who understood Marx’s science†¦Ã¢â‚¬ (Mayer159). It would seem that Lenin missed the mark in regard to the needs of the working class. The first and most obvious proof is the failure of his design, namely the USSR. Secondly, he neglected to fully recognize the cravings of the working class to be free from oppression. He did not see that his introduction of a socialist society is yet again just another form of oppression. For if the working class desires to advance in status, there ought be nothing to stop them but their own lack of determination. Yet, living in a socialist society, those who desire such freedoms would have to flee the country or abandon hope. Lenin is not accurate in the position of the working class from the view of a working class citizen. However, Lenin was not alone in his belief that socialism and communism are what will benefit the working class the most. His thoughts were greatly founded upon the vi ews of another well-known philosopher, Karl Marx. Marx, often considered the Father of Communism, also felt that capitalism was a social ill because it degraded the working class to a commodity for the rich whom they would serve. Marx blames private ownership and the ability to get wealth for many of the problems of society. Therefore, he prescribed a system where there would be no private ownership. Still, his views are not accurate to the working class who, without the ability to own privately, ends up working endlessly for naught. At least those who are working class and living in a capitalist society have the ability to hope for greatness and wealth. It is this hope that excites and brightens the eyes. They work all the harder, not only in their positions, but to improve

The Developing Manager Essay Example | Topics and Well Written Essays - 5000 words

The Developing Manager - Essay Example Ð °rds on the bÐ °sis of group pÐ °rticipÐ °tion Ð °nd involvement in such Ð °reÐ °s Ð °s setting goÐ °ls Ð °nd Ð °pprÐ °ising progress towÐ °rd goÐ °ls, engÐ °ge in much communicÐ °tion both down Ð °nd up Ð °nd with peers, encourÐ °ge decisionmÐ °king throughout the orgÐ °nizÐ °tion, Ð °nd otherwise operÐ °te Ð °mong themselves Ð °nd with their subordinÐ °tes Ð °s Ð ° group. My orgÐ °nizÐ °tion Ð °pplies neither of in-Ð °bove described styles. It is rÐ °ther something in the middle of exploitive – Ð °uthoritÐ °tive Ð °nd pÐ °rticipÐ °tive-group which cÐ °n be referred to Ð °s consultÐ °tive. MÐ °nÐ °gers within my orgÐ °nizÐ °tion hÐ °ve substÐ °ntiÐ °l but not complete confidence Ð °nd trust in subordinÐ °tes, usuÐ °lly try to mÐ °ke use of subordinÐ °tes ideÐ °s Ð °nd opinions, use rewÐ °rds for motivÐ °tion with occÐ °sionÐ °l punishment Ð °nd some pÐ °rticipÐ °tion, engÐ °ge in communicÐ °tion flow both down Ð °nd up, mÐ °ke broÐ °d policy Ð °nd generÐ °l decisions Ð °t the top while Ð °llowing specific decisions to be mÐ °de Ð °t lower levels Ð °nd Ð °ct consultÐ °tively in other wÐ °ys. CommunicÐ °tion is the process of sending Ð °nd receiving informÐ °tion or communicÐ °tion with Ð °nother person. In Ð ° simplistic form, informÐ °tion is sent from Ð ° sender or encoder to Ð ° receiver or decoder. In Ð ° more complex form feedbÐ °ck links Ð ° sender to Ð ° receiver. This requires Ð ° symbolic Ð °ctivity, sometimes viÐ ° Ð ° lÐ °nguÐ °ge. CommunicÐ °tion development is the development of processes enÐ °bling one to understÐ °nd whÐ °t others sÐ °y (or sign, or write) Ð °nd speÐ °k(or sign, or write), trÐ °nslÐ °te sounds Ð °nd symbols into meÐ °ning Ð °nd leÐ °rn the syntÐ °x of the lÐ °nguÐ °ge. CommunicÐ °tion is bÐ °sed on the ideÐ ° of respect, promises Ð °nd the wÐ °nt for sociÐ °l improvement. NonverbÐ °l communicÐ °tion deÐ °ls with fÐ °ciÐ °l expressions Ð °nd body motions. 93% of â€Å"emotionÐ °l meÐ °ning† we tÐ °ke from other people is found in the person’s fÐ °ciÐ °l expressions Ð °nd tone of voice, the other 7% is tÐ °ken from whÐ °t the person Ð °ctuÐ °lly sÐ °ys (More

History research paper Example | Topics and Well Written Essays - 1500 words

History - Research Paper Example ilm Gandhi, which belongs to the genre of epic biography, portrays the life history of Gandhi on one side and analyses the Indian independence movement and the related complex confluence of imperialism, nationalism, and decolonization on another side, because different methods adopted by Gandhi, like non-violent struggle, civil disobedience movement, the Salt March etc, eventually helped India to be free from the British rule. This research study is broadly divided as: Film as an epic biography: Gandhi’s life history, Analysis: Gandhi’s influence on Indian independence movement, Gandhi’s methods and Indian independence movement, and personal opinion. One can see that epic biography as a movie genre deals with life histories of historically significant individuals. Within this scenario, the film Gandhi primarily deals with the life history of Gandhi in general. To be specific, the opening scene (say, Gandhi’s death) proves that the director’s aim is to make use of flashback technique to narrate Gandhi’s life history. Martha NUSSBAUM stated that, â€Å"Mohandas K. Gandhi has been the subject of such vast discussion and such widespread veneration that even readers with little knowledge of Indian history are likely to have a reasonably accurate picture of him-especially if they have seen Richard Attenborough’s excellent 1982 film, in which Ben Kingsley successfully conveyed many aspects of Gandhi’s complex personality† (94). But the director does not try to unearth Gandhi’s earlier life because it is less significant within this context. Besides, the director portrays Gandhi’s political activism in South Africa. When Gandhi reached South Africa as a lawyer, the nation was under British imperialism. To be specific, some Indian merchants residing in South Africa asked Gandhi to help them to save them from discriminatory laws implemented by the government. When he reached South Africa, he realized that the Indian merchants are facing marginalization

Critical Risks, Problems, and Assumptions on Sports Facility Essay

Critical Risks, Problems, and Assumptions on Sports Facility - Essay Example etween two parities involved in practice or main match, violence attacks like those that happen in a real match, immunity issues, and sloppy physical examination of the participant before taking part in a sport event etc. The Facility manager carries the most responsible position to tackle the risk factors and arrange a strategic plan to manage the risks either by appointing a physician, or insurance coverage etc. Risks such as baseball foul balls might hit at the audience, a facility owner deserves the responsibility to provide enough screened seats for those who may request them and the most risky part of the facility requests to be monitored. Spectators might be at big risk of the balls hitting at them, other than this cleaning the floor, providing a safe environment removing slapping hazard, the facility owner should see that the party getting injured should not develops further damages, this is called as assumption of risks.. A facility manager holds the responsibility to set a risk management programme to reduce the possibilities of risks. Assumption of risk is the ability of the participant to understand the general risk of injuries involved in the sport he takes part. The assumption should be understood legally by the participant, which will act as a â€Å"legal defence† [Ray, 2000]. The participant should be able to undertake the activities without paying much attention towards the hazards. Chen & Esposito [2004] observes assumption of risk under two conditions they are â€Å"(a) The athlete must fully appreciate and understand the type and magnitude of the risk involved in participation. (b) The athlete must also â€Å"knowingly, voluntarily, and unequivocally† choose to participate† Chen & Esposito. [2004]. Insurance: There are special types of insurance coverage given for sports facilities such as [1] Accident insurance – in the case of injuries, sever hurts etc, [2]. Equipments Insurance- this is a special insurance coverage given for the sports

European Convention on Human Rights Case Study Example | Topics and Well Written Essays - 1750 words

European Convention on Human Rights - Case Study Example The CPR provides under Part 35.3 that: "(1) It is the duty of an expert to help the court on the matters within his expertise. (2) This duty overrides any obligation to the person from whom he has received instructions or by whom he is paid." Moreover, Part 35.4 of the CPR likewise provides that: "(1) No party may call an expert or put in evidence an expert's report without the court's permission. (2) When a party applies for permission under this rule he must identify - (a) the field in which he wishes to rely on expert evidence, and (b) where practicable the expert in that field on whose evidence he wishes to rely. (3) If permission is granted under this rule it shall be in relation only to the expert named or the field identified under paragraph (2). (4) The court may limit the number of the expert's fees and expenses that the party who wishes to rely on the expert may recover from any other party." Hence, it is settled that under the CPR, the experts have an overriding duty to th e court and that the court has the power to restrict expert evidence. Clearly, these provisions in the CPR is geared towards the objective of satisfying Article 6 ECHR affording a party to a dispute a right to a fair trial by having his case heard before an independent and impartial tribunal that has the power to control and restrict expert evidence. The Act, on the other hand, has several provisions ensuring that a party to an arbitration proceeding is afforded his right to a fair trial as a guaranteed in Article 6 ECHR. Section 1 provides: "1. The provisions of this Part are founded on the following principles, and shall be construed accordingly-- (a) the object of arbitration is to obtain the fair resolution of disputes by an impartial tribunal without unnecessary delay or expense; (b) the parties should be free to agree how their disputes are resolved, subject only to such safeguards as are necessary for the public interest; (c) in matters governed by this Part the court should not intervene except as provided by this Part." All the provisions in the Act must be read with these words in mind. The concepts of fairness, impartiality and the avoidance of unnecessary delay or expense are not new. The importance is the emphasis given to them at the start of this overhaul of arbitration--they are the lodestone for the parties and t he arbitrator when deciding appropriate procedure in the arbitration. Next is a strong statement of party control, subject to public interest safeguards. Finally, a provision that the State will not frustrate the parties' arbitration agreement. On the contrary, it will support it by punishing a defaulting party if that becomes necessary.  

Response to an article on alcoholism Essay Example | Topics and Well Written Essays - 1000 words

Response to an article on alcoholism - Essay Example Dowshen (2009) suggests that alcohol acts as a depressant because it slows down the functioning of the central nervous system by obstructing or blocking messages that are communicated to the brain. This blockage has the effect of altering perceptions, emotions, and vision, movement and hearing abilities of an individual. Although Dowshen argues that alcohol when taken in small quantities helps a person to have a feeling of relaxation and less anxiety, when taken in huge amounts it causes big changes in the brain that results in intoxification. This is whereby a person, who has over consumed alcohol staggers, loses coordination and is slur in speech with a probability of being confused and disoriented. The person might think that they are okay but they may not be because they might be slow in reaction and out of their character. In addition, when alcohol is consumed in a short period in huge amounts, it can result to poisoning commonly referred to as alcohol poisoning. In this stage, the body is poisoned by alcohol such that it is induced to vomit, sleepiness, breathing difficulties, low blood sugar, seizures and unconsciousness. Zieve et al describes alcoholism as when an individual has or shows â€Å"signs of physical addiction to alcohol and continues to drink despite physical and mental health threats and social problems or job responsibilities† (2). Research worldwide indicates that alcoholism is the most prevalent psychiatric disorder in the society today. Alcohol addiction therefore occurs when a person’s body becomes dependent on alcohol and the body builds tolerance to alcohol, which results, to the person taking a larger dose of alcohol than before, to get the same effect. A person who is addicted to alcohol is therefore referred to as an alcoholic and therefore, alcoholism is the disease of alcohol addiction and it is chronic. The article

Computer Technician Essay Example for Free

Computer Technician Essay Memory: Your memory does not store everything forever. The computer memory refers to computer components, devices and recording media that retain digital information. The computer data storage provides one of the core functions of a computer that of information retention. How a Computer Remembers: A computer has two memories, called RAM and ROM. ROM stands for Read Only Memory. It carries the information. The computer needs to carry out, it’s task, and it cannot be altered. It stays there even when the computer switch off. RAM stands for Random Access Memory or Read and Write Memory. This contains the information the computer needs to carry out the particular task you want. When you switch off the computer, RAM empties itself. You can save your work on CD-ROM, DVD ROM Disk, Floppy Disk, Flash Drives, etc. Storing Information: Each memory cells stores binary digits. It is easy to see that the size of computers RAM is important because the computer can only do the amount of work that it has room for. Computer Memory Memory Imagine that you are going to the park to play with your friends. You know the way because you have been there before. The route is stored in your memory. On the way, you meet someone and stop for a chat. If it’s not about anything important, you will probably soon forget. Your memory does not store everything forever. The computer memory refers to computer components, devices and recording media that retain digital information used for computing for some interval of time. The computer data storage provides one of the core functions of a computer, that of information retention. How a Computer Remembers A computer’s memory works in similar way. There are some pieces of information that need to be stored away. Others can be forgotten once the computer has worked on them. To separate the two types of information, a computer has two memories called ROM and RAM. ROM stands for Read Only Memory. ROM carries the information the computer needs to carry out its task. This information is built into the computer and cannot be altered. It stays there even when the computer is switched off, just as your memory of how to get to the park stays with you until you need it again. RAM stands for Random Access Memory, or read and write memory. This contains the information the computer needs to carry out the particular task you want it to do now. When you switch off the computer, RAM empties itself. You can save your work on CD-ROM. DVD ROM disks, floppy disks, flash drives, etc. Storing Information ROM and RAM are both made up of memory cells, Each memory cell stores binary digits. A chip may be able to store millions of bits. It is easy to see that the size of the computer’s RAM is important because RAM has room for it. With some computers, it is possible to add extra memory chips to increase the RAM.

Airport Incident Management System Essay Example for Free

Airport Incident Management System Essay 1. Introduction Airport operations are growing in complexity day by day, and extend across multiple service providers at the airport – namely ground handlers, customs, immigration, retail tenants, air traffic control, security, baggage handlers, airlines consortiums and airlines. These agencies use the airport infrastructure in such a way that they meet their commitment to their customers in due time. These commitments put a lot of pressure on the airport infrastructure support staff to keep the systems up and running efficiently. Currently these services are handled manually at most of the Indian airports, so there are umpteen chances of these services to breakdown at most appropriate time when airport are supposed to meet their stated commitments with agencies. These incidents are very frequently occurring, particularly at the busy airports like Delhi and Hyderabad where pressure to meet timelines are heavy on airport infrastructure. Therefore there is a need for a technology solution to provide the flexible and proactive service delivery which guarantees the availability and usability of the infrastructure available at the airport to meet the commitments. This case study discusses a solution that raises the service level of the airport to its agencies and eventually creates a positive image in the minds of its users. This case study is based on this technical solution provided at one of the busy airport where the technical solution created, provides the right answer to different stakeholders at the airport. The context diagram [pic] Source Internet 2. Case Study Purpose The purpose of this case study is to highlight the technical solution provided to solve the problems arising due to the multiple agencies of the airport using the same airport infrastructure. 3. Case Study Methodology The methodology to arrive at the solution to the use of airport infrastructure problem was the extensive survey method and later on the software implementation methodology for implementing AR Systems (Incident Management Components). The Survey Method A questionnaire about the status of services provided by the current staff to the concerned agency department was circulated and feedback collected. The response feedback was consolidated and improvements discussed and applied. A need to streamlining the procedure or writing the standard procedure was felt and implemented in the short run. Visits by senior management staff to similar airport and studying the response to the tender floated by the airport led to the long term planning of implementing the software solution. 4. The technology strategy After the gruesome struggle to provide the required service 247 at the airport terminal building, a search for better technical solution that can cater to the current requirement and as well as give scope for future growth is always on. A team of experts were constituted to suggest the course of action which can address the airports infrastructure problem in the short run and simultaneously can find appropriate technology solutions to mitigate the problem as well as expand the extent of service at the airport for future projections. Short Term Planning – It was felt that in short run the airport operation must have the standard procedure which can be followed and improved with the experience of supporting the agencies of the airport. The performance of the support staff can also be measured and their skill enhanced to meet requirements of different support levels. Long term Planning – An appropriate IT solution must be developed or procured to record incidents / solutions and can use the learning/Knowledge for handling future incidents.

Decline in sales at Fischer Holmes

Decline in sales at Fischer Holmes 1.0 Introduction: 1.0.1 Purpose and Background: The purpose of this report is to determine the cause of the decline in sales at Fischer Holmes and to recommend possible solutions to the prevalent problems. This report is in response to the declining sales of the last 8 months. By compiling data gathered from psychological tests undertaken by sales staff over the same periods in the past 4 years and comparing this with the sales figures of the respective periods, we have come up a graph shown in appendix 1.The graph indicates a direct relation with the morale of the sales staff and the decline in sales. The drop in morale seems to have started when FH underwent company-wide restructuring a year ago. This restructuring led to untrained sales agents gaining promotion to sales manager. 1.0.2 Scope: Discuss and analyze each problem individually: How and why the specific problems have occurred. Recommendations will also be discussed individually per problem: What will recommend needs to be done to rectify the problem. 1.0.3 Methodology: Observe the work area and how personnel interact with each other. Examine all personnel records and employment histories of sales staff. Conduct interviews and psychological evaluations with sales personnel. 2.0Background: Name of company, purpose, year established, countries which it operates in. 3.0 Results and Recommendations: 3.1 Downward Communication 3.1.0Problems: The problems we have encountered include poor downward communication in general from sales managers to agents and also poor downward communication by managers during team meetings. 3.1.1Analysis: From the collection of data we, as a company, hypothesize that the promotion of these managers without appropriate management skills and training has resulted in a lack of concern and care for their subordinates. Further to this, it has been discovered that managers are predominantly using fear to generate desired sales. This becomes apparent in team meetings, where the managers clear lack of managerial competence becomes obvious through the agents forcefulness towards sales staff in an attempt to make more sales. Psychological data gathered shows that sales agents morale is at their lowest after team meetings. We further theorize that this overall negative attitude of several sales managers has resulted in lack of motivation and increase of absenteeism amongst the sales agents; which has led to their dismal performances. 3.1.2Recommendations: We have come up with a number of solutions to combat these workplace problems and have compiled them in a list as follows: Conduct an in-depth analysis of the sales managers current skills to determine their managerial traits and ability to lead a sales team. We Recommend that those found fit will undergo individual coaching by People Bridge and those found unfit will attend a comprehensive management skills training workshop and will also undergo individual coaching. Conduct meeting facilitation workshop focusing on creating an agenda and motivation of a sales team. Have a â€Å"People Bridge† consultant sit in during the first few sales team meetings as a follow-up step. All sales managers will undergo communication skills workshop. Have all managers join Toastmasters Clubs in their area as a follow-up on communication skills training. 3.2 Upward Communication 3.2.0 Problem: Another main problem we have encountered is the poor upward communication by sales agents who have not been submitting their sales reports to their sales managers and also the poor upward communication by sales managers in submitting â€Å"guesswork† reports to higher management. 3.2.1 Analysis: From conducting this investigation, People Bridge hasfound that sales managers do not have concern for the importance of the data provided in their agents sales reports. We have observed that sales managers seldom require their agents to submit their reports. In a survey conducted on the sales agents, we found that 89% of the agents did not know the proper format of a sales report and that 76% did not know that they were required to submit a sales report. We have also observed that FH does not utilize a contact resource management (CRM) system.YOU NEED TO EXPLAIN WHAT A CRM IS AND WHAT IT DOES!!! We further theorize that sales managers will often submit â€Å"guesswork† reports to higher management. This is due sales managers inability to recognize sales reports from their agents and therefore go to higher management for support. In a related survey, 100% of the sales managers submit their reports but the apparently wrong information submitted by the sales managers may have led management to misread the market and come up with ineffective strategies to augment company sales. 3.2.2 Recommendations: People Bridge has come up with several solutions have been found to fix these problems. These include: Employing a free web-based CRM and make it compulsory for the sales team to use. Coach higher management on how to use the CRM to monitor all sales activity. By doing this we hope to encourage the sales agents and managers to do their reports. Conduct training to all necessary personnel on how to use the CRM. Conduct refresher sales training for existing sales agents focusing on the importance of reports. Conduct data analysis training for sales managers. Purchase permanent CRM if necessary. 4.1 Recommendation Summary and Conclusion: Our recommendationspredominantly focus on the sales managers and how to bring them up to the competency level FH requires. Complementary trainings and coaching needs to be scheduled for higher management and the sales agents in order to support the activities for the sales managers and get the business back on track. We have divided the recommendations as follows: Analyse Conduct an in-depth analysis of the sales managers managerial skills, reporting habits and attitudes to determine proper courses of actions. Trainings, Workshops and Coaching This is to arm all necessary personnel with proper skills, habits and attitudes to ensure every employee is equipped to perform their task. Software Application (CRM) This is to create a quick, effective and easy reporting environment that higher management can utilize to monitor what transpires in the sales department. It is apparent that the main problem is the inability of sales managers to communicate and lead their teams. Therefore, it is imperative that we train the sales managers immediately and that the avenues of communications (CRM, meetings, etc.) be utilized properly. By doing this, we will be able to regain your â€Å"lost ground† in sales.

The Coco Mademoiselle Perfume Commercial Essay -- Marketing, Post Femi

The ideal post-modern woman is a collage of charm, grace, beauty, strength and independence. This ideal is what Keira Knightley epitomizes in the Coco Mademoiselle perfume commercial. A far cry from the original feminist movement which was entrenched in politics this post-feminism created a realm where woman sought all the riches of the feminist movement but shunned the feminist title (Goldman 1992, 130). Keira is presented as a beautiful independent woman, who is free from the hold of men and sexually liberated. However, through close examination, it is clear that her independence is in relation to her power over the men in the commercial. Further, this power is simply power over the man whom she wishes to seduce. The commercial begins with Keira slipping into her loft in the early morning, wearing only a men’s white dress shirt and black hat. She looks past the camera, never making eye-contact. Keira is presented as the super-woman which Goldman (1992) describes as â€Å"sublimely self-confident and secure, poised, effortlessly beautiful, [moving] with a style and grace called ‘presence’... independent and successful; liberated, yet feminine and romantic; modern, yet traditional at the same time† (107-108). By looking past the camera Keira becomes the subject of envy. This envy can only be achieved by distance, we look to her but she does not look back at us, her demeanour signifies confidence, which we watch but do not have a connection to (Goldman 1992, 118). Throughout the ad, Keira exudes a confidence in a playful yet mature way. This confidence, however, rises from her relation to men. At the beginning of the commercial she is dressed in a way that implies she has just left her lover’s room. So the ‘presence’ which she hold... ...desire for control leads to a fetishization of the female body. This fetishization in turn lends itself to the consumption of commodities (Goldman 1992, 113), as the perfect femme fatal is impossible to achieve outside of a James Bond movie. This all for control over men, which ironically shows that if so much emphasis is placed on control of men, are woman really in control? The feminist movement was aimed at gaining equality between sexes, yet we have raped this movement of all its political meanings. Women have objectified themselves in order to gain power over men, while pursuing freedom from the objectification of men. This Chanel commercial clearly demonstrates how woman objectify themselves in order to show a form of control over men. This need for control actually shows women’s failure to justify their position in society separate of its relation to men.

The Importance of Stories in Borders by Thomas King Essay example --

In Thomas King's short story "Borders," a Blackfoot mother struggles with maintaining her cultural heritage under the pressure of two dominating nations. Storytelling is important, both for the mother and for the dominant White society. Stories are used to maintain and pass on cultural information and customs from one generation to another. Furthermore, stories can be used both positively and negatively. They can trap individuals into certain ways of thinking, but they can also act as catalysts that drive social change within society. Stories are a means of passing on information, acting as a medium to transport cultural heritage and customs forward into the future. In his essay titled "You'll Never Believe What Happened," King says that, "The truth about stories is that that's all we are† (King Essay 2). Contained within this statement is a powerful truth: without stories, a society transcending the limitations of time could not exist. Cultures might appear, but they would inevitably die away without a means of preservation. Subsequent generations would be tasked with creating language, customs, and moral laws, all from scratch. In a way, stories form the core of society's existence. Humans are the containers for stories, responsible for ensuring that many centuries worth of accumulated knowledge does not dissapear. However, the very fact that stories live on in humans can be problematic. If, for example, there are only five people in the world that knew English, and these people died without having taught anyone else the language, then English would dissapear with them; this is the dilemma the Blackfoot mother faces. Right before Laetitia leaves for Salt Lake City, she is talking with the mother. Although the mother is speak... ... perceptions their ancestors held centuries earlier. Stories are not set in stone, and this means that all stories - even the most powerful - can be altered. The Blackfoot mother refuses to accept the prevailing stories pushed onto her by society and, as a result, her access through the border is restricted. But in persisting for a third, viable alternative, the mother is able to shape the dominating assumptions of society. She tells her own counter-narratives, introducing an "alternative to the narratives of the nations [she] refuses to acknowledge" (Andrews and Walton 609). She presents a story that is capable of altering the metanarrative that governs that governs Canada and America; the mother succeeds in changing the fundamental beliefs held by both societies, and she is able to free the Canadians and Americans from the restrictive, dichotomous way of thinking.

Nostradamus Essay -- Essays Papers

Nostradamus Biography The following is a biography of Michel de Nostredame, it is a excerpt from Erika Cheetham, "The Prophecies of Nostradamus". Childhood Michel de Nostradame, more commonly known as Nostradamus, was born on 14th December 1503, in St. Remy de Provence. His parents were of simple lineage from around Avignon. Nostradamus was the oldest son, and had four brothers; of the first three we know little; the youngest, Jean, became Procureur of the Parliament of the Provence. Education Nostradamus' great intellect became apparent while he was still very young, and his education was put into the hands of his grandfather, Jean, who taught him the rudiments of Latin, Greek, Hebrew, Mathematics and Astrology. When his grandfather died, Nostradamus was sent to Avignon to study. He already showed a great interest in astrology and it became common talk among his fellow students. He upheld the Copernican theory that the world was round and circled around the sun more than 100 years before Galileo was prosecuted for the same belief. Conversion Since it was the age of the Inquisition and the family were converted from Judaism to the Catholic faith by the time Nostradamus was nine years old, his parents were quite worried, because as ex-Jews they were more vulnerable than most. So they sent him of to study medicine at Montpellier in 1522. Nostradamus obtained his bachelor's degree after three years, with apparent ease, and once he had his license to practise medicine he decided to go out into the countryside and help the many victims of the plague. After nearly four years he returned to Montpellier to complete his doctorate and re-enrolled on 23rd October 1529. Nostradamus had some trouble in explaining his unorthodox remedies and treatments he used in the countryside. Nevertheless his learning and ability could not be denied and he obtained his doctorate. He remained teaching at Montpellier for a year but by this time his new theories, for instance his refusal to bleed patients, were causing trouble and he set off upon another spate of wandering. Married While practising in Toulouse he received a letter from Julius-Cesar Scaliger, the philosopher considered second only to Erasmus throughout Europe. Apparently Nostradamus' reply so pleased Scaliger that he invited him to stay at his home in Agen. This life suited Nostradamu... ...avelling she came to Salon and visited Nostradamus. They dined and Catherine gave Nostradamus the title of Physician in Ordinary, which carried with it a salary and other benefits. Will But by now the gout from which Nostradamus suffered was turning to dropsy and he, the doctor, realized that his end was near. He made his will on 17th June 1566 and left the large sum, for those days, of 3444 crowns over and above his other possessions. On 1st July he sent for the local priest to give him the last rites, and when Chavigny took leave of him that night, he told him that he would not see him alive again. As he himself had predicted, his body was found the next morning. Memory He was burried upright in one of the walls of the Church of the Cordeliers at Salon, and his wife Anne erected a splendid marble plaque to his memory. Nostradamus' grave was opened by superstitious soldiers during the Revolution but his remains were reburied in the other church at Salon, the Church of St. Laurent, where his grave and portrait can still be seen. Bibliography: The following is a biography of Michel de Nostredame, it is a excerpt from Erika Cheetham, "The Prophecies of Nostradamus".

Coyote Community College Essay

This paper tends to discuss the and review the types of measures included in each perspective of the Coyote Community College such as Funder/financial perspective, Student/participant perspective, Internal Process perspective, and Innovation and process perspective. In addition, this review paper also discusses about how these said perspectives are measured based from the description of the college and even the college’s environment. The Funder/Financial view includes the measures: State revenues ? Tuition and fees revenues ? Grant and foundation funding ? direct costs (Evans & 2007) The Student/Participant view includes the measures: Enrollment ? % of the citizen’s participating in programs and also events ? Student goal attainment ? Number of students completing their occupational degree and certificate programs ? passing rates on licensure and Certification exams ? Certificate programs ? Student success at transfer institutions ? Graduate placement rate ? Graduate hourly rage ? New Mexico state competency examination pass rates ? Student persistence ? course completion rate ? % Technology delivered offerings ? Responsiveness to request for courses and workshops ? Student/stakeholder satisfaction with programs and instructional services (Evans & 2007) The Internal Process view includes the measures: High value content of curricula ? Cycle time for curricula development ? Implementation of individualized learning ? Learner involvement in active learning ? Basic skills improvement ? Attainment of program competencies ? ESL/Remedial preparation for college eligibility ? Access for underserved groups ? Student satisfaction with student services ? Student satisfaction with support process The Innovation and Resource view includes the measures: Faculty/Staff satisfaction surveys ? Faculty/Staff retention ? ESL expertise ? Training and development in key areas ? Faculty and Staff technology tool availability ? Investment in technology to support learning programs (Evans & 2007) How measures are made In order to put the inputs for measuring each of the Coyote Community Colleges’ perspectives, they uses the â€Å"LEARN Philosophy† which basically stands for Learning Excellence, Assessment, and Recognize Needs (Evans & 200). The balanced scorecard that they use is called the LEARN board. It is explained that the institution’s stakeholders are represented although the four perspectives of the LEARNing board, since it is systemized in this kind of measurement, the leadership team are able to balance all of its stakeholder’s needs (Evans & 2007). In order to make and complete these measures on each and every perspective, the Vice President and the Dean of Instruction conducts a monthly meeting with the managers of the different offices’ reports. They do this to gain the reports regarding with the progress reviews towards their certain goals (Evans & 200). On the simplest explanation, the actual of the institution are obliged to submit their annual report to the Leadership Team, who on the other hand, summarizes all the performance made. This performance includes the relevant learning board measures during the current academic year. Therefore, in order to do the systemized measuring, the institution collects all the data from each and every actual, and then summarizes it to figure out whether they did or did not meet their institution’s goal. They base their measuring from all their institution’s perspectives. References Evans, J. R. , & , W. M. L. (2007). Managing for Quality and Performance Excellence (7th ed. ): Thomson South-Western.

Mcsa Networking Basics Essay

Introduction What is a network? A network can be defined as two or more computers which are linked together to share resources. These resources can include internet access, printers, software and files. The ‘heart’ of a network is called the server, and its function is to contain all the software and services which the network and its users depend on. Figure 1: Example of a basic network The server is operated by personnel called Network or System Administrators, and it’s their responsibility to ensure the smooth running of the network so it is working as efficiently as possible. This is achieved through the use of a dedicated operating system called Windows Server 2003 – this gives the network administrator complete control over the network functions. Advantages for a network Cost Because networked computers can share the same resources, costs can be dramatically reduced. For example, if there are ten computers in a room each needing access to a printer – it is far cheaper to route all ten computers to a single, shared printer than it is to purchase ten printers; one for each computer. In this example, the saving would also include the cost of ink cartridges (you would only need to purchase one set of cartridges instead of ten). Software can be purchased and installed in a similar cost effective way. Most popular software is able to be bought and installed on a server, and anyone who requires to use it will only need to purchase a license (the legal rights to use it, usually in the form of a certificate). These licenses are far cheaper than buying the software for each user. This method also means that it isn’t necessary for an I.T Technician to install the software on every computer; only one install on the server is needed. Another benefit to this approach is when the software requires an update. If it is server based, only the software on the server would need to be updated. All the users would benefit from the update as soon as it has been installed. If each user had a copy on their computer, I.T Technicians would need to update each one. This could become time consuming, expensive and complicated. The software that this could apply to, includes most Microsoft software and Anti-virus software. Security Security is a vital element in any business. In a network, security is enhanced both internally (security within the network) and externally. Users are given a username and password to access their files and all the programs, hardware etc that they have been given access to. When a user saves a file, it is saved to the server and not the computer that he/she is working on. If that user wants to retrieve that file, it can be done on any computer on the network, and not just on the computer that was originally used. This data can be accessed, monitored and backed up by the Network Administrator at any time. Each department can have their own ‘identity’ on the server, which allows them to have access to files, applications and resources which would be relevant to their requirements. For example, the Accounts department may need to have access to invoicing software (e.g. Sage and Excel), whereas Sales may only require software to monitor and forecast sales over a period of time (e.g. Excel). Accounts may not want other departments accessing their software due to security or confidentiality reasons. Internet security is tighter for both users accessing the internet, and external threats when a network is set up. All the computers can share a single access point to the internet, which makes it easier to monitor internet usage, help reduce hacking and other external threats trying to access data on the network. Another feature which can be applied by the system administrator is Encryption. Data within a folder/subfolder can be encrypted to prevent unauthorized access to data if other security measures have been breached. Typically, only system administrators will be given the ‘recovery key’ to be able to decrypt data incase of system failure or other unforeseen situations. Disadvantages for a network Expensive to install The initial cost of setting up a network can be expensive, with hardware like the server, router, cabling, backup equipment, network printers and server software. Also, dedicated personnel must be hired to keep the server running efficiently and to resolve any server/network issues. Centralised Data Having all of the data in one place means that data could be lost in the event of a system failure. Regular backups of the server are highly recommended (daily, weekly and monthly) to help to keep data safe. But if the server goes down in between backups then all the recent data will be lost. Reduced Performance The server’s performance can become reduced as the network expands or as its workload increases through the working day. A server must have as much memory and processing power as possible to help minimise the reduction in performance. Task 2a Network Topology is the description of how a network is laid out, the devices (server, routers, printers etc) attached to it and the direction which data flows. A network can be described as either Logical Topology (the way data flows in a network) or as a Physical Topology (how a network is physically laid out) There are six main topologies, Bus, Ring, Star, Extended Star, Hierarchical, and Mesh. Bus Topology This can be both a Physical and Logical, in a local area network (LAN), each device is connected by a single cable. This single cable is also referred to as the ‘backbone’ of the network. A terminator must be on either side of the cable to prevent the data signal from bouncing back down it. The Bus Topology was widely used in early networks using standard Co-ax cables. It was an economical solution for networking as only one main cable was needed. The disadvantage to this was if this cable failed, the whole network would go down. Ring Topology In a Ring Topology (also known as IBM Ring Token), each computer (node) is connected to each other in a closed loop. Each computer has its own unique identity on the network. When data is transmitted from one node to the other, the data will include the destination’s identity and will pass through each node until it reaches the destination. This type of topology has two main disadvantages; only one computer can transmit data on the network at a time and if a computer fails the whole network will go down. There is a slight variation to this; the Duel Ring Topology The second ring within the network provides a backup connection, so if there is a failure within the network, the secondary connection will keep the network connected. This is expensive as more cabling is required. Star Topology The most common type is called a Star Topology. Each device is connected to a dedicated central hub. All the data on the network flows through the network via the central hub. These types of networks tend to be small, as data could be degraded or lost on a large network. The main advantages to this is that it is easy to setup and easy to add new devices to the network. But if the central hub fails, the whole network goes down. Extended Star Similar to the Star Topology, but instead computers are grouped together and connected to a local hub, which in turn is connected to a central hub. This is widely used in large networks where the network may be in a large building, and each group of computers may represent each department. There are more points of failure on this network, but if a local hub fails, then the rest of the network will not be affected. Hierarchical or Tree Topology This is very similar to a Ring Topology, but computers are attached to the central hub in layers. While the structure looks different, this still has the main disadvantage of network failure if the top device goes down. Mesh Topology All the above topologies suffer from the same problem. If one device fails on the network, the whole network goes down. The only solution is to connect each device with each other and remove the need for a server. This is the Mesh Topology and has two main advantages; If a device fails, the network will still work and the network doesn’t need to rely on the processing power, bandwidth etc from a server as it is supplied from each computer. The disadvantage to this is the high cost of connecting each device to each other, so this would not be suitable on a large network. This type of topology is also referred to as Peer-to-Peer whereas the other topologies are considered to be Client/Server based. A comprise between cost and connectivity would be the Partial Connected Topology. Devices are connected to more than one node on the network, so if one fails the network can still work. This is more cost effective than Mesh Topology as less cabling is required. Task 2b Recommendations As it stands, the structure of the current network is a Hierarchical or Tree Topology. The network uses two different switches to connect the Domain Controller to the 24 computers. These are from two manufacturers; CISCO and 3Com and this offers 100Mb and 10Mb speeds respectively. This is a disadvantage because one ‘group’ of computers has a quicker data transfer rate than the other. The network does not have a disaster recovery plan should the Domain Controller fail. This has the potential for putting the whole network at risk from permanent data loss. The network also shares a single printer which is attached to the Domain Controller, 10 of the computers are connected to it through the slower 3Com 10Mb switch. This means all 24 computers print via the Domain Controller (which is currently overloaded) and 10 computers send data at a slower rate than the rest of the network. My first recommendation would be to replace both switches with a single CISCO 100Mb 48 port switch ( £631.99 from MISCO website). This would provide a standard, quicker data transfer speed throughout the network and allow for the network to expand. There are a total of 24 computers, and this switch would enable a further 24 devices to be added to the network e.g. additional computers, printers etc. This would allow the network to expand whilst maintaining a fast data transfer speed. With the new switch in place, my next recommendation would be to replace the HP Laserjet III (USB connection only) with a newer, network-ready printer like the HP Laserjet 2055DN or P2030 which costs  £319 and  £160 from HP website. By replacing it with a newer model, printing could be completed quicker, quieter and more cost effectively e.g. more reliable printing, more energy efficient, lower consumable costs etc. Also, sharing the workload throughout a faster network is more efficient than channelling all the printing requirements of the network to an older single printer on a slow 10Mb switch via the Domain Controller. This will also help reduce the workload to the Domain Controller. While the Domain Controller’s workload can be reduced by the addition of a network-ready printer, other options could be to increase the specifications (e.g greater hard drive space, more memory etc). Ensuring the controller has the latest software updates will ensure both the running efficiency and increase the network security. This will help prevent unauthorised access (hacking) to the network. My final recommendation is add disaster recovery and remote working within the network, By regularly backing up data on a daily/weekly/monthly basis, this will ensure the network can be restored in case of total data loss. To assist learning or to prevent students from accidentally causing errors/problems within the network, remote working should be enabled. User accounts can be easy created in Active Directory though the use of a standard template. Templates could be set up for both students and tutors, so all of the common properties of the accounts are already established. When a new user account is required, the administrator will only need to complete the fields that require unique values (eg, name, address, telephone number, course details etc). Once the users have been created within the Active Directory, they can be placed into Organisational Units (OU’s). This will group together users, so in this situation students could be placed in OU’s which represent their course. When the OU’s are established, the users’ configuration settings can be applied through the Group Policy Management Console (GPMC). It holds hundreds of user configuration settings, security options and user event logs, all which can be applied as required by the college administrators. Figure 2: Example of the Group Policy Management Console (GPMC) By using Group Policies effectively, the administrator can control and manage exactly what users can and cannot do whilst logged onto the domain. Administrators are able to control how the desktop appears, the icons that are available and the ability to configure the task bar etc by applying the Desktop setting found within the ‘User Configuration’ in the GPMC. This could be useful if the college policy states that all users must have the Llandrillo College logo as their wallpaper, and various required icons are in place and users to have access to various programs via the ‘start’ menu. To improve password security, administrators are able to increase the effectiveness of the passwords that users apply to protect their identity on the network. The password options can be found within the ‘Password Policy’ within the ‘Computer Configuration section of the GPMC. These options include the ability to reuse old passwords, to apply complexed passwords (eg. more than 6 characters, using upper, lower case letters and digits 0-9). In the example, a programmer has created a random word generator to create passwords. Group policy could be configured so when they log on for the first time, users input the randomly generated password and then they must input their own password using a complexed password. If the user ever forgets the password at any time, administrators are able to reset it through the ‘Active Directory Users & Computers’ tool. Figure 3: Example of Password Policy within GPMC To prevent users from using too much disk space on the network, administrators are able to allocate limited disk space to users and by applying prompts when this space is nearly used up. By putting this in place, administrators can calculate how many users will be on the system multiplied by how much hard disk space each user will be allocated. This total will be the minimum amount of disk space required for all users in each new academic year. Administrators will be able to ensure the server can physically hold all the users data without completely running out or running low of disk space. To achieve this, administrators will need to locate the allocated hard drive and apply a quota, limiting users on how much space they can use. Individual users can have separate entries in the quota, allowing them to have a lesser or a greater share of disk space. This would be useful for tutors who may need greater disk space to store course material etc. When the network is running, administrators may be required to monitor the networks resources to ensure it exceeds the users demands. The tool required is called the ‘Performance Console’ which is found under Administrative Tools. This tool appears in the form of a graph although it has three counters as a default (Memory:Pages/Second, PhysicalDisk: Average Disk Queue Length and Processor: % Processor Time), additional counters can be easily added or removed accordingly. A college administrator may add counters to monitor network bandwidth, server utilisation (memory, cpu performance, disk performance etc). To help administrators monitor the server, counter logs and alerts can be applied. This can enable administrators to proactively identify when system resources run too low or to identify possible hardware failures/malfunctions. Any one of these problems could result in a degraded performance or total server failure. Figure 5: Example of the Performance Console The college network may be required to support remote users, allowing them to access the college network whilst being in a different location eg working from home, from another campus etc. This can be achieved through the use of a Virtual Private Network (VPN). The user will be able to access the college’s network through the use of the internet whilst achieving the required security and data encryption. The network’s firewall must have exceptions to allow authenticated users to access the network whilst preventing unauthorised access. Once the network is running effectively, the next challenge administrators will face is maintaining the security and the efficiency of the network. This can be achieved by deploying server updates and hotfixes as provided by Microsoft. The server can be updated with the use of ‘Automatic Updates’, which can be found within the ‘All Programs’ menu under the start button. Updates can be downloaded either straight away or scheduled to download at a certain day/time. This could be configured to download when the network is at its quietest time (eg 10pm). This would ensure that the update would not effect the overall performance during busy periods. Also, updates for the users computers may be required. Instead of administrators physically installing them on every computer on the network, this could be downloaded on the server as an *msi file and automatically installed via a group policy. So the next time users within the network log onto the network, they will automatically be downloaded & installing the updates from the server with no intervention required.