Monthly Archives: March 2017
Upcoming changes to ASC 606 could have an impact on audit fees moving forward. At least that’s what about half the attendees at a recent webinar think.
In Part 2 of our 4-Part series around Revenue Recognition and preparing for ASC 606, we heard from Prasadh Cadambi, Partner at KPMG and someone that has been living and breathing ASC 606 for over eight years. Cadambi spent two years with the Financial Accounting Standards Board, FASB, specializing on Revenue recognition which led to his experience with ASC 606.
Companies in all industries are going to face changes from the transition in revenue and expense accounting, Cadambi noted. The standard requires businesses to capitalize commission costs of the expected contract. The change to the revenue and expense accounting will have an immediate PnL benefit because of the capitalizing of sales commission.
A polling question around audit fee increases due to the adoption of ASC 606 stirred up some conversation. Not only did we find that about half of the attendees see some impact to the audit fees but what was even more interesting was the discussion around disclosures. ASC 606 has very incremental disclosure requirements, one around the backlog disclosure requirement and the amount of interaction your auditor has on the requirement. As an auditor, you must sign off on the backlog numbers on a quarterly basis as well as the numbers on the contracts. With the complicated specifications around contract terms in ASC 606, there needs to be thought around the terms and transaction prices. Auditors must be involved on the future roll out of how the revenue will be recognized.
Cadambi’s advice on ASC 606 and back office systems? “If you have too many systems, it will be problematic.” Have revenue recognition as part of your ERP system.
The webinar also provided insights into:
- Impact on private companies considering an IPO within 12 to 24 months.
- Areas that require the most judgement and interpretation.
- Audit fee impact on companies adopting the new revenue recognition standard.
- Impact on financials, resources, processes and internal controls of adopting companies.
- New audit procedures and testing.
- What technology can help mitigate the overall impact of adoption.
To get a greater understanding of ASC 606’s impacts from an auditor’s perspective, watch the recording.
Join us for Part 3 of our Revenue Recognition series with Kash Rangan, Managing Partner Merrill Lynch for Wall Street’s view of the impact on ASC 606.
by NetSuite filed under
Casino Hosts have a responsibility to develop working relationships with their players. Both to identify players who would benefit from a Host’s service in addition to assisting an upset guest and working to resolve the issue. All of these require effective communication to be successful.
Another way to look at this issue is imagine that you move to a new town or city. You don’t know many people and need to start building a local network of relationships. You are introduced to new faces and
must find commonalities to get to know them. This effectively describes a Host, except they have to do this with literally hundreds of new people.
Learning about a person is simple: ask questions and remember responses. Share stories, discuss common interests and listening to learn allows the Host to build a relationship that can benefit everyone. The key is to capture what the Host learns to create a starting point for the next client encounter.
Legendary Hosts are those that are able to remember little details from past conversations and bring those details up in future conversations. They remember a birthday, spouse’s names, a special event, or their favorite hobby. The
Organizations that use the
By Bryan Schmidt, Arctic IT Business Applications Consulting Manager, [email protected].
Bragging rights go to the civilian.
“Who wins in a tug of war? tank or tractor?”
Image courtesy of http://imgur.com/gallery/VlrSAJb.
PLEASE NOTE: this blog’s focus has changed. As of 9/1/2013, my posts will be zeroing in on the FUTURE OF PRIVACY and the role of ‘BIG DATA’ as well as on the latest developments in HUMAN-MACHINE relationships. Previously, this blog provided insights on…
This is lead gen 101. But while I was looking for live examples of this to show you (check out the one at the close of this post), it stunned me how many marketers and companies are not employing this tactic.
As always, the bad news here is how much business is being lost. The good news is it’s an easy fix: Get some gate-worthy content together ASAP, and add those lead gen boxes.
On the other hand, don’t go too crazy with gating your content.
Sometimes you’ll get more leads if you don’t require people to fill out a form. Your content (particularly your high-value content) may get more shares if you skip the lead gen form and let the content be accessed freely.
In fact, there’s evidence that not gating content sometimes creates more leads, or higher quality leads. But you have to do it just right. Balance is the key.
4. Make sure your tracking works.
“What gets measured, improves.” If you haven’t yet set up tracking on your website, the time is now. You need to know which pages are generating the most leads, and which pages aren’t performing well enough.
If you’ve got a nice CRM system set up already, great. But even a free Google Analytics account has a good basic tracking feature. Just set up a “goal” for each lead generation page you’ve got. Within a week, you’ll be amazed with the information. If you weren’t doing any tracking before, finding out your results is kind of like turning on the lights in a dark room.
Take note: This will show you which of your marketing efforts are working best. That alone can be extremely helpful. Once you’ve got the information on what’s actually driving your leads, do more of that … and consider backing off from the marketing efforts that aren’t actually working.
5. Archive your webinars for play on demand.
Webinars are a great way to generate leads. Every time you do another one, you get the contact information of hundreds (maybe even thousands) of people.
That’s a good start, but don’t stop there. Post your webinars on your website, too. Gate them … or consider not gating a few of the ones that are more introductory.
This will give your visitors a couple of webinars they can view without having to fill out a form (thus getting those webinars far more views than they’d otherwise get), but it still saves you some content to use for lead generation.
It’s a nice combo – you get great content to share with visitors, but you also get to do some lead generation. And you’ve got a way to balance the cost of all those webinars you’re doing.
Want to see an example of this in action? We have a whole page of webinars on demand.
6. Maximize “forward to a friend.”
Referral marketing, aka word of mouth marketing, is one of the most effective marketing strategies ever. It works because when a real person recommends your company to another person, that recommendation carries with it more trust than your marketing ever will. (Sorry…)
You can use this for lead generation, too. For instance, at the close of a blog post, instead of offering a content upgrade or a gated white paper, what if you showed a simple form with a call to action that says something like this:
“We hope you found this article helpful. If you know someone who needs this information, please send it to them via the form below.”
Often these are used for “Send to a friend” shares, where someone forwards an article to a colleague via email. Interestingly enough, that’s the most common way for executives to share content. And all that sharing, inevitably, can lead to … well, more leads.
You may want to run a couple of tests to see which copy gets the most referrals. It’s absolutely worth a try. This is an excellent sleeper tactic that can drive quite a bit of leads when it works.
7. Demonstrate how you’ve helped people.
Got a testimonials page on your site? If you don’t, you should. It might not result in leads directly from that page (unless you put a lead gen form on that page), but demonstrating how happy your past customers are is a great way to give your website visitors confidence. That confidence can translate into leads.
Testimonials aren’t the only way to show how you’ve helped your customers. Case studies are excellent, too. These “customer stories” don’t have to be much longer than a page or two. But that brevity packs a punch – case studies are one of the most effective content marketing formats.
In today’s climate, it’s necessary for both small businesses and large global enterprises to have comprehensive cybersecurity plans. In this blog, I’d like to discuss how vulnerable small businesses can be to modern cyber threats, and share how global enterprises are largely unprepared for the EU General Data Protection Regulation (only 14 months away).
A 2017 small-business cybersecurity story
I was sure that it was a “bum dial” when the name “Simon R” appeared on my phone close to midnight last Monday. Simon’s son plays football on the same team as my son but, although we share a Whatsapp group, he’d never actually called me before so I was sure it was a mistake. Unfortunately, it wasn’t!
“Hi, sorry it’s so late. I’m just not sure whether you can help me, but I didn’t know who else to call and I’m not sure what to do. My company has been hacked!”
Before this call, we had previously chatted at football matches a few times, and we had been to some of the same parties, but almost all of our shallow knowledge of each other came virtually, through social media. So with that limited information (and a fair amount of misunderstanding), Simon identified me as an appropriate person to contact for advice on his cyber breach.
When a small company gets hit with an encrypting ransomware attack
It wasn’t good news. His company was the victim of an encrypting ransomware attack. The three machines in his office had had all their files encrypted, and on initial investigation, all that could be found was a small text file indicating that the attackers would like to be paid through the Bitcoin Digital currency. Simon was a designer, not a computer expert, and unfortunately, he had completely underestimated how reliant his business was on the computers in his office. He had not considered a cyberattack as a significant risk at all. After all, he just used the computer for e-mails and research … right?
Unfortunately not. All his business accounts were on those computers: all his employees’ human resources information and salary detail, and all e-mails from clients (many of whom had sent ideas and designs with confidential information that he needed to work on). Gradually, he started to realize the enormity of his situation
The value—and difficulties—of backups
I explained that under no circumstances should he pay any ransom and that I would find a “real” cybersecurity expert to speak to him about the possibilities of decryption. However, I warned that decryption may not be possible, and he may need to just accept the situation and restore everything from backups. The silence at the other end of the line spoke volumes.
Computer backups had not been seen as a major priority for his company. When his backup tapes were full, someone was required to walk all the way across the office to agree to the “overwrite” prompt on the screen. Nobody had ever really been given responsibility for this task, and soon it simply stopped being done. The most recently available backup was 11 months old!
A week later, the situation is still not resolved, but is being managed. He has now engaged a computer management firm that will, in future, provide all network and application support, manage security and backups, and provide training to his team on an ongoing basis. He has had to accept the loss of tens of thousands of pounds and, more importantly, suffered significant reputational damage. For a small company fighting for a larger share in a busy market, Simon and his team were completely blindsided by this.
“I just don’t understand why someone would target me,” Simon said. “Surely there are more lucrative targets.”
The risks for small businesses
That, I think, is the biggest misunderstanding amongst many small business owners. The idea that someone would target them seems so unlikely that cybersecurity is a minor concern. The fact is that his company was not targeted, but simply received a mass spam phishing e-mail that someone in his office opened. That was the door opener. So he was not the victim of a targeted attack, but had simply not prepared to defend against random, hopeful, low-complexity, high-volume attacks.
According to Symantec, cyberattacks against small businesses increased from 18% in 2011 to 43% in 2015. Attackers are realizing that there is money to be made from smaller companies whose executives put little thought into their own protection. The most important things are usually the simple things—a cybersecurity policy, education of employees, and, of course, strong passwords.
The truth about passwords
Using the very limited information I thought I knew about Simon, I asked if I could try to guess his password. As a Facebook friend, I knew that he had just turned 52, had a wife called Sara, three young boys, and a dog called Sonic. I knew that he went on a skiing holiday once a year, had parents who lived in Spain, and that he voted differently from me in the last election. He was a fan of U.S. basketball, Spanish football, and cricket, and had a frustrating tendency to misspell the words “their” and “there.” He often played something called “Boom Beach” on his iPhone and repeatedly shared “People are Awesome” YouTube clips. As a LinkedIn contact, I knew that he grew up in Cardiff and went to University in Leeds, started his career in recruitment consulting, and for the last 12 years ran a small, 8-person design company in north London.
Within two minutes of my guessing, he admitted that I had mentioned an approximation of his, his wife’s, and his corporate domain passwords. Honestly, he’s not alone—for 20 years, security consultants have continued to highlight the importance of complex passwords, yet it still seems that this message is not getting through.
Common passwords and public information—two password don’ts
You can easily download a list of the 10,000 most common passwords from this site to try a “brute-force” attack, but you probably wouldn’t need that many. The figures are shocking:
- 1.6% of users have a password from the top 10 passwords
- 10% of users have a password from the top 100
- 30% of users have a password from the top 10,000
Also, using personal, yet relatively public information is vulnerable due to social media. Almost everyone today has a Facebook page, a Twitter account, and various other forms of social media. People post their birthdays and their kids’ birthdays online. They give anyone who cares to look a glimpse at the most common dates and people in their lives – not a terrible thing, but it should make you wary of using that same information to safeguard vital systems and data.
This experience was a painful learning experience for Simon— the realization that even the smallest companies must consider cybersecurity as a major business risk. How could he have missed something so big?
“I’m so embarrassed,” he said. “I’m sure that if I ran a much bigger company, this would have been a much higher priority for me.”
I didn’t say anything because unfortunately, I think that he’s completely wrong. Even large companies don’t prioritize cybersecurity correctly. Right now, we have the perfect example of how cybersecurity continues to be underappreciated by the majority of global companies.
The underprepared global company and the EU General Data Protection Regulation
A small number of companies are rushing to prepare for the biggest overhaul of data protection regulations ever: the EU General Data Protection Regulation (GDPR). Only 14 months away, with massive fines promised and huge hurdles to overcome. Yet although a few companies are desperately seeking answers, figures suggest that the majority of companies are still totally unaware of what it entails or its myriad implications.
Perhaps some companies still persist with the myth that this is an IT issue and not a C-suite problem. A recent global survey by Dell makes worrying reading and to conclude, I’d just like to point out some of the findings.
- More than 60% of respondents say they are aware something is going on with GDPR, but they know little or nothing about it.
- Only 4% of respondents outside of Europe said they are very knowledgeable about the details of GDPR, while just 6% of those in Europe said they are very familiar with the requirements.
- Fewer than 1 in 3 companies feel they are prepared for GDPR today.
- Nearly 70% of respondents say their organization is definitely not or don’t know if their organization is prepared for GDPR today, and only 3% of these have a plan for readiness.
- Less than half of respondents say they feel confident they’ll be ready when GDPR kicks off in 2018, while only 9% expect to be fully prepared in time.
This article, GRC Tuesdays:Cybersecurity In 2017—Don’t Be Afraid, Be Aware!, originally appeared on the SAP BusinessObjects Analytics blog and has been republished with permission.
When you hear the term “less is more”, what comes to mind? Some people use that term when they refer to simplifying their lifestyle, some use it as a philosophy to describe their approach to cooking, and to others it can a reference to how they spend their leisure time.
In the software world, the term “less is more” doesn’t seem to be widely observed. Software continues to get more powerful, but more complex, over time. In many cases, this is a good thing, because the nature of the problems we deal with are also getting more complex all the time.
However, sometime you don’t need or want all of that complexity from Day 1. It is often the case that you grow into more sophisticated capabilities and functionality over time. Giving someone more capability than they initially need can result in higher initial up front software costs and slower ramp up time.
In the world of API initiatives and digital transformation, success is not always a given. A lot of API programs don’t succeed initially and may require some tweaking and experimenting to find the right combination of capabilities and business models to be successful. If this sounds like you, then you may want to consider using an API Management product designed and priced for more limited initial capabilities, but which allows you to scale up cost effectively as your API program gets traction and grows.
TIBCO has a product designed to do just that. It’s called Mashery Professional and has almost all of the same features as a standard Mashery SaaS subscription, but at a very affordable price point. The exciting new offering was announced this past week at TIBCO NOW Singapore. This is a good product for companies that have any of the following needs:
- Their API program is modest in scope and API call volumes are not expected to exceed about 10-20 million calls/mo.
- They are still experimenting with their API program and are not yet willing to make an investment in a full scale production environment
- Their plans call for a phased ramp up over time on scaling up their API program
A lot of vendors offer these kind of entry level products, but many of them are dead ends, in the sense that either there is no way to affordably add capacity to scale up your initial configuration, or limited or incompatible migration paths that you can grow into. With Mashery Professional, you can add as much additional call capacity as you want and move into a full Mashery subscription at any time you want, with a seamless migration.
So, if digital transformation is moving up your priority list, but you’re not willing to go all in at this point, you should consider Mashery professional as an affordable way to get started. If you’d like to try it out for free, go to www.mashery.com.