April 2013 - PKF AvantEdge

All good things come to an end, and another good thing begins.

Our PDPA workshops have received overwhelming response, not just from our clients but from the public. We have reached out to more than a dozen plus companies in our workshops, done not just on our premise, but with our clients, in hotels and most recently in the MSC incubator hall. It was fun and really gave us a chance to open our channels to other companies.

As I’ve said in the workshop, we’re not lawyers. This whole PDPA workshop started out because we had low months in December and January due to the CNY, and we decided to just give a free workshop based on our collective experiences dealing with PDPA under our ISO27001 compliance requirements. One thing led to another, and soon the public wanted to hear us speak and we had arranged sessions centered on IT, and others with our law firm partners.

We extended the free PDPA workshops 2 months, to end of April, and we’re coming to it. While we still can give workshops, we can’t offer it for free anymore, as the company now has other paid engagements taking priority.

However, while the free PDPA has ended, our PMO group is offering a free talk on Project Management basics and essentials. We will cover the general PMO framework according to PMBOK version 4 and how this helps you in managing projects. We will look at organisational fit for PMO as well as case studies to walkthrough. We have PMP certified consultants providing this talk, for the month of May and June. So if you have any project managers, or aspiring PMPs who will want to know more on project management, contact us at

avantedge@pkfmalaysia.com

We’ll arrange a free session for you on our premise.

Has sort of ended.

Over the past few weeks, we’ve done a number of workshops on Personal Data Protection Act, and invariably, the questions are more than answers. Some workshops with C-Levels went to levels of near hostility as if we were actually the perpetrators of said act; other workshops went relatively well, and some workshops had only half hour of airtime before the questions came in like a flood of water.

Here’s the deal: We don’t know any much more on the act except for what is given.

We partnered with a law firm and they dispense their legal opinions, but at the end, the act is still an act. It’s a legal document. It is what it is. It was quite funny sometimes that our workshop attendance actually thought we were lawyers promoting the act…and that’s why the next workshop we do (which won’t be any for some time), we’re going to dress down in jeans and t-shirt that says “The Geek shall Inherit the Earth.” We’re tech guys, and how we came about this Act was during our compliance assessments where regulatory compliance is the highest risk and control to address. And also the fact that aside from the first two principles, Technology plays a vital role to facilitate compliance for the Act, especially in the principle of Security and Retention.

So anyways, it’s been an extremely hectic few weeks. If we were a full time training company, it would be fine. Except we’re not. We have projects running here and there and everywhere, and we have to juggle all these. I was at Sarawak giving a talk on Cybercrime during the IIAM’s Corporate Fraud Conference 2013, and I managed to snap this shot in:

It’s nice to see your name up there once in a while. It was a good turn out, although I only touched briefly on PDPA, it still managed to garner questions after my presentation. Many people are a little worried about the Act and they have all the reason to be. But if we prepare ourselves now, do the gap, have a strategy to address it, and put in place controls to address the obvious low hanging fruits first, and address the gray areas later…we’ll be ready.

For the most recent PDPA presentation I did with the Incubator at MSC, here’s the link to it.

http://www.pkfmalaysia.com/publications/PDPA%20Presentation%20v2.0_MAD_Web.pdf