Privacy in an Ambient World

Privacy is a prime concern in today's information society. To protect\ud the privacy of individuals, enterprises must follow certain privacy practices, while\ud collecting or processing personal data. In this chapter we look at the setting where an\ud enterprise collects private data on its website, processes it inside the enterprise and\ud shares it with partner enterprises. In particular, we analyse three different privacy\ud systems that can be used in the different stages of this lifecycle. One of them is the\ud Audit Logic, recently introduced, which can be used to keep data private when it\ud travels across enterprise boundaries. We conclude with an analysis of the features\ud and shortcomings of these systems

Audits and inspections are never enough: a critique to enhance food safety

Internal and external food safety audits are conducted to assess the safety and quality of food including on-farm production, manufacturing practices, sanitation, and hygiene. Some auditors are direct stakeholders that are employed by food establishments to conduct internal audits, while other auditors may represent the interests of a second party purchaser or a third-party auditing agency. Some buyers conduct their own audits or additional testing, while some buyers trust the results of third-party audits or inspections. Third-party auditors, however, use various food safety audit standards and most do not have a vested interest in the products being sold. Audits are conducted under a proprietary standard, while food safety inspections are generally conducted within a legal framework. There have been many foodborne illness outbreaks linked to food processors that have passed third-party audits and inspections, raising questions about the utility of both. Supporters argue third-party audits are a way to ensure food safety in an era of dwindling economic resources. Critics contend that while external audits and inspections can be a valuable tool to help ensure safe food, such activities represent only a snapshot in time. This paper identifies limitations of food safety inspections and audits and provides recommendations for strengthening the system, based on developing a strong food safety culture, including risk-based verification steps, throughout the food safety system

Towards a virtual research environment for paediatric endocrinology across Europe

Paediatric endocrinology is a medical specialty dealing with variations of physical growth and sexual development in childhood. Genetic anomalies that can cause disorders of sexual development in children are rare. Given this, sharing and collaboration on the small number of cases that occur is needed by clinical experts in the field. The EU-funded EuroDSD project (www.eurodsd.eu) is one such collaboration involving clinical centres and clinical and genetic experts across Europe. Through the establishment of a virtual research environment (VRE) supporting sharing of data and a variety of clinical and bioinformatics analysis tools, EuroDSD aims to provide a research infrastructure for research into disorders of sex development. Security, ethics and information governance are at the heart of this infrastructure. This paper describes the infrastructure that is being built and the inherent challenges in security, availability and dependability that must be overcome for the enterprise to succeed

Semantic process mining tools: core building blocks

Process mining aims at discovering new knowledge based on information hidden in event logs. Two important enablers for such analysis are powerful process mining techniques and the omnipresence of event logs in today's information systems. Most information systems supporting (structured) business processes (e.g. ERP, CRM, and workflow systems) record events in some form (e.g. transaction logs, audit trails, and database tables). Process mining techniques use event logs for all kinds of analysis, e.g., auditing, performance analysis, process discovery, etc. Although current process mining techniques/tools are quite mature, the analysis they support is somewhat limited because it is purely based on labels in logs. This means that these techniques cannot benefit from the actual semantics behind these labels which could cater for more accurate and robust analysis techniques. Existing analysis techniques are purely syntax oriented, i.e., much time is spent on filtering, translating, interpreting, and modifying event logs given a particular question. This paper presents the core building blocks necessary to enable semantic process mining techniques/tools. Although the approach is highly generic, we focus on a particular process mining technique and show how this technique can be extended and implemented in the ProM framework tool

The shaping of the tax audits regime in the new common consolidated corporate tax base (CCCTB) legislation: Proposed solutions for substantives and procedural provisions

The European Commission has been pursuing, since 2001, the project to introduce a common consolidated corporate tax base (CCCTB) as a systematic solution to overcome the tax obstacles to cross-border business activity in the EC internal market, and, after some years of consultations and technical work on the shape of this new corporate tax regime, a Directive introducing the CCCTB seems finally bound to come out in the near future. This would be the most far-reaching piece of EC tax legislation ever introduced, and one of the key aspects of its working concerns the shaping of the tax audits regime for eligible businesses. Numerous and key questions are being raised by the shaping of this regime (e.g.: which tax authoriy can conduct the audit ? How can tax authorities of Member States concerned collaborate with each others ? Should there be particular criteria for selecting the businesses to be subject to tax audits ?): this paper (which was first submitted for an international conference on the CCCTB co-organised on 21-23 February 2008 by the Austrian and International Tax Law Institute of the Vienna University of Economics and Business Administration and by the European Commission, and subsequently approved for publication as a book chapter) aims at proposing responses to these questions and to further issues, and at identifying possible solutions which may reconcile the attractiveness of the new regime from the viewpoint of businesses with the need to prevent distortions in the functioning of the EC internal market. The book which includes the paper - Lang/Pistone/Schuch/Staringer (ed.) Common Consolidated Corporate Tax Base (CCCTB), 2008, Linde Publishing House (Vienna) - is forthcoming

Full Package Approach to Labour Codes of Conduct

The CCC’s proposed guidelines for companies to follow to ensure that they “better assess, implement, and verify compliance with labour standards in their supply chains, and eliminate abuses where and when they arise.

Full Package Approach to Labour Codes of Conduct

A report that offers guidelines on actions companies can take to better assess, implement, and verify compliance with labor standards in their supply chains, and to eliminate abuses where and when they arise

Serbia - public sector accounting review : report on the enhancement of public sector financial reporting

The government’s public financial management (PFM) Reform Program 2016-2020 foresees the gradual transition of public sector financial reporting from a cash basis to an accrual basis of accounting and the application of International Public Sector Accounting Standards (IPSAS). This will significantly improve the quality of financial information and should enable better informed decision-making, more efficient use of public funds and resources and improved fiscal performance. This Report on the Enhancement of Public Sector Financial Reporting is one output of the Serbia Public Sector Accounting Reform Technical Assistance project funded by the Swiss State Secretariat for Economic Affairs (SECO) through the Strengthening Accountability and Fiduciary Environment (SAFE) Trust Fund under the Public Sector Accounting and Reporting Program (PULSAR) which provides support for the development and implementation of public sector accounting standards. This report supports the development of a plan towards that goal by assessing the institutional framework for public sector accounting as well as the gap between Serbian public sector generally accepted accounting principles (PS GAAP) and IPSAS

The Audit Logic: Policy Compliance in Distributed Systems

We present a distributed framework where agents can share data along with usage policies. We use an expressive policy language including conditions, obligations and delegation. Our framework also supports the possibility to refine policies. Policies are not enforced a-priori. Instead policy compliance is checked using an a-posteriri auditing approach. Policy compliance is shown by a (logical) proof that the authority can systematically check for validity. Tools for automatically checking and generating proofs are also part of the framework.\u