Energy Audit – clearly clear?

An energy audit is an examination of an energy system to ensure that energy is being used efficiently. It is the inspection, survey and analysis of energy flows for energy conservation in a building. Energy audits can be conducted by building managers who examine the energy account of an energy system, checks the way energy is used in its various components, checks for areas of inefficiency or where less energy can be used, and identifies the means for improvement.

An energy audit is often used to identify cost effective ways to improve the comfort and efficiency of buildings. In addition, homes/ enterprises may qualify for energy efficiency grants from central government. Energy audits seek to prioritise the energy uses from the greatest to least cost effective opportunities for energy savings.

An energy audit is an effective energy management tool. By identifying and implementing improvements as identified, savings can be achieved not only on energy bills, but also equipment will be able to attain a longer life under efficient operation. All these mean actual dollar savings.

An energy audit has to be conducted by a competent person with adequate technical knowledge on building services installations, after which he/she comes up with a report recommending plans on the Energy Management Opportunities (EMO) for energy saving.

An energy audit culminates to a written report. This could show energy use for a given time period (for example a year) and the impact of any suggested improvements per year. Energy audit reports are then used to identify cost effective ways to improve the comfort and efficiency of buildings. The energy audit report therefore gives management an understanding of the energy consumption scenario and energy saving plans formulation.
Energy audit reports should always translate into action. No matter how well articulated, the energy management objectives are afterall, an energy audit (EMOs), all the effort will be futile if no action is taken. The link between the audit and action is the audit report. It is therefore important for the audit reports to be understandable for all the target audiences/ readers, all of whom may have diverse needs, hence the reason why they should be clear, concise and comprehensible.

What are the do?s and don’ts when writing energy audit reports?

Avoid technical jargon as much as possible; present information graphically; use different graphics such as pie charts, data tables. Schematics of equipment layouts and digital photos tend to make EMO reports less dry. Some of the energy audit software?s come in handy in the generation of such graphs and charts.
The climax of it all is the recommendations, which should be made very fascinating.

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK

Check our similar posts

The General Data Protection Regulation & The Duty to use Encryption

The General Data Protection Regulation, abbreviated to GDPR, raised a storm when it arrived. In reality, it merely tightened up on existing good practice according to digital security specialists Gemalto. The right to withhold consent and to be forgotten has always been there, for example. However, the GDPR brings a free enforcement service for consumers, thus avoiding the need for third party, paid assistance.

The GDPR Bottom Lines for Data Security
Moreover, the GDPR has penalties it can apply, of the order that might have a judge choking on his wig. Under it, data security measures such as pseudonymisation (substitution of identifying fields) and encryption (encoding including password protection) have become mandatory. Businesses must further respect their client data by:

a) Storing it in a secure environment supported by robust services and systems

b) Having proven measures to restore availability and access after a breach

c) Being able to prove frequent effectiveness testing of these measures.

The General Data Protection Regulation places an onus on businesses to report any data breaches. This places us in a difficult situation. We must either face at least a wrist slap upon reporting failures. Alternatively, pay a fine of up to ?10 million, or 2% of total worldwide annual turnover.

The Engineered Weak Link in the System
Our greatest threat of breach is probably when the data leaves our secure environment, and travels across cyberspace to an employee, stakeholder, collaborator, or the client themselves. Since email became open to attack, businesses and individuals have turned to sharing platforms like Dropbox, Google Drive, Skydrive, and so on. While these do allow an additional layer of password protection, none of these has proved foolproof. The GDPR may still fine us heavily, whether or not we are to blame for the actual breach.

How Hacking is Approaching Being a Science
We may make a mistake we may regret, if we do not take hacking seriously. The 10 worst data hacks Identity Force lists are proof positive that spending lots of money does not guarantee security (any more than having the biggest stock of nuclear weapons). We have to be smart, and start thinking the way that hackers do.

Hacker heaven is finding an Experian or a Dun & Bradstreet that may have shielded 143 million, and 33 million consumer records respectively, behind a single, flimsy cyber-security door. Ignorance is no excuse for them. They should simply have known better. They should have rendered consumer data unreadable at individual record level. The hackers could have found this too demanding to unpick, and have looked elsewhere.

How Data Encryption Can Help Prevent Hackers Succeeding
Encrypting data is dashboard driven, and businesses need not concern themselves about it works. There are, however, a few basic decisions they must take:

a) Purge the database of all information held without explicit permission

b) Challenge the need for the remaining data and purge the nice-to-haves

c) Adopt a policy of encrypting access at business and customer interfaces

d) Register with three freemium encryption services that seem acceptable

e) After experimenting, sign up for a premium service and be prepared to pay

Factors to Consider When Reaching a Decision
Life Hacker?suggests the following criteria although the list is a one-size-fits-all

a) Is the system fast, simple, and easy to operate

b) Can you encrypt hidden volumes within volumes

c) Can you mass-encrypt a batch of files easily

d) Do all other files remain encrypted when you open one

e) Do files automatically re-encrypt when you close them

f) How confident are you with the vendor, on a scale of 1 to 10

It may be wise to encrypt all the files on your system, and not just your customer data. We are always open to a hack by the competition after our strategic planning. If we leave the decision up to IT, then IT, being human may take the easy way out, and encrypt as little as possible.

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK
Reducing Your Carbon Footprint

Climate change creates a loud buzz across the globe. People are talking about how extreme the weather is, how polluted the environment has become or how devastating the results of carbon emissions are. While it is true that humans contribute a large impact to the worsening climate situations, people are also the most influential key towards making this world a better place. As much as the increase in carbon emissions results from what you do, the healthy change can also start in you.

Although it is a bit difficult to determine what you can do to help the society, do not be disheartened. The devastating forces may be massive for you to work through, but there are countless simple actions?you can take to reduce your carbon footprints day by day.

Home

While you are in the comfort of your home, you can start saving energy to reduce your carbon emission. You could’replace your standard light bulbs with compact fluorescent ones. A compact fluorescent bulb saves more than 2/3rds or up to 1,300 pounds of carbon dioxide in its lifetime. This bulb contains mercury, so make sure to choose a brand that has lower mercury than others.

Another thing, you can do to reduce your carbon footprint at home, is to mind your electronics. When you do not use your gadgets and appliances, make sure you unplug them. If you buy new ones, take time to look at the energy rating of the electronics to save you more energy in future use.

Alternative renewable energy is also a good thing to shift into. Try solar, hydro or wind power at home. Setting up your own residential solar panels and building your own turbines are excellent ways to choose green energy.

Food

The food industry is one of the largest contributors of carbon emissions. You may not have control over the food processing, but you can lower your carbon footprint by buying local products in the market. These local products are not transported from far off places, so the carbon dioxide released from them is lower compared to imported ones. Take a look at the packaging as well; less packaging means less waste.

If you have a big backyard, you could use your it to grow food. ?Eating food, either fruit or vegetable, which you grow at home is energy efficient. No more fuel combustion from transportation and other consequent food processing.

Travel

When you have your own car, accelerating it slowly and smoothly, as well as maintaining speed while driving will help lower your carbon emissions. If you drive a lot, it would be better to get a green car. As of now, you can consider using?public transportation and go for road travel rather than air travel when you take long distance trips. But when you need to take planes, better choose a non-stop flight instead of connecting ones.

Indeed, there are many ways you can combat global warming and climate change. The road to improved life quality through energy efficiency might be hard, but a transformed lifestyle can make a big difference. Start now ? lighten your carbon footprint and help save the world.

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK
How COBIT helps you achieve SOX Compliance

First released way back in 1996, COBIT has already been around for quite a while. One reason why it never took off was because companies were never compelled to use it ? until now. Today, many CEOs and CIOs are finding it to be a vital tool for achieving SOX compliance in IT.

Thanks to SOX, COBIT (Control Objectives for Information and related Technology) is now one of the most widely accepted source of guidance among companies who have IT integrated with their accounting/financial systems. It has also gained general acceptability with third parties and regulators. But how did this happen?

Role of control frameworks in SOX compliance

You see, the Sarbanes-Oxley Act, despite having clearly manifested the urgency of establishing effective internal controls, does not provide a road map for you to follow nor does it specify a yardstick to help you determine whether an acceptable mileage in the right direction has already been achieved.

In other words, if you were a CIO and you wanted to find guidance on what steps you had to take to achieve compliance, you wouldn’t be able to find the answers in the legislation itself.

That can be a big problem. Two of your main SOX compliance obligations as a CEO or CIO is to assume responsibility in establishing internal controls over financial reporting and to certify their effectiveness. After that, the external auditors are supposed to attest to your assertions. Obviously, there has to be a well-defined basis before you can make such assertions and auditors can attest to anything.

In the language of auditors, this ?well-defined basis? is known as a control framework. Simply put, once you certify the presence of adequate internal controls in your organisation, the external auditor will ask, ?What control framework did you use??

Knowing what control framework you employed will help external auditors determine how to proceed with their evaluations and tests. For your part, a control framework can serve as a guide to help you work towards specific objectives for achieving compliance. Both of you can use it as a common reference point before drawing any conclusions regarding your controls.

But there are many control frameworks out there. What should you use?

How SOX, COSO, and COBIT fit together

Fortunately, despite SOX?s silence regarding control frameworks, you aren’t left entirely to your own devices. You could actually take a hint from the SEC and PCAOB, two of the lead organisations responsible for implementing SOX. SEC and PCAOB point to the adoption of any widely accepted control framework.

In this regard, they both highly endorse COSO, a well-established internal control framework formulated by the Committee of Sponsoring Organisations of the Treadway Commission (COSO). Now, I must tell you, if you’re looking specifically for instructions pertaining to IT controls, you won’t find those in COSO either.

Although COSO is the most established control framework for enterprise governance and risk management you’ll ever find (and in fact, it’s what we recommend for your general accounting processes), it lacks many IT-related details. What is therefore needed for your IT processes is a framework that, in addition to being highly aligned with COSO, also provides more detailed considerations for IT.

This is where COBIT fits the bill.

How COBIT can contribute to your regulatory compliance endeavors

COBIT builds upon and adheres with COSO while providing a finer grain of detail focused on IT. You can even find a mapping between COBIT IT processes and COSO components within the COBIT document itself.

Designed with regulatory compliance in mind, COBIT lays down a clear path for developing policies and good practice for IT control, thus enabling you to bridge the gap between control requirements, technical issues, and business risks.

Some of the components you’ll find in COBIT include:

IT control objectives

These are statements defining specific desired results that, as a whole, characterise a well-managed IT process. They come in two forms for each COBIT-defined IT process: a high-level control objective and a number of detailed control objectives. These objectives will enable you to have a sense of direction by telling you exactly what you need to aim for.

Maturity models

These are used as benchmarks that give you a relative measurement stating where your level of management or control over an IT process or high-level control objective stands. It serves as a basis for setting as-is and to-be positions and enables support for gap analysis, which determines what needs to be done to achieve a chosen level. Basically, if a control objective points you to a direction, then its corresponding maturity model tells you how far in that direction you’ve gone.

RACI charts

These charts tell you who (e.g. CEO, CFO, Head of Operations, Head of IT Administration) should be Responsible, Accountable, Consulted, and Informed for each activity.

Goals and Metrics

These are sets of goals along with the corresponding metrics that allow you to measure against those goals. Goals and metrics are defined in three levels: IT goals and metrics, which define what business expects from IT; process goals and metrics, which define what the IT process should deliver to support It’s objectives; and activity goals and metrics, which measure how well the process is performing.

In addition to those, you’ll also find mappings of each process to the information criteria involved, IT resources that need to be leveraged, and the governance focus areas that are affected.

Everything is presented in a logical and manageable structure, so that you can easily draw connections between IT processes and business goals, which will in turn help you decide what appropriate governance and control is needed. Ultimately, COBIT can equip you with the right tools to maintain a cost-benefit balance as you work towards achieving SOX compliance.

Ready to work with Denizon?

Contact Us Today