We have started work on a long list of  new features and enhancements to our governance software suite: BPC RiskManager, and, assuming the world doesn’t come to an end this year, we think you are going to like what is coming – but more on that in future posts. 

Our four main service lines -  Software Sales,  Custom Software,  Survey Hosting and Consulting have opened the year with the strongest bookings in a number of years so 2012 looks like it will be an interesting and busy year.  The Custom Software and Consulting teams are now fully committed for the first quarter (obviously sales and hosting don’t have capacity limits) , which is a good way to start the new year.  

2011 was a great year at BPC, and we thank you, our clients and friends for your on going dedication and support – without you we don’t exist.  To our clients, while we don’t get to see many of you personally, our regular telephone conversations and email communications make us feel we know each of you as friends.  We couldn’t ask for a better bunch of clients – loyal, considerate, helpful cooperative, inspirational and fun.   A simple “thank you” just doesn’t seem enough.

 For BPC RiskManager V6 users there has recently been a major update released with lots of new features and a couple of progressive updates since then, so for those with current maintenance subscriptions, make sure you contact us and get the update, and those of you without, make sure you get yourself current and we’ll get you the update.

User names and passwords are available from your ACE region coordinator at ACFE, or you can contact us directly.  If you know your user name, but have forgotten your password, the login page will send it to the email account we have registered for your organisation.  Just click on the “I forgot my password” link on the login page.

Remember there are three ways you can get the surveys done:

1. Load up the students and their email addresses by using the responder addition buttons on the “Manage Survey” action page, and then sending the invitations.  This will allow them to complete the surveys from home via computer or even their smart phones.
2. Use the student portal – which will auto generate user ids , but you will have to provide the students with the login password for the portal.  The password for your organisation is shown on your survey list screen when you turn on the portal.
3. Hard copy and manual entry using the “enter data” action link on the survey list screen.  You can get a hard copy (MS Word) version of the online survey from the “Manage Survey” screen available from the manage action link on the survey list screen.  If using this option you can combine it with options 1 or 2 to get the responder “slots” for entering the data from the hard copy surveys.

Obviously the preferred option is to use either options 1 or 2.  With option 2 you will not be able to track who has completed the survey as it auto-generates IDs.  You will, of course still be able to view totals, response analysis, etc.  Option 2 is intended manly for class group submission such as in a computer lab, rather than individual invited responses.  If you are loading more than 30 student emails for option 1. you should probably use the XL/CSV bulk load option as it will be faster.

Contact BPC by email or phone or ACFE if you have any questions – remember to provide your TOID and a contact number.  Do not put your BPC SurveyManager login details into the comments on this post.

Coordinators – you can track which organisations have met response targets from the “manage regions” screen in your region login.

 This version is currently released in the V6.2.5.32 build production installer for now.  It ships the V6.2.8 database with the V6.2.5.32 application server and client.  In a little while we will re-release it officially as V6.2.8, but we need to update all the marketing material when that happens – which is a significant effort and takes us away from adding cool stuff into the application suite.  We are absolutely flat out right now with work orders – so we are holding off doing the stuff that doesn’t help you directly – like new brochures.   There are a couple of additional new features that we are working on which will probably make it into the V6.2.8 official version – but essentially the V6.2.5.32 production build is the 6.2.8 release.  Any one that installs now will get an update notice emailed to them when the renamed 6.2.8 installer is released if there is anything different (other than the name) – and it will be just a matter of replacing a couple of files.

Unlike the beta stream, 6.2.5.32 ships as a full auto-upgrading installer and will become the new productions release against which the next auto-installer will auto upgrade your database.   The installer will take any version of RiskManager from V6.1.x up to the current 6.2.5.32 build and V6.2.8 database.

So all the cool enhancements we have been working on for the last couple of years that have been in the Beta stream are now in this new production release, with as usual some more stuff added.

Most of you have been enjoying many of these features for some time now because you have been taking the Beta releases, so the changes will seem more incremental than dramatic – which of course is the idea behind the frequent Beta release programme.   True to form, we haven’t stopped updating, the production release already has a Beta patch which will take you to build 6.2.5.34, but until the 6.2.8 renaming, we are updating the production installer every few days anyway.   The next production installer update will be out next Wednesday.  

There are so many enhancements being added across the modules it is easy to miss stuff, so after you install the new app turn on incident management (if you haven’t already) and take a look at what has happened to the incident system!   The version in 6.2.5 was written back in 2006 – and it was begging for some attention – well it just got it.   I hope you like what you see, but this is just the tip of the iceberg – the 6.2.8 engine has heaps more it can do with incidents and that is about to be unveiled over the next couple of releases.

We won’t run this next Beta stream so long this time – maybe just a couple of months because we want to wrap up the V6.2.x series and move onto V7

Our existing clients will know that our version numbering is a serious understatement of what is being added as we are likely to add an entire new module in just an incremental build number change – so if we are jumping from 6.2.x to 7.0 you can imagine the dramatic enhancements we have planned for next year. 

 Here’s a hint of what is coming:  You won’t be managing “risks” or “compliance obligations” for much longer – they will be Governance Topics.  You wont be asking “what can go wrong?” but “how can we achieve our planned objective?”.   All the V6 stuff will be there, and the V6.2.8 database has largely accommodated the V7 view of the world – so V7 will be an auto-upgrade  from V6 – so keep you maintenance subscriptions current because you’ll get it at no extra cost.  More on this new approach in later articles.

For now a couple of things about V6.2.8 / V6.2.5.32.   You will notice that a new risk type will be automatically added called “incidents” with a BG  of incidents and a BU of I-Well and Risk of I-Well.  This is the “incident well” for incidents that are otherwise “unattached” to a risk.  Don’t delete them – you need them for the safety module incidents handling to work properly and appear in all reports.    The I-Well is a generic risk for otherwise unlinked incidents.

The incident engine has a whole lot of different reportable event types in it now, as well as a method for tracking the reports action and a work flow of incident handling.  You can still design your own additional attributes and properties, but the current single table view is about to change so that their will be different sets of attributes for each incident type.

You will also notice that the certification / SOX / Sched7  system will insist on creating a “root” account of  “0000″ called “Root”.  Don’t delete this either – if you do it will be automatically recreated.  This is the root of your chart of accounts.  It will allow you to have several different “sets of books” in the chart for different organisations, etc.  All accounts ultimately descend from this root account.  The reason it exists is to ensure that there are no orphan account trees for role ups.

For those of you who have been using master-child risk/compliance relationships (which should be everybody, right?), the roll up engine now rolls up everything – that means that financial values, likelihood, impact, control, assertions, breach flags, etc are rolled up as well as the residual ratings.  (Not the sub tables though – like incidents or causes, except for assertions).  This means that the strange anomalies in bubble charts for master risks are no longer there, BUT you can not set master risk likelihood, consequence, control, assertion responses and ratings or financial values independent of their children once roll up is engaged.   In particular the assertions roll up will float all child assertions up to the master risk/obligation – with the responses according the to assertion roll up rule (so make sure these are set).  Breach flags in the master risks can therefore be triggered by breaches in children – or non completion of assertion responses.  This makes a lot more sense that the old way of doing it, but you might need to re-jig some of your structures a little if you have been treating master risks as just another risk.

This release also surfaces test plans for the certification/compliance module which have been brewing for a while now and are finally appearing.  Again this is a first taste of this stuff, with much more appearing as fast as we can get the screens done.  The 6.2.8 DB already has the tables in it for the soon-to-be-released parts.  For now you can create, design, schedule and manage test plans, and in a few weeks you will be able to record and review the test outcomes and progress as well.

We pulled the claims module back from earlier BETA release of a few months ago so we can do more work on it, but it is only temporary, it will be back in in the new year.   We simply have not had the time to get back to that with all the other client requests we have been working on.  Also we decided that there were some other modules that required attention before claims would work as intended – one of those is obviously incidents.

Lastly you will note there are three different kinds of governance topics – not two as in most governance views:

1. General Risks
2. Compliance / certification obligation risks
3. Compliance Topics/Events

We will eventually rename these but for now this is what they mean: general risks are either project or general “corporate” risks of a future event, compliance obligation risks are the risk of a compliance obligation not being met – IE. the risk of non-compliance, while compliance topics are the compliance events that must are either occurring and must be managed back to compliance or are likely to occur without if ignored.  Every governance topic can be seen  in any of these views simultaneously – as a general risk, as a compliance obligation, or as a compliance event. 

 The main difference between the two ways of looking at compliance is that a compliance risk focuses on strategies / controls to minimise the causes of compliance failure and hence the risk of non compliance, while the compliance topic screen focuses on actions required to remediate the causes of the non compliance and then the control “learning” from that experience.

The two views come about because of the slightly different slant arising from financial statements compliance – where we wish to be able to assert a level of confidence in (and be entitled to assume reliance on)  a set of values in the FMS  to a level of materiality, versus document compliance – legislation or policy  - where there is no allowance for materiality but where active remediation is a defence.

The names are not the best in the RM suite – and apologise for this in advance – but it comes from our need to marry the two different views of compliance where both types of client use the same terminology for fundamentally different ideas and approaches, and our desire to allow you to switch between the two views “live” . 

So what is currently in the RiskManager V6.2.x suite ? 

• Risk management – general and corporate
• Assessments and assessment outcome management
• Compliance obligations – legislation, documents, policies, procedures, etc
• Certification /SOX / Sched7
• Compliance events
• Document management for legislation, policy, procedures, etc, with risk maps and review reminders
• Insurance
• Incidents & safety
• Test plans
• Audit management
• Assertions / compliance questions (Indefinite length and indefinite banks of assertions/questions for each obligation)
• Multiple assessments of each governance topic
• Corporate planning with obligations linked to risks / governance topics
• Snap-shots / milestones (with support for ‘what-if’ using restorable milestones)
• Surveys, custom and control self assessment
• Review and responsibility control on almost everything with reminders
• Work flow
• Process – charting
• Custom scripting engine
• End user report writer + import/export engine
• Tree views with governance topics in multiple tree branches simultaneously
• Master detail roll up relationships
• QBE Topic Search
• Full granular – multi-user security controlling who sees what obligation – internal, AD, LDAP, NT-Groups
• Multiple risk modelling systems (formula or tabular)
• Works as a single user install or massively multi-user install with a tiny footprint
• Internal messaging and task management/tracking

This list doesn’t really do it justice because some of these could inspire entire sublists of features, but these are the “big picture” items.

As a risk management professional, one of my particular concerns is the significant and rapidly growing scope of risks created by social networking and smart mobile technology.  I admit to being in “two minds” about this space.  On the one hand there are definite and clear branding, sales, performance, communication, and social benefits associated with the social media technologies.  On the other hand there are serious and real, present and potential risks that are growing rapidly. I remain concerned that these risks are little understood by the vast majority of the user base, and that there is not a clear path to either mitigating or avoiding them.

The one guiding principle that all internet users should remember, is that “the internet is forever”.  If you are bold enough to venture into the very dark-side of the internet – spend an educational few hours browsing the encyclopedia-dramatica (EA) web site.  (WARNING:  Not Safe For Work.  This site contains extremely offensive, bigoted, obscene and abusive content.  You WILL be offended by some, if not all the content.  While it is intended to be a humorous web site, its humour is based on being deeply offensive to almost everyone – so do not visit unless you have a very thick skin, it is not even remotely possible to offend you, you have a secret fascination for the sordid, an extremely well developed sense of the right of free speech, a professional excuse to be there and/or believe that there is no image or viewpoint too strong to gross you out.  Also, be warned, that there are some things that once seen can never be “unseen” and the image or text may haunt you for the rest of your life. )   One of EA’s pet projects is to explore and ridicule internet “memes” as they rise to fame.  A meme is an internet fashion – the internet equivalent of the proverbial 15 minutes of fame.  It may be a person, an idea, an identity, etc.  EA delights in recounting in depth the foolishness of targeted memes, the process used in tracking their real world identities and exposing their details (names, addresses, associates, phone numbers, etc).  Erstwhile anonymous people who have either done some thing foolish on internet social media sites or people who hold views they consider extreme or hypocritical are targeted and occasionally harassed.  It is this aspect of EA’s function that is relevant to this article, and the step by step accounts of how some of these semi-anonymous people have had their real identities, with phone numbers and addresses, family and real-life jobs exposed and linked together with their internet foolishness are a very strong lesson in how dangerous the illusion of anonymity is on the internet.  The advent of modern social media has made this work simpler, faster and possibly even more devastating to the individual.  

In the world of simple social networks – bulletin boards, chat rooms, YouTube and Email Lists , however, considerable resources and skills were required to achieve this kind of exposure.  It is possibly the ability of the group of people championing or supporting the EA website and the bulletin boards/chat sites from which it draws many of its victims to utilise their apparently large world wide participation base that allows them to sew the data together from these many sources and form a coherent story that facilitates their success.   The sheer effort required to do this kind of work has traditionally made it unlikely that the ordinary internet user whose internet behaviour is more “ordinary” had much about which to be concerned.   With the advent of increasing “smart” social media sites, like FaceBook combined with technology advances like facial recognition, smart phones with mobile apps and GPS tracking technology,  marketing agencies and commercial data tracking firms and 20 years of data tracking this is changing.

Consider the recent article in The Wall Street Journal published 18 October 2010: FaceBook in Privacy Breach.  The essence of the matter reported was that various apps in FaceBook were providing data to external sites that breached user’s privacy settings.  The apps on your FB  page have access to a considerable amount of your private data regardless of your privacy settings and are therefore capable of transmitting this data to external systems.  Even without this dimension, FaceBook uses a unique identifier to identify its users (a characteristic that would be difficult to avoid).  That identifier probably has to be available to any app used by a user for many of the app’s socially beneficial networking capabilities.  Given many apps make use of external (to FaceBook) databases, that id probably has to be available outside of the FaceBook environment.  For the 500 million or so FB users, this is effectively a unique identity number.  Combine that id number with even a polynomial hash of the personal data held in a user’s FB account, and then match that hash with a hash code held for the same fields – say name and address or email address – in a marketing or data tracker’s database and you can link the offline database with the FaceBook user even if you are not transmitting identifiable private information.  

Data tracking and marketing firms can use things as simple as advertisements and images displayed on a web page you visit to identify you by your browser and IP address to track where you go on the internet – before we even get into more sophisticated tracking methods.  So now we have the potential for that information to be tied to your FB user identity.

Now let’s add the latest FB innovation – facial recognition.  The addition of facial recognition capability to FB and applied to the profile and other images loaded up into the FB database and tagged with personal and “friend” identities gives FB possibly the largest facial recognition database outside of any government – and possibly larger than 90% of governments around the world.   

Lastly, we add to this mix the wide spread use of smart mobile technology with their GPS and web browsing systems – including FaceBook, and the growing social media linking systems like Xobni that matches your email inbox to the various social media sites like LinkedIn, FaceBook, Twitter, etc.

Take all of these systems together and we have a growing ability for people’s lives to be comprehensively monitored – real life, social life and internet life:  who you are, what you look like, where you go – in real life and internet life, who you work for, what you do, what you say, who your friends are, what you like, what your political views are, what you buy and what you would rather not have others know.  Does this bother you yet?

Even if this unprecedented potential for tracking and data matching – social convergence – does not concern a given individual, from a corporate perspective if creates some unique risk management questions:  

• When a person’s real-world private life, internet private life and real-world corporate identities converge, and that convergence brings disrepute on an organisation, what should be the organisation’s response?
• How can an organisation measure and limit the risk from social convergence?
• Should an organisation be actively outcome-testing the social convergence of its key employees in order to anticipate the impact of ill-timed exposures?
• Should employees be discouraged from using any data that can be used to match their corporate identities in social media?
• Should an organisation actively educate their staff about the risks of social convergence to them and their employer?
• To what extent should organisations apply the same social-convergence morality tests to the organisations with which the trade?

As a strong proponent of the rights of the individual, freedom of speech and the duty of employers to “mind their own business” with respect to the individuals they employ I find the implications of these questions extremely troubling, but I fear they will not be able to be ignored forever.

The target cutoff for this BETA was intended to be Tuesday, but since everyone suddenly seems to have awoken from a light sleep this last week, and particularly since our BETA15_1 release we may extend for an extra few days and we are receiving lots of requests and suggestions most of which are rapidly doable at the moment.  

The main projects getting a look-in in the BETA15 sub-sequence are:

• RM – Survey Engine Integration
• Compliance/Certification (Financial Statement Elements)  Project
• Compliance Topic Solver (simplification) Project
• Insurance Claims Management
• Safety (Incidents and Hazards) Project
• Workflow Project

Essentially there is a lot of new or improved functionality being turned on in this BETA.  In a number of cases there are features that have been present for some time, but not fully engaged with the rest of the system because other  features were required to make them fully functional that are now ready, or they required us to take the “force a DB change” step to make them work properly.  This is what is happening now.  We are now alao trying to shut down the BETA sequence and move to the release of V6.2.7 as quickly as possible.

So in the interests of managing the flood of email enquiries I am going to post here a little more regularly about what we are doing.  This should help you decide whether you take any BETA15 (almost nightly) build or wait until we stabilise it on BETA16.   BETA16 will most likely be a short staging step until the release of V6.2.7 which will be virtually identical to BETA16, except for any fixes required from BETA16. 

BETA15_4 has:

•  Additional survey engine integration fields and now fully supports survey organisation selection throughout.  This is important so that the RM client can see all the orgs that the SM client can build;
• A new survey question library tab in the risk maintenance screen to allow selection of individual questions from the survey engine to be linked with individual risks.  The initial version of this tab allows individual already created survey questions to linked with risks.  This will be expanded in the next BETA15; 
• A recasting of types of the survey reference fields held in RM tables from varchar to nvarchar.  The survey engine was written to use Unicode characters, while the RM uses standard ASCII.   When we brought the two engines together many years ago the fields in RM that held SM references were created as ASCII fields to be consistent with RM.  That has now been changed so that the cross link fields now all use the standard SM field types.   In RM version 7 we will be going full Unicode, and this is an initial nod in that direction;
• Control Self Assessment surveys now attempt to build themselves in the survey org that is linked to the risk’s owning business unit, rather than in the global default survey organisation.  With the surfacing of survey org’s in RM this just makes better sense;
• Survey Reporting views in the RM survey client that “timed out” in BETA15_1 and BETA15_2 when there were more than 30,000 survey responses have now Bent fixed so they display correctly.  This was actually caused by the reports not being “survey organisation aware” so they were making a Cartesian product when the same survey appeared in multiple organisations ;
• Added lookup searches to the various screens where survey organisations are referenced so that you do not have to know the name of the survey org when you are trying to link it to a RM business unit, etc.
• Added a page to “setup profiles” to enable the creation of survey orgs from within RM;
• The “Global Survey Org” is now just an initial and default survey organisation where you have not defined a survey org to mirror a RM Business Unit;
• A significantly expanded range of risk/compliance fields have been surfaced in the maintain compliance screen, and renaming of some of the existing fields to allow better dynamic captioning choices that distinguish the fields from their risk view counterparts.  There is more happening here between the Solve Topics and Maintain Compliance screens to simplify the screens and make the compliance display less dependent on the Risk View to display additional detail;
• Added “Financial Statement Element” display field to the compliance screen along with the “Document/Section” field.  You can use either or none.
• Added workflow creation and editing to the Risk and Compliance object (with extra buttons on each maintenance screen to enable workflow maintenance therefrom.

Another release is coming tomorrow, I will try and tell you about that then.

BETA15_4 is on the download site – use your client ID to access.   It contains an updated script to build a database from scratch.  We have taken out the DB create command, so you should create your DB first then run the script to build the inside your new DB.  It is SQL Server 2000+ compatible, then use the accompany in XL sheets to load in the initial data.  There is one sheet per table that requires initialisation.  If using your existing DB you will need to contact us to convert your DB until the BETA16 is released, or possibly after if you have one of the intermediate DB versions.  The current DB version is V6.2.7

You may have noticed that since then there have been 2 more updates to BETA15.  This is why we did not “officially” announce it.  There are a number of things that are a day or so away from completion, and so we could get some feedback before the official release we agreed to do a rolling nightly release for a few days.

This will be the case for the next few days – a nightly update with a new complete DB build script included while we include each of the extra features not yet included in the build.  The current release is BETA15_2, but tomorrow there will be a BETA15_3 and so on.

If you want the latest nightly build you are welcome, but understand that this is a moving feast until the official announcement – that will appear on this blog as usual.

To avoid confusion, we will probably stabilise on BETA16 as the announced release. 

BETA15 uses the V6.2.7 database – so it will NOT work with your V6.2.6 databases (BETA14).  You will require an upgrade script or to forward your databases to us for free conversion.  Except for those clients specifically engaged in this release sequence, we will not be converting databases until the stable version is released as there is a (very slim) chance that the DB will be changed during the next couple of days.

If you think you need special consideration – don’t hesitate to contact me via email and we will attempt to cooperate.

Thanks for the excited interest – it is much appreciated.  I will know next time not to try and sneak a new release out, you guys are all way to keen and astute for that.

The official announcement – when it is made – will include detail of what has been added.

The problem with the Linux based Acer Aspire Easystore is that while the unit will happily allow drives to be replaced, if you lose the motherboard or the Ethernet port you are in serious trouble.   It surprisingly easy to suffer a catastrophic problem.  For example, if you upgrade the firmware from 2.0 to 2.5 your unit can stop responding.   Further you can lose the motherboard  for a variety of  other reasons – for example, they seem especially sensitive to minor DC power spikes.  If the dreaded red light indicating “unrecoverable software” lights up or the unit simply stops talking to the network, you will rapidly discover you  are essentially screwed. 

Acer’s maintenance support, seems excellent when you contact them.  They will happily replace the unit for you (in fact that is all they will do!) and even send out a technician to swap your old still working drives into the new unit.  Unfortunately that is when you discover you have a serious problem.

The replacement unit will not read the RAID array from the old drives – even if your drives are otherwise OK.  If you are lucky, it will recognise the user accounts – but it will not give you back access to your data.  Acer’s helpful response is that you must rebuild the array.  Do not under any circumstances do this or you will lose your data!

This is what you must do…

In our case we always use RAID 1 on low cost RAID systems.  This essentially gives 2 copies of each disk without co-dependence across multiple disks for data recovery.

Recovering your data from the Acer becomes quite simple in this situation.

What you will need:

A spare computer (a Windows desktop is fine) with:

•  at least one spare SATA port,
• a spare SATA cable, (or just unplug an existing drive from the desktop computer and use its cable),
• a spare HD drive  in FAT32 or Linux disk format so it can be accessed easily under Linux (or other NAS on the network) with enough space to store the files you recover from your Acer Easystore drive(s)
• a CD ROM. 

Either the on the same  machine, or another, you need a writable CD drive, a spare blank CD and an internet connection.

Now follow these steps:

Step 1  Assuming you do not have a way to write ISO formats onto a CD ROM go here and download the ISO writer:

http://isorecorder.alexfeinman.com/isorecorder.htm

Just double click to install it and once installed you merely right-click on an ISO image and choose “Copy image to CD”.

Step 2: Get a copy of the latest version of Knoppix Linux from here (or other Knoppix mirror).   I used Knoppix 6.4.4

http://www.mirrorservice.org/sites/ftp.uni-kl.de/pub/linux/knoppix/

You do want the ISO image and unless you are visually impaired you do NOT need the ADRIANE version.

Step 3.  Put your blank CD into your writable CD drive and right click on the ISO image you just downloaded.  Choose “copy image to CD”.  This will give you a bootable version of Knoppix Linux on a CD ROM.

Step 4.  Turn off and open up your spare desktop computer and plug the first RAID1 drive from your dead Acer Aspire Easystore into the SATA data cable and the SATA power cable and plug the other end of the SATA data cable into a spare SATA port on the motherboard (or SATA sub-board).  Note the number written on the motherboard this will help you find the drive later.  You only need to plug in one drive from each RAID1 pair.  The drives are arranged in pairs making one volume each in the easystore – so the top two are one volume and the bottom two are another volume.  You want one drive from each volume.  We will just do one volume in this sequence, and you should repeat the following steps for the second volume after completing the first.

Step 5.  Turn on the computer and if it does not already boot from a CD ROM, trigger the BIOS setup on startup and change the boot order so that it boots from a CD ROM first.  Save and exit and allow the computer boot up.

Step 6.  Once Linux has started (you may have some minor config steps to work through), click on the little filing cabinet in the bottom left hand corner of your screen.  This will show you the mounted devices.  If your machine also has NTFS drives in it or even an existing RAID array in it there will be some drives marked OS which you will not be able to access.  Ignore these.  Your FAT32 drives and your Acer EasyStore Raid1 drive should be visible.  The mounted Acer drive will show as something like “sdc4″, where the “sdc” part might be sda, sdb, sdc, etc.  The number refers to the partition on the drive that could be read.  This will not have your data in it – so don;t get excited just yet.

Step 7.  In the bottom left hand corner of your screen, beside the filing cabinet icon is the Knoppix logo.  This is the equivalent of the windows “start menu”.  Click on this and from “preferences” choose “GParted”.  Let this do its stuff and when it has finished opening select the GParted menu, and from that the “Devices” submenu.  From this look for and select your Acer drive.  In my case it was on /dev/sdc -  yours may be different – but will be the one that was showing the “4″ in its name when you looked in the file system display.

Step 8.  After GParted has scanned it, you will notice this has 4 partitions.  The Linux swap and the system – both of which will be mounted and then two others – which will not be mounted.  The big one has your data, and the little one is just some spare space.  The big one will probably have a “2″ in its name.  In my case it was “sdc2″.  It will also be showing the file system type – probably “ext2″.  Note both the name (eg. sdc2) and the file system (eg “ext2″) – you will need them in a second.

Step 9.  Select this line by left clicking on on it and then right click to bring up the context menu.  From the context menu that displays choose “Manage Flags”.

Step 10.  In the “manage flags”  window that opens tick the “Raid” flag.  Then open the “Manage Flags” menu again and untick the “Raid” flag.  Close GParted.

Step11. From the “start menu” in the lower left hand corner of your screen choose “Accessories / Root Terminal”. 

Step 12.  When the console window opens type the following:

mount   /dev/sdc2   /media/sdc2 -oro -text2

NOTE:  change the “sdc2″ to the device name (and partition number) you saw in GParted earlier and the  “ext2″ file system type to the one you saw there as well.  It will most likely be ext2, but it might be ext3.   You have just mounted your lost data as “/media/sdc2″  – or whatever sd you entered above.

Step 13.  Click on the filing cabinet icon in the bottom left of the screen and in the address bar enter (adjusted appropriately for your device name):

/media/sdc2/

Your lost files should now be visible. 

Step 14:  Copy your lost files to your spare drive or other network store.   The Acer drive was opened in read-only mode by the mount command so you will can only copy or read them.

If you have two RAID1 volumes in your Acer EasyStore you should repeat all the steps  from step 4 for the second volume as well.

Good luck!  Feel free to drop me an email (or a comment here) if you have a question.  You can also rebuild a RAID5 array in a similar fashion – but it is a little more complex than the process for RAID1 recovery.

There are three main reporting systems in RM – the inbuilt reports (these can not be expanded), the end-user reports (BPC RM ReportBuilder), and mail-merge/office template  style reporting.  Of these, the primary reporting tool for end user reporting is the BPC RiskManager ReportBuilder reporting engine.   

So how do you make these tables and views available to the BPC Risk Manager  end user report development tool (report builder) so that you can report on them in your own reports?  Fortunately BPC RiskManager allows you to add these things directly in the BPC RiskManager client to the reporting engine so you can include them in your reports.

By way of an example, we will add the  actions progress table to the end user reporting layer and hook it in to the magic-query maker, so that when you use the table in your reports it automatically hooks it to the appropriate master table or view (in this case “search_risk_actions”).  We are adding a raw table, rather than a view, so we will add the word “raw” to the name so that we distinguish it from the views.  The difference between the tables and the views is that the views populate the table’s look-up fields with the description field of the look up table.

In the RM client, on the Administration tab:

1. Go to Administration/Report Builder/Table Names
2. Select “New”
3. Enter in the fields:

• Table_name: RISK_ACTION_PROGRESS
• Table alias: Action Progress Raw

(Note the spaces in the above)

1. Select save.
2. Got to Administration/Report Builder/Field Names
3. Select “Add Fields”
4. In the pop-up box enter: RISK_ACTION_PROGRESS
5. Select “Ok” – this will add the field names.
6. Got to Administration/Report Builder/Table Joins
7. Select “New”
8. Enter in the fields:

• Table_name1: SEARCH_RISK_ACTIONS
• Table_name2: RISK_ACTION_PROGRESS
• Join_Type: dajtLeftOuter
• Field_names1: Action ID
• Operators: =
• Field_name2: ACTION_ID

NOTE the space in the Field_names1 “Action ID”

1. Select “Save”
2. Close the administration window.

The risk_action_progress table and its fields will now be available to Report Builder.

BPC RiskManager V6.2.5.25 – BETA14 has been released.  This version mandates the V6.2.6 database.  BETA15 is a production ready release.    The V6.2.6 database is transitional, in that the BETA cycle will see us move to at least V6.2.7 before it is finished.  

Clients who have upgraded their databases to the V6.2.6 can install this release directly.

Included in this release:

RiskManager Client

• Flow Chart Designer hooks have been expanded and you can now invoked the designer directly from the risk maintenance screen.  Flow charts are linked to the business processes and business sub-processes, among other things.
• New integrated work flow support for flowcharts and expanded scripting RM/Work flow interface.   This is a substantial internal update.  Workforce diagramming is now directly supported from process and sub process definition screens rather than as a separate engine.  Work flows diagrams can be executed and are scriptable with interfacing calls that can invoke screens in RM.  The internal update lays the framework for a substantial expansion in the role of Work flow and flowcharting.
• Surfacing of most of the remaining risk attributes to the Windows desktop client including financial data, additional audit fields for planning and documents.  These includes estimates for loss (or gain).
• Significant expansion in the ability to selectively hide functionality.
• Addition of various features to the insurance centre as part of the introduction of claims support.

(Note: The new claims screens are now scheduled for BETA 15.)

RiskManager App Server

• Updated Bulk Importer with support for:
  • data value transformation and mapping,
  • push feed to the survey engine allowing auto-submission of scanned survey data
  • improved table selectors

RM SurveyManager

• Ongoing expansion of survey structure capabilities.  A number of additions have been made to the SM engine to support risk register rating via survey.  This is an ongoing upgrade and will continue progressively for a few more releases.  This first group of enhancements adds additional tags to better enable risk register style surveys. 

Please Note: 

BETA releases are intended for deployment by clients the same as full version releases.  Deployment usually involves replacing a few files by copying.  The BETA tag refers to the release packaging that does not usually include an auto-installer, auto-upgrader (other than for the desktop client) and that the take up is of the BETA is optional.  This means that a client can take the latest beta without having taken any previous Beta’s and we will guarantee to provide a customised DB upgrade.  Support is only promised for the latest BETA and the previous full release.  Clients using older BETA’s may be required to upgrade to the current BETA before support is provided.  The BETA release stream is also a way for us to extend the life of client subscriptions on version linked licenses. 

Documentation Updates

Go and look at the riskwiki  for documentation updates.  We have been busy adding new papers under a number of headings including new discussions of the community “network stakeholder model” and survey manager and risk manager user manuals.

 There is a new version of RiskMailManager available in each of your client folders and on the general product download sites.  The BETA12 package has also been updated and  re-issued.  This new version has been issued in its own package and the BETA12 packages have been updated for those yet to update.

To upgrade it simply replace the RiskMailManager.exe in the applicationfiles directory of your BPC RiskManager V625 server installation with the new file in the zip.  Discard the previous version – it is a blight on the world and does not deserve to be remembered. 

The revised RiskMailManager addresses a problem that may stop the template reader from loading your message templates under certain configurations.  All clients using RM Beta 11 or 12 are advised to update the RiskMailManager application, regardless of whether you are experiencing mail problems or not.

BETA 12 Warning:  BETA12 requires are complex database update.  If you wish to upgrade to BETA12 you are advised to request a customised database upgrade script or request us to do it for you.  Alternatively, wait a little longer for BETA13 which will include an installer. 

Read the previous post for the content of BETA12.