Welcome to the October 2013 edition of Tricor Roots InTouch. This Newsletter is aimed at keeping our Clients, Partners & Associates updated on what is happening in the world of Enterprise Governance.

Adobe, a leading MNC, recently announced that it suffered a major security breach, resulting in the loss of valuable Source Codes, and sensitive customer information. This and other breaches globally magnify the risk of information security, particularly as Organizations continue to collect and store more information as part of "Big Data".

1. Are your data secured?

Adobe announced recently that it has been the target of a major security breach in which sensitive and personal data about millions of its customers have been put at risk. The attack concerns both customer information and illegal access to source codes for "numerous Adobe products." Unfortunately, the culprits also obtained access to a large swath of Adobe customer IDs and encrypted passwords, including names, encrypted credit or debit card numbers, expiration dates, etc.

MALAYSIAOctober 2013

Tricor Roots InTouch Newsletter

The Business Enablers

Member of Tricor and The Bank of East Asia Group

Tricor Roots Consulting Sdn Bhd

In addition, we are also pleased to announce progress on the development of Q-RADAR V9.6, the latest installment of the industry leading Governance, Risk & Compliance (GRC) software solution.

We hope you enjoy this Newsletter, and as always, please do not hesitate to contact us should you have any queries. We love to hear from you.

Your Trusted Consultant,

Tricor Roots Consulting Executive Team

As Organizations collect more and more information about its customers, suppliers, employees and other stakeholders, security over sensitive datais increasingly an issue. The impact of a breach extends beyond simplefinancial exposure, but creates irreparable damage to the Organization’s reputation and in a worse-case scenario, may imperil the ability to operate as a viable entity.

C

M

Y

CM

MY

CY

CMY

K

Tricor Roots Newsletter October 2013.ai 1 09/10/2013 16:58:47

2 Tricor Roots InTouch Newsletter • October 2013

It is therefore imperative that Organizations conducts a thorough risk assessment over its information security and manage any gaps that may arise. Critically, the Organization’s Business Continuity Management program, including Crisis Management, Disaster Recovery and Emergency response plans should be co-ordinated to ensure that any such exposures can be quickly managed, with minimal damage.

2. Q-RADAR Version 9.6 is well under way

As part of our ongoing enhancement program of the Q-RADAR system, we have embarked on Q-RADAR

V9.6. It represents a significant improvement over Q-RADAR V9.0 and is slated for release by Q1 2014.

Among the many changes within the system, significant improvements are being made in the areas of:

a. Increasing flexibility in Risk Management to facilitate risk intelligence

b. Revamp of the Business Continuity Management (BCM) module in line with ISO 22301

c. Tools and functionalities to enhance active communications and collaboration between users within Q-RADAR

d. Significantly enhanced Key Risk Indicator (KRI) analysis and monitoring functionalities

e. Enhancement of technology to cater for the latest browser updates and operating systems

f. Ability to manage your own login page images and banners, along with "system skins" to allow Organizations to self-modify the look and feel of the system to their own specific needs

g. Increasing flexibility throughout the system to cater for increasingly sophisticated and unique requirements

h. Upgrade of technology security within the application

i. New and powerful reporting functionalities

The above is only a taste of what is to come. As a leading provider of Governance, Risk & Compliance (GRC)

solutions, we believe Q-RADAR V9.6 will continue to assist Organizations on its ongoing journey to

Corporate excellence.

3. Critical Emerging Strategic Performance & Risk Issues

To better support our clients, we have outlined below recent global strategic performance and risk issues.

The information contained is based on sources we believe to be reliable, but we do not guarantee its

accuracy. Tricor Roots Consulting does not have any ownership over this information, nor does it represent

our opinion.

Outline

Intellectual property is often the crown jewel of a company’s assets. As

much as 75% of most organizations’ value and revenue source are derived

from intellectual property, intangible assets and proprietary competitive

advantages. As a result, the misappropriation of trade secrets, piracy,

counterfeiting and the introduction of fake or inferior components into

supply chains can have devastating consequences.

For instance, Ford Motor Co. suffered more than $50 million in losses after

an engineer copied 4,000 company documents onto an external hard drive

in 2006 and went to work for a competitor. In 2009, Mattel paid a $2.3

Headlines

Understanding the

Risks: Eight Elements

of an Effective IP

Protection Program

By Pamela Passman

October 1, 2013

Risk Management

C

M

Y

CM

MY

CY

CMY

K

Tricor Roots Newsletter October 2013.ai 2 09/10/2013 16:58:48

Outline

million fine and recalled more than 2 million toys after discovering that it was

selling Barbie accessories, die-cast toy cars and other toys that were

contaminated with lead. The problem was traced to a Chinese company that

used false quality inspection documents to sell illegal lead-based paints to

Mattel’s manufacturing contractors in China.

Overall, intellectual property theft accounts for an estimated $500 billion to

$600 billion in lost sales each year, while companies lose market share, suffer

reputational damage and forfeit their competitive edge. And for consumers,

IP theft can present serious threats to health and safety.

In the recent PwC State of Compliance 2013 Survey, manufacturing

companies ranked intellectual property as one of their top three risks, along

with bribery/corruption and supply chain concerns. Meanwhile, last year,

global research organization the Conference Board released the results of a

survey conducted with general counsels, compliance officers and supply

chain managers of global companies on the separate but related issues of

corruption and intellectual property theft. Of those surveyed, 52% rated

IP protection as very challenging to manage and considered trade secret theft

the greatest IP risk.

There are a number of reasons that IP theft is an increasingly complicated

and challenging issue. With advances in technology, the preponderance of

proprietary assets - such as product formulas, customer lists, strategic plans

and blueprints - are in a digital format. Unlike physical records of the past,

digital information can be discreetly stolen in the absence of robust systems

to protect it.

A second factor is that companies are working with suppliers and business

partners who span the globe. Distance, lack of transparency in practices, and

markets where the rule of law is comparatively weak all contribute to

vulnerabilities in global supply chains.

So what systems should be in place to protect intellectual property?

According to research by the Center for Responsible Enterprise and Trade

(CREATe.org), eight key elements are necessary for an effective IP protection

program. These guidelines should apply not only to individual companies, but

to their suppliers and business partners as well:

1. Policies, Procedures and Records

Guidelines are necessary for all types of IP within an organization. A full leadership team must be aware of and promote these policies, procedures and records. There should also be systems in place for managing IP with employees and among third-party supply chain companies.

2. IP Compliance Team

A team should be responsible for IP protection and it needs to be cross-divisional and include representation from senior management.

Headlines

3 Tricor Roots InTouch Newsletter • October 2013

C

M

Y

CM

MY

CY

CMY

K

Tricor Roots Newsletter October 2013.ai 5 09/10/2013 16:58:48

Outline

3. Scope of the Program and Quality Risk Assessment

Systems must be in place to assess the risks of IP theft by company employees and among third parties.

4. Management of Supply Chain and Contractors

Systems for effective due diligence, contracts, communicating IP

protection policies and ongoing management of IP are essential.

5. Security and Confidentiality Management

Computers and corporate networks should be designed to protect IP and

confidential and proprietary information kept by employees, contractors

and third parties.

6. Training and Capacity Building

Businesses must offer ongoing IP protection and compliance training for

employees and third parties.

7. Monitoring and Measurement

Systems should be designed to monitor the implementation of the IP

protection program to ensure that it is effectively managed among

employees and third parties.

8. Corrective Actions and Improvements

Risk managers must develop a framework for implementing corrective

actions and improvement processes when a problem with the IP

compliance program occurs.

To read more, click here

About Tricor Roots Consulting

Tricor Roots Consulting is an established and vibrant organization incorporated in 1999 with the mission: Sharing a Passion

for Excellence.

Our vision is to be a global consulting firm backed by innovative software solutions. We are highly focused towards

assisting Organizations and Individuals to achieve their potential for Excellence. Tricor Roots Consulting has vast experience

in providing training and consultancy services in the field of Governance, Risk & Compliance ("GRC") which includes

Performance Management advisory for numerous public listed and many more non-listed companies in the Asia Pacific

region from a diverse range of industries.

In addition, since the release of the Q-RADAR System in September 2001, over 400 companies in the Asia Pacific region

have successfully leveraged on the system as part of the Performance Management & Risk Management Framework

Implementation.

For more information, please log on to www.tricor-roots.com.

Tricor Roots Consulting is part of the Tricor Group of companies. To find out more, go to www.tricorglobal.com.

Headlines

4 Tricor Roots InTouch Newsletter • October 2013

C

M

Y

CM

MY

CY

CMY

K

Tricor Roots Newsletter October 2013.ai 3 09/10/2013 16:58:48

Copyright © 2012 Tricor Roots Consulting Sdn Bhd. All rights reserved.

Tricor Offices

www.tricorglobal.com

Tricor Roots Consulting Sdn BhdLevel 16, The Gardens, North Tower, Mid Valley City, Lingkaran Syed Putra,59200 Kuala Lumpur, Malaysia

Tel: (60) 3 2264 3888Fax: (60) 3 2284 1696Email: info@tricor-roots.com

HONG KONG(Tricor Group Head Office)

Tricor Services LimitedTel: (852) 2980 1888Fax: (852) 2861 0285Email: info@hk.tricorglobal.com

BARBADOS

Christ Church

Tricor Caribbean LimitedCaribbean Corporate Services LtdTel: (246) 430 8400Fax: (246) 429 6446Email: info@bb.tricorglobal.com

BRITISH VIRGIN ISLANDS

Tortola

Tricor Services (BVI) limitedTel: (284) 494 6004Fax: (284) 494 6404Email: info@bvi.tricorglobal.com

BRUNEI

Tricor (B) Sdn BhdTel: (673) 223 2780 / 1 / 2Fax: (673) 223 2783Email: info@bn.tricorglobal.com

DUBAI UAE

Tricor Praesidium LimitedTel: (971) 4 358 7715Fax: (971) 4 358 7315Email: info@ae.tricorglobal.com

INDIA

Pune

SKP Tricor Corporate Services Pvt Ltd(Corporate Office)Tel: (91) 20 6645 4800Fax: (91) 20 6645 4840Email: skpt.info@skptricor.com

Chennai

SKP Tricor Corporate Services Pvt LtdTel: (91) 44 2855 3863 / 44 6691 5112Fax: (91) 44 2855 3863 / 44 6691 5199Email: skpt.info@skptricor.com

Hyderabad

SKP Tricor Corporate Services Pvt LtdTel: (91) 40 2338 6912 / 40 2338 6913Email: skpt.info@skptricor.com

Mumbai

SKP Tricor Corporate Services Pvt LtdTel: (91) 22 6617 8000Fax: (91) 22 6617 8002Email: skpt.info@skptricor.com

New Delhi

SKP Tricor Corporate Services Pvt LtdTel: (91) 11 2242 8454Fax: (91) 11 2242 8455Email: skpt.info@skptricor.com

INDONESIA

Jakarta

PT Amalgamated TricorTel: (62) 21 574 1177Fax: (62) 21 574 1188Email: info@id.tricorglobal.com

JAPAN

Tokyo

Tricor K.K. Tel: (81) 3 4580 2700 Fax: (81) 3 4580 2701 Email: info@jp.tricorglobal.com

LABUAN

Tricor Trustco (Labuan) LtdTel: (60) 87 453 288 / 87 443 118 / 87 443 188Fax: (60) 87 441 288 / 87 451 288Email: info@my.tricorglobal.com

MACAU

Tricor Services (Macau) LimitedTel: (853) 2878 8022Fax: (853) 2878 8021Email: tricor@macau.ctm.net

MAINLAND CHINA

Beijing

TRICOR Consultancy (Beijing) LimitedTel: (86) 10 8587 6818Fax: (86) 10 8587 6811Email: info@cn.tricorglobal.com

Shanghai

TRICOR Consultancy (Beijing) Limited - Shanghai BranchTel: (86) 21 6391 6893Fax: (86) 21 6391 6896Email: info@cn.tricorglobal.com

Shenzhen

TRICOR Consultancy (Beijing) Limited - Shenzhen BranchTel: (86) 755 8246 0282Fax: (86) 755 8246 0332Email: info@cn.tricorglobal.com

MALAYSIA

Kuala Lumpur

Tricor Services (Malaysia) Sdn Bhd(Corporate Office)Tel: (60) 3 2264 8888Fax: (60) 3 2282 2733Email: info@my.tricorglobal.com

Ipoh

Tricor Corporate Services Sdn Bhd Tricor Investor Services Sdn BhdTel: (60) 5 548 0888Fax: (60) 5 545 9222Email: info@my.tricorglobal.com

Johor Bahru

Tricor Corporate Services Sdn BhdTricor Investor Services Sdn BhdTel: (60) 7 332 2088Fax: (60) 7 332 8096Email: info@my.tricorglobal.com

Kota Kinabalu

Tel: (60) 88 231 790 / 88 254 252Fax: (60) 88 266 842Email: info@my.tricorglobal.com

Kuching

Tel: (60) 82 480 022Fax: (60) 82 480 055Email: info@my.tricorglobal.com

Melaka

Tricor Corporate Services Sdn BhdTel: (60) 6 281 5300Fax: (60) 6 281 5332Email: info@my.tricorglobal.com

Penang

Tricor Corporate Services Sdn BhdTel: (60) 4 229 6318Fax: (60) 4 226 8318Email: info@my.tricorglobal.com

Seremban

Tricor Corporate Services Sdn BhdTel: (60) 6 762 3339Fax: (60) 6 762 9693Email: info@my.tricorglobal.com

SINGAPORE

Tricor Singapore Pte LtdTel: (65) 6236 3333Fax: (65) 6236 4399Email: info@sg.tricorglobal.com

THAILAND

Bangkok

Tricor Outsourcing (Thailand) LimitedTricor Executive Recruitment Limited Tel: (66) 2 343 1200Fax: (66) 2 286 4130 / 2 286 2020Email: info@th.tricorglobal.com

UNITED KINGDOM

London

Tricor Services Europe LLPTel: (44) 020 7648 8960Fax: (44) 020 3216 2002Email: info@uk.tricorglobal.com

Copyright © 2013 Tricor Roots Consulting Sdn Bhd. All rights reserved.

C

M

Y

CM

MY

CY

CMY

K

Tricor Roots Newsletter October 2013.ai 4 09/10/2013 16:58:48