Question for IT/security folks

[dowie]

It might just be me but I'm wondering why an RTF file for the data in the first place? A spreadsheet sounds a much more natural option but I'm sure they know what they're doing.

the file he's sending needs to contain the data in a format they can use to import it into their accounting software

 

[Curio]

This ^ How is your accountancy company going to do your accounts without financial data?

Well, they're not our accountants. They specialize in analyzing data and seeing where you can save money on taxes. Seems a bit shady to me, but then again I know nothing about finances!

As for sending the files. Just get your boss to email you saying its OK. If you're struggling to play Cover Your Arse in a 15 man organisation never get a job in IT in a huge Public Sector organisation. Playing CYA in one of those is a work of art, and full time job. Trust me.

The problem is though, in a small company like this there are no procedures in place.....people just make stuff up as they go along A big company would most likely have a specialist who would take care of this. I have to do tech support, cover customer service, cover the warehouse, unplug the toilet and change the air-con filters up in the roof - all of which I've done over the past 2 days On the plus side, I get to put these procedures in place as they come up, which is kinda cool.

Anyway, UPDATE (I'm a few hours behind you guys...) - my boss got my e-mail and obviously realized "hmm, yeah, we shouldn't be so quick to hand over the data" - so he told me he's going to talk to our accountant again and make sure this other company is completely on the up-and-up. I think he was impressed that I showed caution and made him put the brakes on

As for the data being in an rtf format, well that's just the easiest way our software exports stuff. They seem to think they can work with it, but if not I'll have to try and get it into Excel or something else.....which it can probably do if I dig a bit deeper.

Thanks again, chaps!

 

[decmatt]

If it was to see what they can do, we would have used meaningful dummy data. But my experience was for a FTSE 100 company on our market analysis. Might be overkill for a small company.

 

[Ev0]

Just get your boss to email you saying its OK. If you're struggling to play Cover Your Arse in a 15 man organisation never get a job in IT in a huge Public Sector organisation. Playing CYA in one of those is a work of art, and full time job. Trust me.

This times a million, at the end of the day no matter how big the company you need to look after yourself and make sure you're covered.

Ensure that you inform whoever is responsible/accountable for the information of the risks and that this is documented somewhere (email).

It's up to them to make the decision on what to do, end of the day it's their data and they'll be able to make the call on what to do with it.

And it's not just limited to public sector co's as my latest role has shown lol