ACCESS FLEXIBILITY WITH ESCALATION AND AUDIT 1
|
|
- Cecil Whitehead
- 5 years ago
- Views:
Transcription
1 ACCESS FLEXIBILITY WITH ESCALATION AND AUDIT Xia Zao and M. Eric Jonson Center for Digita Strategies Tuck Scoo of Business Dartmout Coege, Hanover NH Fu paper: 557 Words Abstract Managing information access in igy dynamic business environments is increasingy caenging. Wit tousands of empoyees accessing tousands of appications and data sources, managers strive to ensure te empoyees can access te information tey need to create vaue wie protecting information from misuse. We propose an access governance structure wit escaation options, ensuring bot fexibiity and security of information systems. Using a gameteoretic approac, we sow tat propery couping information access, audit, vioation penaties and rewards can enabe sef-interested empoyees to access information in a timey manner, seizing business opportunities for te firm wie managing security risks. Tis researc was supported troug te Institute for Security Tecnoogy Studies at Dartmout Coege, under award Number 26- CS-- from te U.S. Department of Homeand Security (NCSD). Te statements, findings, concusions, and recommendations are tose of te autors and do not necessariy refect te views of te Department of Homeand Security.
2 Keywords: Information security, access contro, fexibiity, audit, escaation. Introduction Pervasive and timey access to information is a source of competitive advantage for many firms suc as investment banks, researc aboratories, and ospitas. Tecnoogy as made information more avaiabe trougout and between organizations, enabing coaboration and fueing innovation. Te iterature on innovation as ong discussed te benefits of free-fowing information, inking it to innovation productivity (e.g., Baker and Freeand 972; Tsai, 2; von Hippe 994). Likewise, te services and suppy cain iterature ave aso extoed te benefits of increased information avaiabiity (e.g., Lee et a. 2; Ratnam et a. 995). Wit web-based toos inked to vast enterprise data sources, firms today ave made muc data and appications readiy avaiabe to tousands of empoyees, business partners, and customers at very ow cost. Tus, in environments were information can resut in significant profits or is critica to outcome quaity, firms are driven to invest in tecnoogies tat increase information avaiabiity. Unfettered information access, owever, can create significant security concerns, driving managers to constrict te avaiabiity of information. Suc efforts become indispensibe wit te recent enforcement of many government reguations, suc as Sarbanes-Oxey (SOX), Payment Card Industry Data Security Standard (PCI DSS), Heat Insurance Portabiity and Accountabiity Act (HIPAA), Gramm-Leac-Biey Act (GLBA), Persona Information Protection and Eectronic Documents Act (PIPEDA), and te European Union Directive on Data Privacy (EU Directive), wic a incude anguage requiring firms to maintain some eve of 2
3 access contro. Driven by fears of data breaces, inteectua property osses, and compiance vioations, firms are working to reduce information accesses troug better contros and governance. Terefore, te roe of access governance as become increasingy important in baancing security and avaiabiity. Current practice of access governance focuses on te tecnica impementation of privieges and entitement 2. For exampe, access contros dictate user privieges to view a fie, execute an appication, sare data wit oter agents, and so on. Users can ony use data wen tey ave te corresponding entitements. By far, te firm s most important guideine of impementing access governance is to prevent misuse of data - eiter intentionay (suc as using te data to make iega stock trades) or unintentiona (suc as storing te data on device tat is vunerabe to a security breac). One important criterion of access governance is known as te rue of east priviege, i.e., eac user is provided wit te minimum entitements needed to perform er/is task (Aveksa 27). To ensure te rue of east priviege, an access contro system must be customized and dynamicay managed incuding five components request, approve, administer, enforce and monitor. Specificay a user requests an entitement; te owner (typicay te business owner of te data) examines te request and ten approves or rejects it; te administrator modifies te user s entitements; te user accesses te resource and te system ogs 2 An entitement is a resource tat a person is autorized to access in a certain way; for exampe, opening case fies migt be an entitement for appication X. In practice, entitement, priviege and permission are used intercangeaby. 3
4 te user s activities; and te auditor examines te ogs and evauates users activities. Figure sows te access governance system wit te rue of east priviege. Figure. Access Governance System wit te Rue of Least Priviege To enforce te rue of east priviege, empoyees accesses must be continuay updated and audited to remain in syncronization wit te canging organization. In arge organizations wit tousands of users interacting wit tousands of different appications and data sources, eac aving many eves of priviege, te assignment and maintenance of access are daunting. Te rue of east access is aso imiting in many situations were it is difficut to foresee a information needs in advance. For exampe, in a ospita setting, emergencies arise were attending pysicians may find temseves caring for anoter doctor s patient. In te increasingy dynamic environment, organizations frequenty face unanticipated situations and ave to adjust teir organizationa structures and personne to adapt te consumers needs. Rigid access contro deays an organization s response to te canging markets, resuting in missed opportunities or degraded service quaity. In current practice, fexibiity of access governance is sometimes acieved by overentitement. In a fied study of an investment bank, we found tat 5-9% of empoyees are overentited. Tis 4
5 outcome is rationaized by te argument tat ong-term empoyees are vauabe and need quick access to information to create vaue for te firm. But, as te empoyees are permanenty overentited, tey become arger security risks to te organization because teir accesses coud be used maiciousy or accidentay. Wie te maicious insiders make te eadines (Joy 28), in many cases, benign overentited empoyees pose a muc arger risk to temseves and te organization because of secondary vunerabiities ike te oss of a aptop wit sensitive data or because a maicious acker coud gain access to substantia firm information troug a singe overentited account. In an increasingy dynamic word, information governance must be fexibe, yet secure. In tis paper, we define access governance as an integrated system incuding poicies, contros, incentives, and processes tat manage user access to information resources. Te goa of suc access governance is to ensure te information systems to deiver te rigt information to te rigt peope at te rigt time, but aso protect te information from misuse, incuding security and privacy vioations. To acieve fexibiity, we consider a different approac were empoyees are aowed to escaate into controed data and appications wen needed. Tis aows one-time access witout any time-deaying approva process. In fact, we ave witnessed cases were escaation is used to sove a faiure of traditiona access contro system. For exampe, te investment banking sector refers to suc an approac as override (Rissanen et a. 24), and te eat care sector refers to it as break gass (Ferreira et a. 26). Escaation potentiay breeds significant security risks since empoyees may abuse teir abiity to access information. For exampe, accessing 5
6 information not for business reasons but rater for persona benefit. To mitigate te associated security risks, te escaation activities are ater audited, and empoyees found to be abusing teir accesses are penaized. Auditing (or monitoring) wit vioation penaties ave been impemented by firms seeking to drive desired beavior from empoyees or partners wit respect to financia reporting, contract and reguation compiance. For exampe, Inte issues speeding tickets to empoyees tat vioate information security poicies. In addition to penaties, we aso consider te possibiity tat te firm uses rewards to motivate empoyees. In tis paper, we design an access governance poicy wit escaation options wic coupes escaation accesses wit rewards, audit and vioation penaties. We use a game-teoretic mode to anayze te empoyees incentives and te firm s poicy design probem. Te resuts sow tat a propery designed governance poicy coud provide te desired access fexibiity wit a significant eve of contro. Figure 2 sows te information governance system wit escaation. 6
7 Figure 2. Access Governance System wit Escaation Of course, escaation must be confined to cases were te risk of faiure or te cost of recovery is reativey ow compared to te cost of not granting access (e.g., te potentia vaue created troug escaation). It may not be suited to some financia or trading systems were tere is significant risk of massive fraud. Rater it is usefu in cases were tere are sma risks or were te potentia vaue of business opportunities is very ig. For exampe, escaation is very effective in situations were emergency access may save someone s ife, or in a time-critica system were te person wit te necessary privieges may be unavaiabe (Povey 2). Te paper is organized as foows. In Section 2, we review te reated iterature. In Section 3 and Section 4, we outine te mode and anayze te game. We capture te important caracteristics of te optima access governance poicy wit escaation options. Finay we concude wit impementation guidance in Section Reated Literature Te tecnoogica aspect of impementing escaation in access contro as been studied in computer science iterature. Povey (2) broady discussed an optimistic access contro sceme wit escaation and deveoped a forma mode to ensure te integrity of computer systems incuding accountabiity, auditabiity and recoverabiity. Rissanen et a. (24) empasized te importance of audit and manua recovery in providing overriding of access contro. Ferreira et a. (26) described te design and initia impementation of a Break-Te-Gass poicy in a virtua Eectronic Medica Record system. Our paper focuses on te economic aspect of te access 7
8 governance wit escaation and uses a principa and agent setting to study te poicy design probem. Principe and agent modes ave been examined in a variety of contexts (e.g. Ante and Eppen 985; Arrow 985; Baiman 99; Harris and Raviv 979; Harris et a. 982; Homstrom 979; Save 979, etc.). Our paper cosey reates to a arge stream of iterature wic studies te audit poicy in te principa and agent framework (Baron and Besanko 984; Dye 986; Harris and Raviv 996; Kim and Su 992; Townsend 979). Townsend (979) was one of te first modes to examine te costy verification. Dye (986) sowed tat optima monitoring poicies are deterministic and ower-taied. Kim and Su (992) aso focused on te deterministic monitoring poicy in wic te optima investment in audit tecnoogy is endogenousy determined. Tey found te ower-taied poicy is one of te specia cases. Baron (984) investigated te random audit poicy in a reguatory pricing probem. Firms are privatey informed about teir cost functions and required to report tem to te reguator. Baron (984) found tat te optima audit poicy incudes terms tat firms may be penaized even toug tey report teir best knowedge because of ex post uncertainty. And Harris and Raviv (996) expored te random audit poicy in te capita budgeting process and identified cases of overinvestment as we as underinvestment. In our paper, we caracterize te optima audit sceme wic eps te firm acieve a significant eve of fexibiity at some expense of security risks. 8
9 3. Mode We consider te case were users gain access to data and appications troug a system empoying access contro. We focus on te firm s optima strategy in cases were tere are ony a few, discrete situations were empoyees may need more access for exampe, wen teir boss is on vacation. In tose situations, firms may aow empoyees to escaate access but ten audit teir actions (at a cost) afterward and penaize empoyees for misuse or reward for vaue generation. We mode te coection of appications and data as measured on a continuous scae of information, wit eac priviege weigted to refect te amount and sensitivity of te data. Based on vaue generated by an empoyee and te associated information risk, te firm assigns te empoyee a reguar access eve to perform routine tasks. Periodicay empoyees may face an opportunity to create more vaue by accessing information beyond er/is reguar access. We assume tat wit probabiity π ( or π ), an empoyee wi observe suc an opportunity wit ig (or ow) revenue potentia; wit probabiity π = π π, s/e does not observe any opportunity. We refer to tese situations as te ig state, denoted as θ, ow state θ and reguar state θ. We assumeθ > θ > θ =. We use a to denote te access eve. Te firm aows empoyees to escaate teir access eves temporariy to seize te business opportunities. Te net revenue from a business opportunity is determined by θ ( i,, i = ) and te empoyee s escaated access eve a, i.e., U( θ, a) i. Access contro, wie 9
10 providing a measure of security, restricts empoyees fexibiity to monetize te business opportunities. Terefore te more access rigts an empoyee as, te more ikey tat s/e creates vaue for te firm. We assume tat U(, a) θ is an increasing and concave function of a. U > i and U a. Tis is a reasonabe assumption as increased avaiabiity of information can increase revenue generating potentia, but is eventuay imited by te ski and knowedge of te empoyee. Te impact of fexibiity on firm revenue is more significant wen te firm observes a iger revenue potentia tan wen it observes a ower revenue potentia. Terefore, we assume tat te margina revenue of te information access in a iger state is arger tan tat in a ower state, U θ a >. Figure 3 sows an exampe of te firm s revenue functions from emergent opportunities in tree states. a Figure 3. Firm s Revenue Functions in Tree States Te firm bears costs associated wit te escaation access eve of C( a ) incuding additiona security risks and routine tecnica support required to prudenty maintain tat access. C( a ) is
11 an increasing and convex function. C a > and C a >. Tis we-modes te case were providing far too muc access can eventuay resut in severe consequences (risks and cost to mitigate risk). To mitigate risk of unnecessary escaation, te firm contros te escaation fexibiity and audits eac instance of escaation. In particuar, te firm offers tree escaation options, { a a a }, corresponding to te states { },, te escaation access eve a i wen te state θ i arises. θ,, θ θ and motivates empoyees to coose Empoyees derive some private benefit by accessing information and data and prefer iger access eves to ower ones. Suc "snooping" vaue is not uncommon - we ave witnessed cases in eat care, providers may examine te records of a patient for er/is own benefit. Te empoyee's private benefit from escaation is u( a ). u( a ) is an increasing and concave function. u > and u. Since some empoyees may take advantage of te fexibiity and not coose a a te rigt escaation options (coosing a i in te state θ j, j i ), te firm audits te instances of escaation at a cost and penaizes te escaation misuse. It is assumed tat te firm can detect misuse wit probabiity p by investing D( p ) in te audit capabiity. Te audit spending incudes iring auditors, tracking escaation instances, and verifying te business opportunities by communicating wit te manager or coworkers of te empoyees. We refer to p as te audit precision. D p is an increasing and convex function. D > and D >. Te empoyee wi be penaized at te eve of F if s/e is detected to misrepresent te state tat s/e observes. We assume tat te maxima vioation penaty is F. Witout oss of generaity, we assume tat if an empoyee coice is consistent wit te state (coosing a i in te state θ i ), tere is no audit error, p p
12 i.e., p =. In addition to audit and penaties, te firm may reward empoyees for coosing te rigt escaation options. w i is used to denote te reward based on te escaation options te empoyee cooses. Te audit precision, penaty and reward can be contingent on empoyees coices. Te firm maximizes its expected profit by designing an access governance poicy wit escaation options {( ai, wi, pi, Fi) i,, } =. Te sequence of events is sowed in Figure 4. We use one empoyee as an exampe. At stage, te firm announces its access governance poicy wit escaation options; At stage 2, an empoyee observes te state and ten cooses an escaation option; Finay, te firm audits te escaation instance, rewarding or penaizing te empoyee according to te announced access governance poicy. Figure 4. Te Sequence of Events Te empoyee's expected payoff, denoted by Π empoyee, can be represented by 2
13 wi + u ai if s/e cooses ai wen θ= θi Π empoyee = i, j =,, pf i i + pi wi + u ai if s/e cooses ai wen θ= θ j, j i Te firm s expected profit is (, ) E U θ a C a D p w i i i i i. Let firm expected profit obtained by te foowing optimization probem. ( θ ) Π = max E U, a C a D p w firm ai, wi, Fi, p i i i i i i st.. w + u( a) p F + p w + u( a ), j i, if θ = θ (IC) i i j j j j j i w + u( a ) (IR) w i i i, a, p, F F, i =,, i i i Π be te maximum were (IC) are te empoyee s incentive constraints and (IR) are te empoyee s individua rationaity constraints. 4. Anaysis and Resuts To gain manageria insigt, we anayze te foowing (tractabe) functiona forms. We assume tat te firm s revenue function is inear, ( θ ) U i, a = θia, ( i =,, ) were θi represents te firm s margina revenue of information access. Te empoyee s private benefit function is aso inear, u( a) = ba were b is te empoyee s margina private benefit of information access. Te assumption of inear revenue and private benefit functions does not resut in any oss of generaity because te firm can aways redefine te map between te coection of appications and data and te continuous scae of information, and transform te reationsip between te benefit and information access to a inear one. We assume te cost functions are quadratic, 2 C a = 2 sa, s >. Besides te frequent use of convex cost functions in te iterature (e.g., 3
14 Kannan and Teang 25; Krisnan and Zu 26; Motta 993), quadratic cost functions nicey capture te iger security risks associated wit iger access as we as te cost of additiona IT 2 resources for maintaining access. Simiary, te audit cost function is refects te increasing difficuty of improving te audit precision. D p = 2 tp, t >, wic 4. Bencmark Case We first consider a bencmark case were tere is no information asymmetry between te firm and empoyees. Te firm can directy observe te states (i.e. an opportunity wit ig revenue potentia, an opportunity wit ow revenue potentia, or no business opportunity) and assign te access eves to empoyees. In tis case te firm does not need to impement any incentive sceme (neiter reward nor penaty). Te firm s optimization probem can be represented by Π = max E θ a sa 2 optima 2 ai, i=,, i i i Te optima access eve is given by a = θ ( i =,, ). Wen te firm observes a business i s i opportunity wit ig revenue potentia, it wi assign θ to te empoyee; wen it observes an opportunity wit ow revenue potentia, it wi assign θ to te empoyee; oterwise, it wi not assign any additiona access to te empoyee. Te firm s optima profit is s s 2 2 Π optima = 2s π θ + πθ. 4
15 4.2 Asymmetric Information Wen tere is information asymmetry between te firm and empoyees, te firm wi design te escaation options in a way tat te empoyee wi coose te rigt option in eac state, i.e. te empoyee wi coose a i if te state is θ i. Terefore, te empoyee's incentive constraints are as foows. Hig state: ( ) w + ba pf + p w + ba IC HL w + ba pf + p w + ba IC H Low state: ( ) w + ba pf + p w + ba IC LH w + ba pf + p w + ba IC L Reguar state: w + ba pf + p w + ba IC H w + ba pf + p w + ba IC L Te first (or second) group of incentive constraints is for empoyees wo observe business opportunities wit ig (or ow) revenue potentia. Te tird group of incentive constraints is for empoyees wo do not observe any business opportunity. Presumaby, if empoyees do not observe any business opportunity, te firm soud not aow tem to escaate, i.e. a =. We do not impose tis constraint in order to identify a better soution wic gives te firm a iger profit. Propery designed escaation options wi induce empoyees to coose te rigt escaation eves and ence discose teir observations. We focus on te case were p =. Tat is, if an empoyee cooses te option a and s/e caims tat s/e does not observe any business 5
16 opportunity, te firm does not audit suc instances. Given tat escaation is used to ande unusua situations, it is reasonabe tat te firm does not investigate te reguar states 3. We can substitute p = into (IC-H) and (IC-L) and obtain te foowing inequaities. * w + ba w + ba IC H * w + ba w + ba IC L It is easy to find tat (IC-HL), (IC-LH) and (IR) are not binding. For exampe (IC-HL) is impied by (IC-H*) and (IC-L).Te firm s optimization probem can be simpified as ( a ) ( ) ( 2sa 2tp w a 2sa 2tp w 2sa w) Π = max π θ + π θ + π firm a, w, p, F a, w, p, F a, w st w ba w ba *.. + (IC-H ) w + ba w ba + ba * (IC-L ) w + ba + p F p w ba (IC-H) w + pf p w ba (IC-L) w, w, w, a, a, a, p, p, F, F F () Proposition : If te firm detects tat an empoyee misrepresents er/is observation, te firm wi penaize er/im to te maxima eve. i.e., F = F = F. (See Appendix for a proofs.) 3 In practice, periodica entitement reviews may be conducted to examine empoyees reguar access rigts and en sure tat empoyees ave te adequate access rigts to accompis teir tasks. 6
17 Te audit and associated vioation penaties deter empoyees from mirepresenting te business opportunities tey observe. Since te firm does not incur any cost by penaizing empoyees after it detects misuse, it aways penaizes tem to te maxima eve to reduce te audit spending. Proposition 2 caracterizes te escaation options wen te penaty can be extremey ars, i.e. F. Proposition 2: If F approaces infinity, te firm ony offers two options, {( ai, wi, pi, F) i, } =. In particuar, a = θ, a = θ, w = w =, p = p = ε. And te 2 2 firm can acieve te optima profit, 2s ( π θ πθ ) s +. s If te firm can render extreme penaties, for detected misuse, empoyees ave no incentive to misrepresent teir observations even toug tere is ony a sigt cance of being detected. Te firm does not need to offer any additiona information access to empoyees wo do not observe any business opportunity. Te firm can design te escaation options wit a very ow audit precision and no reward. However, an infinite penaty is impossibe to impement, e.g., te firm cannot take an empoyee s ife. Next we consider te situation tat tere is an upper bound for te penaty. To avoid trivia cases, we assume tat te difference between θ and θ is greater tan b π, i.e. b < π θ θ, and tat te audit is so costy tat it is aways not optima for te firm to invest to acieve audit precision of p =. Proposition 3 caracterizes te escaation options. 7
18 Proposition 3: Te optima soutions of te optimization probem () are {( ai, wi, pi, Fi) i,, } =, w =, π = were a s ( θ π b) p = F, F π tπ = F, a = ( θ + b), s p =, 2 b π ( 2 2 w = sb + s θ θ stπ sf + tb ), a s b =, 2 b π w ( 2 2 sb sθ stπ sf tb ) = + +, p =, F F,, F 4. () Information access: te access eve for te business opportunity wit ig revenue potentia is ower tan te optima eve in te bencmark case (underentitement); and te access eves for te ow revenue potentia and no business opportunity are iger tan te optima ones (overentitement). (2) Audit: te firm audits te escaation instances wit iger precision if te empoyees coose a iger escaation eve tan it does if te empoyees coose a ower escaation eve. (3) Reward: Te firm does not reward empoyees wo coose te igest escaation eve but rewards empoyees wo coose te oter two escaation eves. Te game as separating equiibria in wic te firm offers te escaation options as proposition 3 presents and empoyees coose different escaation eves for different states. Te access eves, rewards, audit and vioation penaties togeter motivate empoyees to escaate information access wen necessary witout te ong-term security risks of overentitement. Te 4 Since F and F can be any vaue in te range of, F, te probem as infinite optima soutions. However, F and F do not matter because of p = p =. We can regard tis probem as a unique optima soution. 8
19 access eves in te escaation options in te asymmetric information case deviate from te optima ones in te bencmark case. Te firm designs te escaation options in tis way to save spending in audit capabiity and empoyee rewards. Consequenty, it forgoes some revenue troug underentitement and vountariy bears extra costs troug overentitement. It is counterintuitive tat te firm maximizes its profit by aowing empoyees wo do not observe any business opportunity to access extra information. It is wort remarking tat designing escaation options wit no escaation in te reguar state is feasibe (by soving te optimization probem () wit an additiona constraint tat a = ). However, suc a poicy resuts in a ower profit. It must be recognized tat zero audit precision does not mean tat te firm never audits escaation instances at a. Te audit precision captures te eve of additiona time and effort by te firm in investigating te escaation instances compared to reguar information access services. Te firm soud pay additiona attention to te instances of ig escaation eve and ande oter escaation instances as te reguar services suc as granting reguar information access. From te empoyees perspective, te empoyees wo observe ig revenue potentia obtain a ig information access and generate ig private benefit witout te risk of being penaized. Tey wi not coose oter escaation options even toug tey wi not be rewarded by te firm. Te empoyees wo observe ower revenue potentia or no business opportunity are deterred 9
20 from over-caiming teir observations by te audit possibiity and potentia penaties. Tey are aso compensated by te firm troug rewards for discosing teir observations. Te firm makes a positive profit by offering te escaation options in te asymmetric information ( π ) ( ) πθ πθ π b bπθ π bθ tπ sf tb Π firm = 2s >, wic case, justifies te provision of te escaation options. However, te firm s profit in te asymmetric information case is ower tan te optima profit in te bencmark case for tree reasons. First, te access eves in te escaation options deviate from te optima access eves in te bencmark case (overentitement or underentitement); second, te firm as to invest in audit capabiity; finay te firm sares its profit wit te empoyees troug rewards. Te profit difference between te bencmark case and asymmetric information case is te vaue of information, i.e. ow muc te firm is wiing to pay to observe te business opportunities ex ante. 2 ( π ) ( ) π b π bθ π bθ tπ sf tb ΔΠ = Πoptima Π firm = 2s >. Proposition 4 summarizes some comparative statics. Proposition 4: Te vaue of information is increasing in θ, b and t and decreasing in θ and s. Te vaue of information is iger wen it is more costy for te firm to motivate empoyees to discose teir observations. Wen te margina revenue of information access in te ig state is iger, te difference between te escaation access for te ig state and tat for te oter two states is arger. Empoyees observing ow business opportunities or no business opportunity are 2
21 more ikey to ceat. Te firm needs to reward more and/or audit wit iger precision to prevent suc beavior. Wen te margina revenue of information access in te ow state is iger, te escaation access for te ow state is coser to tat for te ig state. Empoyees ave ess incentives to pretend to ave observed a ig business opportunity. Consequenty, te vaue of information is ower. Te iger margina private benefit of information access is, te more te empoyees ave incentives to ceat. Te firm as to distort te escaation access more and offer iger reward to drive empoyees to report trut, resuting in iger costs. Terefore, te vaue of information increases. On te cost side, iger audit cost reduces te firm s capabiity to detect ceating beavior, wic makes te information more vauabe. Te cost of security risks, on te oter and, reduces te vaue of information. Te increase of security risks associated wit additiona information access owers te firm s wiingness to offer iger escaation accesses. Terefore, te differences between te information accesses for different states are owers, wic reduces empoyees incentives to ceat and makes it easy for te firm to motivate empoyees. 5. Concusion Using game-teoretic anaysis, we ave sown ow te firm can encourage vaue creation troug fexibe access governance, wie controing information misuse. By propery designing te access governance wit escaation options, te firm seizes every business opportunity 2
22 witout bearing significant security risks. Escaation eves, rewards, audit and vioation penaties togeter provide empoyees wit incentives to escaate teir information accesses to te appropriate eves. Our anaysis provides many interesting insigts into te impementation caenges of access governance wit escaation.. Te firm soud consider providing empoyees wit more information access in escaation options tan stricty needed because of information asymmetry. Suc a strategy is optima in tat te firm can take advantage of te empoyees private benefit to save audit expenditure and rewards. Te proposed sceme does not impy tat te firm soud offer tree escaation options, wit empoyees escaating no matter weter tere is a business opportunity or not. Te firm can set two options instead of tree, assigning te escaation eve wit additiona access in pace of te reguar eve (and tus freeing tem from escaating from time to time wen tere is no business opportunity). 2. Contros are critica for te successfu impementation of te escaation sceme. Escaation must be done witin te aowabe zone dictated by reguatory requirements. Some data or appications cannot be made avaiabe troug an escaation sceme. By providing options wit predefined access eves, te firm contros te imit for escaation. 3. Audit quaity is an important eement of our governance sceme. Witout te abiity to catc ceaters (i.e. te audit cost is extremey ig), firms are better-off moving towards a more traditiona rigid roe-based access approac. Escaation must be done in a way tat provides an audit trai, incuding records of wo requested it, wen, wat data was accessed, and wat vaue was created (e.g., te type of transaction being performed) (Rissanen et a., 24). Neverteess, perfect monitoring is tecnoogicay caenging or financiay undesirabe in 22
23 most cases. Tis study provides managers guidance on baancing te audit expenditure and te security risks. 4. Penaty instruments need not be monetary or be directy evied against te empoyees. For exampe, operationa penaties coud be very effective, suc as mandatory attendance at compiance training for vioators or requiring empoyees to fie reports for te iegitimate escaation. We ave aso observed cases were te security fines were evied against te empoyees manager, igigting te manager s responsibiity for training. 5. Te firm needs to know empoyees private benefit to propery design te escaation options. It is important for te firm to earn empoyees caracteristics over time or troug oter approaces, and ony grant escaation fexibiity to known empoyees. 6. Te vaue of te access governance system wit escaation options aso incudes te possibiity tat te firm earns te dynamics of te business environment from empoyees. Sometime te firm is unaware of potentia business opportunities simpy because empoyees forwent tem. Te escaation sceme creates an impicit communicate canne between te firm and empoyees. It is aso possibe for te firm to spot trends tat coud identify a potentiay maicious insider. Finay, it can be very epfu in estabising reguar access eves and understanding ow empoyees roes cange over time (sometimes referred to as roe drift). By observing empoyees needs over time, te firm can adjust teir reguar accesses accordingy. 23
24 Appendix Proof of Proposition Proof: Since arger F and F make (IC-H) and (IC-L) easier to od and F and F do not appear in te firm s expected profit function, te firm maximizes its profit by imposing te maxima eve of penaty. Proof of Proposition 2 Proof: If F, (IC-H) and (IC-L) are not binding if p = p >. Te optimization probem can be simpified as ( a ) ( ) ( 2sa 2tp w a 2sa 2tp w 2sa w) Π = max π θ + π θ + π firm a, w, p a, w, p a, w st w ba w ba *.. + (IC-H ) w + ba w ba w, w, w, a, a, a, < p, p * (IC-L ) Smaer a and w make te (IC-H * ) and (IC-L * ) easy to od and increase te firm s expected profit, te firm wi set a = w =. (IC-H * ) and (IC-L * ) are not binding. Te firm s optimization probem can be furter simpified as ( a ) ( 2sa 2tp w a 2sa 2tp w ) Π = max π θ + π θ firm a, w, p a, w, p st.. w, w, a, a, < p, p 24
25 We can obtain a = θ, a = θ, w = w =. Since te penaty is effective ony if misuse can s s be detected, te firm as to audit escaation instances. p = p = ε. Te firm s profit approaces 2s ( π θ πθ ) Proof of Proposition 3 Proof: Te Lagrangian of te firm s optimization probem can be represented as ( 2 2 ) ( ) ( ) L = π θ a sa tp w + π θ a sa tp w + π sa w ( w ba w ba ) λ ( w ba w ba ) λ + λ ( w ba pf p w ba) ( w ba pf ( p) w ba) + λ FOC w.r.t. FOC w.r.t. a : π ( θ sa ) λb λ3b = p : π( tp) + λ3 ( F + w) = FOC w.r.t. w : π λ λ ( p ) + = 3 FOC w.r.t. FOC w.r.t. a : π ( θ sa ) + λ2b λ4b = p : π( tp) + λ4 ( F + w) = FOC w.r.t. w : π λ λ ( p ) + = 2 4 FOC w.r.t. FOC w.r.t. a : π λ λ λ λ sa b 2b + 3b + 4b = w : π λ λ + λ + λ = λ w + ba w ba =, λ, w + ba w ba 25
26 λ w + ba w ba =, λ, w + ba w ba 2 2 ( ) λ λ w + ba + p F p w ba =,, w + ba + p F p w ba 3 3 ( ) λ λ w + ba + p F p w ba =,, w + ba + p F p w ba 4 4 w, w, w, a, a, a, p, p = < θ, w =, π We obtain a s( θ π b) s p = F, F π tπ = F, a = ( b+ θ ) > θ, p =, s s π ( θ θ ) π w = b + sf + tb, a b 2 b 2 2 s s st do not matter. =, 2 b π w ( 2 2 sb sθ stπ sf tb ) s = + +. F and F Proof of Proposition 4 Proof: ( π ) ΔΠ = b >. θ s ( π ) 2 2 ΔΠ t = F >. 2 2t π 2 ( π ) (( ) ( ) b π b) ( ) s π b ΔΠ = π θ π πθ = π θ πθ. b s π = + >, b π ( θ π θ) Since π π π π Terefore, ΔΠ b >. < given te assumption b π ( θ θ ) <. ΔΠ = π b <. θ s 2 2 ( π ) 2 ( ( π ) bθ ( π ) b bπθ ) π b ΔΠ = 2 2 < s 2 2s 26
27 References Ante, R. and Eppen, G. D. Capita Rationing and Organizationa Sack in Capita Budgeting, Management Science (3:2), 985, pp Arrow, K. J. Te Economics of Agency, in Principas and Agents: Te Structure of Business, Pratt, J.E., Zeckauser, R.J and Arrow, K.J. (eds.) Harvard Business Scoo Press, Boston, MA. 985, pp Aveksa. Enterprise Roes-based Access Governance, Tecnica Report, Wite Paper, 27. Baiman, S. Agency Researc in Manageria Accounting: A Second Look, Accounting Organizations and Society (5:4), 99, pp Baker, N. R. and Freeand, J. R. Structuring Information Fow to Enance Innovation, Management Science (9:) Teory Series, 972, pp Baron, D. P. and Besanko, D. Reguation, Asymmetric Information, and Auditing, Te RAND Journa of Economics (5:4), 984, pp Dye, R. A. Optima Monitoring Poicies in Agencies, Te RAND Journa of Economics (7:3), 986, pp Ferreira, A., Cruz-Correia, R., Antunes, L., Farina, P., Oiveira-Paares, E., Cadwick, D., and Costa-Pereira, A. How to Break Access Contro in a Controed Manner, in Proceedings of te 9t IEEE Symposium on Computer-Based Medica Systems (CBMS'6), 26, pp Harris, M., Kriebe, C., and Raviv, A. Asymmetric Information, Incentives and Intrafirm Resource Aocation, Management Science (28:6), 986, pp
28 Harris, M. and Raviv, A. Optima Incentive Contracts wit Imperfect Information, Journa of Economic Teory (2), 979, pp Harris, M. and Raviv, A. Te Capita Budgeting Process: Incentives and Information, Journa of Finance (5:4), 996, pp Homstrom, B. Mora Hazard and Observabiity, Be Journa of Economics (:), 979, pp Joy, D. Fraud Costs Frenc Bank $7. Biion, New York Times, 28. Kannan, K. and Teang, R. Market for Software Vunerabiities? Tink Again, Management Science (5:5), 25, pp Kim, S. K. and Su, Y. S. Conditiona Monitoring Poicy Under Mora Hazard, Management Science (38:8), 992, pp Krisnan, V. and Zu, W. Designing a Famiy of Deveopment Intensive Products, Management Science (52:6), 26, pp Lee, H. L., So, K. C., and Tang, C. S. Te Vaue of Information Saring in a Two-eve Suppy Cain, Management Science (46:5), 2, pp Motta, M. Endogenous Quaity Coice: Price vs. Quantity Competition, Journa of Industry Economics (4:2), 993, pp Povey, D. Optimistic Security: a New Access Contro Paradigm, In Proceedings of te 999 Worksop on New Security Paradigms, ACM Press, 2, pp Ratnam, S., Maajan, V., and Winston, A. B. Faciitating Coordination in Customer Support Teams: A Framework and Its Impications for te Design of Information Tecnoogy, Management Science (4:2), 995, pp
29 Rissanen, E., Firozabadi, S. B., and Sergot, M. Towards a Mecanism for Discretionary Overriding of Access Contro, In Proceedings of te 2t Internationa Worksop on Security Protocos, Cambridge, 24. Save, S. Risk Saring and Incentives in te Principa and Agent Reationsip, Be Journa of Economics (:), pp Townsend, R. M. Optima Contracts and Competitive Markets wit Costy State Verification, Journa of Economy Teory (2:2), 979, pp Tsai, W. Knowedge Transfer in Intraorganizationa Networks: Effects of Network Position and Absorptive Capacity on Business Unit Innovation and Performance, Te Academy of Management Journa (44:5), 2, pp von Hippe, E. Sticky Information and te Locus of Probem Soving: Impications for Innovation, Management Science (4:4), pp
Loading Factors and Equilibria in Insurance Markets
Loading Factors and Equiibria in Insurance Markets Yoram Eden, * Eiakim Katz, ** and Jacob Rosenberg *** Abstract: Tis paper examines te effect of introducing positive oading factors into insurance premia,
More informationAdvanced Microeconomics(ECH 32306)
Advanced Microeconomics(ECH 6) Homeork --- Soutions Expected Utiity Teory On p Jee and Reny say tat AXIOM G4 (Monotonicity) impies a an Prove tis We prove tis by contradiction Suppose a an, ten a a n and
More informationOnline Appendix to Product and Pricing Decisions in Crowdfunding
1 Onine Appendix to Product and Pricing Decisions in Crowdfunding A. Simutaneous versus Sequentia Modes Sequentia mecanism assumes tat two buyers arrive at te proposed project at different periods and
More informationLiquidity Effects of Listing Requirements
Liquidity Effects of Listing Requirements Sara Draus 1 May 009 Abstract I propose a mode in wic a stock excange can improve its iquidity by tigtening its isting requirements. Because tese reduce information
More informationShareholder activism and the timing of blockholder disclosure
Sareoder activism and te timing of bockoder discosure Simon Gueguen University of Paris-Daupine, simon.gueguen@daupine.fr Tis version: January, 207 Simon Gueguen is member of Daupine Recerce en Management
More informationProduct Pricing, Lead Time and Capacity Selection in Price and Time Sensitive Markets
Product Pricing, Lead Time and Capacity Seection in Price and Time Sensitive Markets SACHIN JAYASWAL Department of Management Sciences University of Wateroo, Canada joint work wit Eizabet Jewkes¹ and Saiba
More informationInformal unemployment and education
Kom and Larsen ZA Journa of Labor Economics 06 5:8 DO 0.86/s407-06-0048-6 ZA Journa of Labor Economics ORGNAL ARTCLE Open Access nforma unempoyment and education Ann-Sofie Kom and Birte Larsen * *Correspondence:
More informationMARKET EQUILIBRIUM UNDER THE CIRCUMSTANCES OF SELECTABLE ECONOMIC CONDITIONS. Osamu Keida
MARKET EQUILIBRIUM UNDER THE CIRCUMSTANCES OF SELECTABLE ECONOMIC CONDITIONS Osamu Keida WP-AD 2006-02 Correspondence: Kumamoto Gakuen University (E-mai:keida@kumagaku.ac.jp) Editor: Instituto Vaenciano
More informationBilateral Bargaining with One-Sided Two-Type Uncertainty
Biatera Bargaining wit One-Sided Two-Type Uncertainty Bo An Dept. of Computer Science University of Massacusetts Amerst, USA ban@cs.umass.edu Nicoa Gatti Dip. Eettronica e Inforazione Poitecnico di Miano
More informationProject selection and risk taking under credit constraints
Project seection and risk taking under credit constraints Feipe S. Iacan FGV/EPGE August 7, 203 Abstract We anayze project seection and financing under endogenous credit constraints from imited enforcement.
More informationPRICE INDEX AGGREGATION: PLUTOCRATIC WEIGHTS, DEMOCRATIC WEIGHTS, AND VALUE JUDGMENTS
Revised June 10, 2003 PRICE INDEX AGGREGATION: PLUTOCRATIC WEIGHTS, DEMOCRATIC WEIGHTS, AND VALUE JUDGMENTS Franklin M. Fiser Jane Berkowitz Carlton and Dennis William Carlton Professor of Economics Massacusetts
More informationCOMPARING ALTERNATIVE REIMBURSEMENT METHODS IN A MODEL OF PUBLIC HEALTH INSURANCE
XIV CONFERENZA IL FUTURO DEI SISTEMI DI WELFARE NAZIONALI TRA INTEGRAZIONE EUROPEA E DECENTRAMENTO REGIONALE coordinamento, competizione, mobiità Pavia, Università, 4-5 ottobre 2002 COMPARING ALTERNATIVE
More informationChapter 8. Introduction to Endogenous Policy Theory. In this chapter we begin our development of endogenous policy theory: the explicit
Capter 8 Introduction to Endogenous Policy Teory In tis capter we begin our development of endogenous policy teory: te explicit incorporation of a model of politics in a model of te economy, permitting
More informationNBER WORKING PAPER SERIES THE RISE OF THE SERVICE ECONOMY. Francisco J. Buera Joseph P. Kaboski. Working Paper
NBER WORKING PAPER SERIES THE RISE OF THE SERVICE ECONOMY Francisco J. Buera Josep P. Kaboski Working Paper 4822 ttp://www.nber.org/papers/w4822 NATIONAL BUREAU OF ECONOMIC RESEARCH 5 Massacusetts Avenue
More informationA Guide to Mutual Fund Investing
AS OF DECEMBER 2016 A Guide to Mutual Fund Investing Many investors turn to mutual funds to meet teir long-term financial goals. Tey offer te benefits of diversification and professional management and
More information2.15 Province of Newfoundland and Labrador Pooled Pension Fund
Introduction Te Province of Newfoundland and Labrador sponsors defined benefit pension plans for its full-time employees and tose of its agencies, boards and commissions, and for members of its Legislature.
More informationNumber of Municipalities. Funding (Millions) $ April 2003 to July 2003
Introduction Te Department of Municipal and Provincial Affairs is responsible for matters relating to local government, municipal financing, urban and rural planning, development and engineering, and coordination
More informationKey Features of the Tax-Free Flexible Plan
Key Features of the The Key Features suppied beow appy to the adut investment eement of the Famiy Fexibe Pan. No advice has been provided by Scottish Friendy in reation to this pan. If you are in any doubt
More informationECON 200 EXERCISES (1,1) (d) Use your answer to show that (b) is not the equilibrium price vector if. that must be satisfied?
ECON 00 EXERCISES 4 EXCHNGE ECONOMY 4 Equilibrium in an ecange economy Tere are two consumers and wit te same utility function U ( ) ln H {, } Te aggregate endowment is tat prices sum to Tat is ( p, p)
More information11.1 Average Rate of Change
11.1 Average Rate of Cange Question 1: How do you calculate te average rate of cange from a table? Question : How do you calculate te average rate of cange from a function? In tis section, we ll examine
More informationComplex Survey Sample Design in IRS' Multi-objective Taxpayer Compliance Burden Studies
Complex Survey Sample Design in IRS' Multi-objective Taxpayer Compliance Burden Studies Jon Guyton Wei Liu Micael Sebastiani Internal Revenue Service, Office of Researc, Analysis & Statistics 1111 Constitution
More informationIntroduction. Valuation of Assets. Capital Budgeting in Global Markets
Capital Budgeting in Global Markets Spring 2008 Introduction Capital markets and investment opportunities ave become increasingly global over te past 25 years. As firms (and individuals) are increasingly
More informationDATABASE-ASSISTED spectrum sharing is a promising
1 Optimal Pricing and Admission Control for Heterogeneous Secondary Users Cangkun Jiang, Student Member, IEEE, Lingjie Duan, Member, IEEE, and Jianwei Huang, Fellow, IEEE Abstract Tis paper studies ow
More informationCorporate fraud and investment distortions in efficient capital markets
AND Journa of Economics Vo. 4, No. 1, Spring 29 pp. 144 172 Corporate fraud and investment distortions in efficient capita markets Praveen Kumar and Nisan Langberg Inefficient investment aocation induced
More informationA guide to your with-profits investment and how we manage our With-Profit Fund
Important information A guide to your with-profits investment and how we manage our With-Profit Fund For customers investing through a With Profits Pension Annuity. Contents This guide is important as
More information2.11 School Board Executive Compensation Practices. Introduction
Introduction Figure 1 As part of Education Reform in 1996-97, 27 denominational scool boards were consolidated into 10 scool boards and a Frenc-language scool board. From 1 January 1997 to 31 August 2004
More informationf (tl) <tf(l) for all L and t>1. + u 0 [p (l ) α wl ] pα (l ) α 1 w =0 l =
Econ 101A Midterm Th November 006. You have approximatey 1 hour and 0 minutes to answer the questions in the midterm. I wi coect the exams at 11.00 sharp. Show your work, and good uck! Probem 1. Profit
More informationPoverty Effects of the Minimum Wage: The Role of Household Employment Composition
Corne University ILR Scoo DigitaCommons@ILR Working apers ILR Coection -007 overty Effects of te Minimum Wage: Te Roe of Houseod Empoyment Composition Gary S. Fieds Corne University, gsf@corne.edu Baran
More informationDelocation and Trade Agreements in Imperfectly Competitive Markets (Preliminary)
Delocation and Trade Agreements in Imperfectly Competitive Markets (Preliminary) Kyle Bagwell Stanford and NBER Robert W. Staiger Stanford and NBER June 20, 2009 Abstract We consider te purpose and design
More informationACC 471 Practice Problem Set # 4 Fall Suggested Solutions
ACC 471 Practice Problem Set # 4 Fall 2002 Suggested Solutions 1. Text Problems: 17-3 a. From put-call parity, C P S 0 X 1 r T f 4 50 50 1 10 1 4 $5 18. b. Sell a straddle, i.e. sell a call and a put to
More informationImproved lower bounds for hard Project Scheduling instances
Improved ower bounds for ard Proect Sceduing instances Guierme Henrique Ismae de Azevedo Universidade Federa Fuminense Rua Passo da Pátria, 56, saa 309 Boco D, São Domingos, Niterói - RJ guiermeen@gmai.com
More informationCapital Budgeting in Global Markets
Capital Budgeting in Global Markets Spring 2013 Introduction Capital budgeting is te process of determining wic investments are wort pursuing. Firms (and individuals) can diversify teir operations (investments)
More informationPoS(ISCC 2017)020. Credit Risk Assessment of Receivable Accounts in Industry Chain based on SVM. Speaker. Huan Sun 1
Credit Risk Assessment of Receivabe Accounts in Industry Chain based on SVM 1 Schoo of computer and information, Hohhot Vocationa Coege Inner Mongoia, 010051, China E-mai: sunhhvc@163.com Industria chain
More informationS CORPORATIONS INTRODUCTION AND STUDY OBJECTIVES. In studying the rules of S corporations, the student should have these objectives: STUDY HIGHLIGHTS
H Chapter Eeven H S CORPORATIONS INTRODUCTION AND STUDY OBJECTIVES Certain sma business corporations may eect to be taxed under Subchapter S instead of under the reguar rues for taxation of corporations.
More information2017 Year-End Retirement Action Plan
2017 Year-End Retirement Action Plan Te end of te year is a good time to assess your overall financial picture, especially your retirement strategy. As te year comes to a close, use tis action plan to
More informationA guide to your with-profits investment and how we manage our With-Profit Fund
Important information A guide to your with-profits investment and how we manage our With-Profit Fund For customers investing through an Aviva investment bond. Contents This guide is important as it aims
More informationLabor Market Flexibility and Growth.
Labor Market Flexibility and Growt. Enisse Karroubi July 006. Abstract Tis paper studies weter exibility on te labor market contributes to output growt. Under te assumption tat rms and workers face imperfect
More informationTHE ROLE OF GOVERNMENT IN THE CREDIT MARKET. Benjamin Eden. Working Paper No. 09-W07. September 2009
THE ROLE OF GOVERNMENT IN THE CREDIT MARKET by Benjamin Eden Working Paper No. 09-W07 September 2009 DEPARTMENT OF ECONOMICS VANDERBILT UNIVERSITY NASHVILLE, TN 37235 www.vanderbilt.edu/econ THE ROLE OF
More informationTaxes and Entry Mode Decision in Multinationals: Export and FDI with and without Decentralization
Taxes and Entry Mode Decision in Multinationals: Export and FDI wit and witout Decentralization Yosimasa Komoriya y Cuo University Søren Bo Nielsen z Copenagen Business Scool Pascalis Raimondos z Copenagen
More informationFinancial Constraints and Product Market Competition: Ex-ante vs. Ex-post Incentives
University of Rocester From te SelectedWorks of Micael Rait 2004 Financial Constraints and Product Market Competition: Ex-ante vs. Ex-post Incentives Micael Rait, University of Rocester Paul Povel, University
More informationKey features of the Pension
Key features of the Pension Key features of the Pension The Financia Conduct Authority is a financia services reguator. It requires us, Aviva, to give you this important information to hep you to decide
More informationINTRODUCING HETEROGENEITY IN THE ROTHSCHILD-STIGLITZ MODEL
Te Journal of Risk and nsurance, 2000, Vol. 67, No. 4, 579-592 NTRODUCNG HETEROGENETY N THE ROTHSCHLD-STGLTZ ODEL Acim Wambac ABSTRACT n teir seminal work, Rotscild and Stiglitz (1976) ave sown tat in
More informationA guide to your with-profits investment and how we manage our With-Profit Fund
Important information A guide to your with-profits investment and how we manage our With-Profit Fund For customers investing through pension pans. Contents This guide is important as it aims to answer
More informationYour guide to remortgaging
Mortgages Need more information? Speak to one of our mortgage advisers who wi be happy to expain more about our range of mortgages. Ca: 0345 734 4345 (Monday to Friday 8am to 6pm) Cas may be monitored
More informationEXAMINATIONS OF THE HONG KONG STATISTICAL SOCIETY
EXAMINATIONS OF THE HONG KONG STATISTICAL SOCIETY HIGHER CERTIFICATE IN STATISTICS, 2012 MODULE 8 : Survey sampling and estimation Time allowed: One and a alf ours Candidates sould answer THREE questions.
More informationLifetime Aggregate Labor Supply with Endogenous Workweek Length*
Federal Reserve Bank of Minneapolis Researc Department Staff Report 400 November 007 Lifetime Aggregate Labor Supply wit Endogenous Workweek Lengt* Edward C. Prescott Federal Reserve Bank of Minneapolis
More informationMaking Informed Rollover Decisions
Making Informed Rollover Decisions WHAT TO DO WITH YOUR EMPLOYER-SPONSORED RETIREMENT PLAN ASSETS UNDERSTANDING ROLLOVERS Deciding wat to do wit qualified retirement plan assets could be one of te most
More informationLabor Market Flexibility and Growth.
Labor Market Flexibility and Growt. Enisse Karroubi May 9, 006. Abstract Tis paper studies weter exibility on te labor market contributes to output growt. First I document two stylized facts concerning
More informationPrinciples and Practices of Financial Management (PPFM)
Principes and Practices of Financia Management (PPFM) for Aviva Life & Pensions UK Limited Stakehoder With-Profits Sub-Fund Version 17 Retirement Investments Insurance Heath Contents Page Section 1: Introduction
More informationVariance Reduction Through Multilevel Monte Carlo Path Calculations
Variance Reduction Through Mutieve Monte Caro Path Cacuations Mike Gies gies@comab.ox.ac.uk Oxford University Computing Laboratory Mutieve Monte Caro p. 1/30 Mutigrid A powerfu technique for soving PDE
More informationINTERIM REPORT 2016/ 17. Equipment Rental since
INTERIM REPORT 2016/ 17 Equipment Renta since 1954 www.vppc.com Chairman s Statement I am very peased to report a further set of exceent resuts for the six month period to 30 September 2016. Profit before
More informationGiving That Grows. Legacies That Last.
Giving That Grows. Legacies That Last. Donor Advised Fund Program Description & Appication We make a iving by what we get, we make a ife by what we give. Winston Churchi The Sharing of Vaues: What is Your
More informationEfficient Replication of Factor Returns
www.mscibarra.com Efficient Replication of Factor Returns To appear in te Journal of Portfolio Management June 009 Dimitris Melas Ragu Suryanarayanan Stefano Cavaglia 009 MSCI Barra. All rigts reserved.
More informationPricing and Revenue Sharing Strategies for Internet Service Providers
Pricing and Revenue Sharing Strategies for Internet Service Providers Linhai He and Jean Warand Dept. of EECS, U.C. Berkeey {inhai,wr}@eecs.berkeey.edu 1 Abstract One of the chaenges facing the networking
More informationOur Team. Reddington Advisory Group
Our Team Reddington Advisory Group Mark J. Reddington, CLU, ChFC Gaetano Sacco Senior Financia Services Executive Financia Panner Financia Services Representative Kevin Zebrowski, JD Erik Scherr Financia
More information4/19/2017 l Resolution Regimes in Europe: Implementation of effective resolution regimes in the region. Funding in Resolution Stefano Cappiello
4/19/2017 Resoution Regimes in Europe: Impementation of effective resoution regimes in the region Funding in Resoution Stefano Cappieo The probem of funding in resoution The EU resoution framework provides
More informationHospital s activity-based financing system and manager - physician interaction
Hospital s activity-based financing system and manager - pysician interaction David Crainic CRESGE/LEM/FLSEG, Université Catolique de Lille. email: dcrainic@cresge.fr Hervé Leleu CNRS and CORE, Université
More informationDispute Settlement with Second-Order Uncertainty: The Case of International Trade Disputes
Dispute Settement wit Second-Order Uncertainty: Te Case of Internationa Trade Disputes Mostafa Beskar Indiana University Jee-Hyeong Park Seou Nationa University Octoer, 2017 Astract Te iterature on pretria
More informationProxy Access At The Tipping Point by Holly Gregory
Proxy Access At The Tipping Point by Hoy Gregory What happens when the sharehoders of most U.S. corporations gain the power to nominate their own sates for board eections? We are about to find out. By
More informationRetirement Income Charting a Course to Help Your Money Last
Retirement Income Charting a Course to Hep Your Money Last Peter Murphy, CFP Financia Partners Securities are offered through LPL Financia, Member FINRA/SIPC. Investment Advice offered through Financia
More informationVolume 31, Issue 1. Antidumping Petition: To File or Not To File
Voue 31, Issue 1 Antiduping Petition: To Fie or Not To Fie Si-Jye Wu Nationa Sun Yat-Sen University Yang-Ming Cang Kansas State University Hung-Yi Cen Soocow University Abstract Given te nora vaue of a
More informationUnemployment insurance and informality in developing countries
11-257 Researc Group: Public economics November 2011 Unemployment insurance and informality in developing countries DAVID BARDEY AND FERNANDO JARAMILLO Unemployment insurance/severance payments and informality
More informationGlobal Financial Markets
Global Financial Markets Spring 2013 Wat is a Market? A market is any system, institution, procedure and/or infrastructure tat brings togeter groups of people to trade goods, services and/or information.
More informationUNCERTAINTY, LEARNING AND HETEROGENEITY IN INTERNATIONAL ENVIRONMENTAL AGREEMENTS* October Abstract
UNCERTAINTY, LEARNING AND HETEROGENEITY IN INTERNATIONAL ENVIRONMENTAL AGREEMENTS Cares D. Kostad # and Aistair Up + Abstract Tis paper concerns te ormation o Internationa Environmenta Agreements under
More informationWho gets the urban surplus?
8/11/17 Wo gets te urban surplus? Paul Collier Antony J. Venables, University of Oxford and International Growt Centre Abstract Hig productivity in cities creates an economic surplus relative to oter areas.
More informationPreparing Cash Budgets
Preparing Cash Budgets John Ogivie, author of the CIMA Study System Finance, gives some usefu tips on this popuar examination topic. The management of cash resources hods a centra position in the area
More informationPROCUREMENT CONTRACTS: THEORY VS. PRACTICE. Leon Yang Chu* and David E. M. Sappington** Abstract
PROCUREMENT CONTRACTS: THEORY VS. PRACTICE by Leon Yang Cu* and David E. M. Sappington** Abstract La ont and Tirole s (1986) classic model of procurement under asymmetric information predicts tat optimal
More informationPrinciples and Practices of Financial Management (PPFM)
Principes and Practices of Financia Management (PPFM) for Aviva Life & Pensions UK Limited Od With-Profits Sub-Fund and New With-Profits Sub-Fund (Aviva Life & Pensions UK Limited Od WPSF and New WPSF)
More informationINTERIM REPORT 2015/16. Equipment Rental since
INTERIM REPORT 2015/16 Equipment Renta since 1954 www.vppc.com Chairman s Statement I am very peased to report on a period of further soid progress for the Group. In the six months to 30 September 2015,
More informationORGANIZATIONAL INERTIA AND DYNAMIC INCENTIVES. Marcel BOYER Jacques ROBERT
ORGANIZATIONAL INERTIA AND DYNAMIC INCENTIVES by Marcel BOYER Jacques ROBERT We would like to tank Bentley Macleod, Micel Poitevin, Jean-Pierre Ponssard, Bernard Salanié, seminar participants at te University
More informationThe Long (and Short) on Taxation and Expenditure Policies
Zsolt Becsi Economist Te Long (and Sort) on Taxation and Expenditure Policies O ne of te central issues in te 1992 presidential campaign was ow best to promote economic growt Because muc of te growt debate
More informationEcon 551 Government Finance: Revenues Winter, 2018
Econ 551 Government Finance: Revenues Winter, 2018 Given by Kevin Milligan Vancouver Scool of Economics University of Britis Columbia Lecture 4b: Optimal Commodity Taxation, Part II ECON 551: Lecture 4b
More informationThe Theory of the Firm Economic Markets
The Theory of the Firm Economic Markets We ve discussed demand, from the theory of a consumer. For suppy we wi examine the firms perspective, what inputs shoud they use, what are their ong run cost functions,
More informationIntroduction to Algorithms / Algorithms I Lecturer: Michael Dinitz Topic: Splay Trees Date: 9/27/16
600.463 Introduction to lgoritms / lgoritms I Lecturer: Micael initz Topic: Splay Trees ate: 9/27/16 8.1 Introduction Today we re going to talk even more about binary searc trees. -trees, red-black trees,
More informationl Strong and extensive history of the federal government's support for public housing programs;
Pubication date: 19-Ju-2001 Reprinted from RatingsDirect Commentary Pubic Housing Authority Capita Securitization Criteria Anayst: Wendy Dober, New York (1) 212-438-7994; Jeffrey Previdi, Chicago (1) 312-669-0340;
More informationDate (Day/Month/Year)
Invest in a beneficiary s Individua Savings Account (ISA) Vaid from Apri 2017 Pease compete this form in BLOCK LETTERS and back ink, and return it to: FREEPOST JP MORGAN AM. An address or a stamp is not
More informationFifth Industry Dialogue Critical Functions and Access to FMIs:
Fifth Industry Diaogue Critica Functions and Access to FMIs: New Tempates for Resoution Panning Mauro Grande, Board Member Nadège Jassaud, Head of Unit, Strategy & Methodoogy Industry Diaogue, 30 January
More informationThe following advice is offered to businesses that wish to provide coffee as part of their customer service.
Chapter 4 Overhead costs Rea word case 4.1 The foowing advice is offered to businesses that wish to provide coffee as part of their customer service. The cost of a cup of coffee consists of more than the
More informationHeterogeneous Beliefs and Short-term Credit Booms
Heterogeneous Beiefs an Sort-term Creit Booms Ziguo He y Wei Xiong z Marc 2 Abstract We stuy te nancing of specuative asset-market booms in a stanar framework wit eterogeneous beiefs an sort-saes constraints.
More informationKey Features of the With Profits Pension Annuity
Key Features of the With Profits Pension Annuity Key Features of the With Profits Pension Annuity The Financia Conduct Authority is a financia services reguator. It requires us, Aviva, to give you this
More informationProtective Fixed Annuities
s are set every two weeks and may change without notice. Depending on market conditions, rates may be set more frequenty. Withdrawas and eary surrenders may ower returns. View Fu Notification Current s
More informationSouth Korea s Trade Intensity With ASEAN Countries and Its Changes Over Time*
International Review of Business Researc Papers Vol. 8. No.4. May 2012. Pp. 63 79 Sout Korea s Trade Intensity Wit ASEAN Countries and Its Canges Over Time* Seung Jin Kim** Tis paper analyzes ow Korea
More informationRelaxing Standard Hedging Assumptions in the Presence of Downside Risk
Relaxing Standard Hedging Assumptions in te Presence of Downside Risk Fabio Mattos Pilip Garcia Carl Nelson * Paper presented at te NCR-134 Conference on Applied Commodity Price Analysis, Forecasting,
More informationBuildings and Properties
Introduction Figure 1 Te Department of Transportation and Works (formerly te Department of Works, Services and Transportation) is responsible for managing and maintaining approximately 650,000 square metres
More informationThe UK Bribery Act 2010 and its implications for businesses
17. The UK Bribery Act 2010 and its impications for businesses John Rupp, Robert Amaee and Ian Redfearn, Covington & Buring LLP There was a time in the not so distant past when the US Foreign Corrupt Practices
More informationCIBC Managed Income Portfolio. Annual Management Report of Fund Performance
CIBC Managed Income Portfoio Annua Management Report of Fund Performance for the financia year ended December 31, 2015 A figures are reported in Canadian doars uness otherwise noted This annua management
More informationAbstract (X (1) i k. The reverse bound holds if in addition, the following symmetry condition holds almost surely
Decouping Inequaities for the Tai Probabiities of Mutivariate U-statistics by Victor H. de a Peña 1 and S. J. Montgomery-Smith 2 Coumbia University and University of Missouri, Coumbia Abstract In this
More informationSONDERFORSCHUNGSBEREICH 504
SONDERFORSCHUNGSBEREICH 504 Rationalitätskonzepte, Entsceidungsveralten und ökonomisce Modellierung No. 07-18 Liquidity and Ambiguity: Banks or Asset Markets? Jürgen Eicberger and Willy Spanjers June 007
More informationExcellence in Service
Kupono Ka ana Exceence in Service Construction Environmenta Munitions Response Logistics A Native awaiian Owned 8(a) Sma Business Dawson Technica, LLC is a proven second generation Native awaiian 8(a)
More informationFinancial Accounting
Financia Accounting Course Text Professiona, Practica, Proven www.accountingtechniciansireand.ie 100282 Fin_Acc_2015(M).indb 1 29/06/2015 11:02 100282 Fin_Acc_2015(M).indb 2 29/06/2015 11:02 Tabe of Contents
More informationNB Global Floating Rate Income Fund Limited
NB Goba Foating Rate Income Fund Limited March 2011 NB Goba Foating Rate Income Fund Limited Orie Securities Limited Soe Sponsor, Soe Financia Adviser, Joint Goba Co-ordinator and Joint Bookrunner Dexion
More informationOver 50s Life Insurance
Provided by Lega & Genera Over 50s Life Insurance Poicy Terms and Conditions T&C 17CH 1 Ateration to your Poicy Terms and Conditions It is important to read through the aterations detaied beow as these
More informationStrictly Based on the Latest Syllabus issued by CBSE Board for 2016 Examination. Accountancy. Includes Solved Paper (KVS) 2015.
Stricty Based on the Latest Syabus issued by CBSE Board for 2016 Examination QUESTION BANK Chapter-Wise Soutions Accountancy Incudes Soved Paper (KVS) 2015 Pubished by : OSWAAL BOOKS Oswaa House 1/11,
More informationEconomic growth and inequality patterns in the presence of costly technology adoption and uncertainty
Economic growt and inequay patterns in te presence of costy tecnoogy adoption and uncertainty y Ziv Cinzara Queensand Universy of Tecnoogy and Radika Lairi Queensand Universy of Tecnoogy January 202 bstract
More information«Farmer Impatience and Grain Storage for the Hunger Season»
«Farmer Impatience and Grain Storage for te Hunger Season» Tristan LE COTTY Eodie MAITRE D HOTEL Rapaë SOUBEYRAN Juie SUBERVIE DR n 2014-07 Farmer Impatience and Grain Storage for te Hunger Season T. Le
More informationHow Effective Is the Minimum Wage at Supporting the Poor? a
How Effective Is te Minimum Wage at Supporting te Poor? a Tomas MaCurdy b Stanford University Revised: February 2014 Abstract Te efficacy of minimum wage policies as an antipoverty initiative depends on
More informationDistorted Trade Barriers: A Dissection of Trade Costs in a Distorted Gravity Model
Distorted Trade Barriers: A Dissection of Trade Costs in a Distorted Gravity Model Tibor Besedeš Georgia Institute of Tecnology Mattew T. Cole California Polytecnic State University October 26, 2015 Abstract
More informationManaging and Identifying Risk
Managing and Identifying Risk Spring 2008 All of life is te management of risk, not its elimination Risk is te volatility of unexpected outcomes. In te context of financial risk it can relate to volatility
More informationNominal Exchange Rates and Net Foreign Assets Dynamics: the Stabilization Role of Valuation Effects
MPRA Munic Personal RePEc Arcive Nominal Excange Rates and Net Foreign Assets Dynamics: te Stabilization Role of Valuation Effects Sara Eugeni Duram University Business Scool April 2015 Online at ttps://mpra.ub.uni-muencen.de/63549/
More informationAsset Pricing with Heterogeneous Agents and Long-Run Risk
Asset Pricing wit Heterogeneous Agents and Long-Run Risk Walter Pol Dept. of Finance NHH Bergen Karl Scmedders Dept. of Business Adm. University of Zuric Ole Wilms Dept. of Finance Tilburg University September
More information