In May 2003 essay in the Harvard Businesss Review, provocatively titled “IT Doesn’t Matter”, HBR editor at large Nicholas Carr claimed that information technology, having become part of the general business infrastructure, is no longer a major source of competitive advantage for individual companies. In other words, although IT is essential to every business, it has lost its strategic insignificance. His conclusion: businesses should focus on IT cost savings and security, as opposed to IT strategy. Although I think Carr is wrong to write off the remaining potential to gain competitive advantages from IT, his call for greater emphasis on IT security and cost containment is certainly well placed. The problem is that most companies have a hard time dealing with the complexity and depth of security and privacy related issues. A logical organizing framework is needed.
We devote most of our attention in this edition to information security and identity management, sharing, in two feature articles, insights and concepts that PricewaterhouseCoopers has gained in its extensive experience in this area.
The first feature article introduces a comprehensive security and privacy model developed by PwC. It is called the Enterprise Security Business Model (ESBM)TM. The ESBM is an organized framework and approach for addressing security that is driven by an organization’s business objectives. Because it aligns the value of security to the value of the business, the model can identify both deficiencies and opportunities to create and sustain value. To fully appreciate the advantages of a value chain approach to security, read more about the ESBM-“The Next Frontier in Comprehensive Security”-in this issue of Events and Trends.
When it comes to the nexus of security and technology issues, few sectors have experienced (or are experiencing) more tumultuous change than the communications industry. Its twin demands for information security and identity management - protecting data and yet making it securely accessible - make it an ideal proving ground for our Enterprise Security Business Management framework. Our second feature article shows how the ESBM can uncover “The Value of Identity Management for the Communications Industry”, as its title reads. Its message is not limited to that one sector, however: It should be applicable to any industry struggling to manage complex security issues.
A security implementation, like other IT projects, is subject to many risks which, though serious, are controllable using proven techniques. Our next article-“Thinking Big: The Main Steps for Large-Scale Security Implementations”-details what those risks are and outlines how to control them.
The three articles that follow cover issues of specific interest to companies investing in Taiwan and Mainland China. The first argues that Taiwan’s Ministry of Finance should reconsider its recent decision to tax share equity obtained in exchange for technology when the swap is initiated. Author Evon Chen reasons that, in an exchange of shares for technical know-how and other intangible assets, neither party is likely to truly realize gains at the outset, but usually years, sometimes decades later. The MOF decision will have a chilling effect on foreign investment, and is not worth it just for the sake of consistency.
The next articles take up the “enviable problem” many Taiwanese companies on the mainland have deciding how best - from a tax perspective - to deal with mounting surpluses. And for our last issue, we take a close look at how cross-border securities lending transactions are taxed, with special reference to Taiwan’s case and the current legal and regulatory landscape there.
(639KB)
Publications Search Page
