SAFETY PRACTICES
Exploration is risky, and the underwater environment can impose physical and psychological stress on divers if they are unprepared. However, serious dangers can be prevented if safety checks are conducted and safe diving practices are followed. Dive planning takes into account predictable and static environmental factors, as well as changing environmental conditions, so that damage can be prevented or minimised as far as possible in an emergency. Lower-priority threats can be managed by teamwork and resource sharing, and diver safety is enhanced by comprehensive training and frequent exercise of safety skills.
Similarly, ISCA has a risk management framework to manage any foreseeable danger and ensure contingencies are in place in the event of any threat. The Covid-19 pandemic has increased the likelihood and impact of digital threats, including cyber security and data security. There is now a larger focus on addressing these risks than ever before to ensure digital trust and build resilience for the future.
Working from home, and having all staff on collaboration platforms, posed new technical and security challenges. While there were heightened risks, the Institute was prepared for such an event, having upgraded its Information and communications technology (ICT) infrastructure such as servers, hosting sites and backup solutions to ensure data is available round the clock and encrypted.
Moving our applications and tools (such as membership / professional qualification application system), backup solutions, security tools and collaboration platforms, from physical servers to the cloud was a major undertaking but this has proven to be a worthwhile investment as evidenced by the seamless transition to remote working across the organisation. Amid the pandemic and especially during the Circuit Breaker, staff were able to continue their work securely and efficiently with minimal disruption. Technical support was also conducted remotely during this period, and users were able to get round-the-clock assistance from the technical help desk.
ISCA recognises the importance of establishing good working relations with key stakeholders that is grounded on trust, respect and open communications. As the national accountancy body, we hold regular dialogues with key local stakeholders such as government bodies and agencies, policy makers and regulators to foster and deepen mutual understanding.
These interactions help to facilitate identification of mutually beneficial areas of collaboration which improve the ecosystem in which the profession and our members are a part of.
Beyond Singapore, ISCA has also cultivated and strengthened relations with other member bodies of the global accounting profession as well as IFAC, the global organisation for the accountancy profession and relevant accountancy groups such as CAW, AFA and Jeju Group.
The engagement of key stakeholders would provide ISCA with useful information on how to further develop and strengthen the capabilities of our members so that they are well positioned to take advantage of opportunities that arise.
As a membership organisation, we provide value by empowering members to achieve their professional aspirations. By providing upskilling and reskilling opportunities, we support our members in developing future-ready skills and expanding their career options.
As the voice for its members and the profession, ISCA shapes and influence policies and initiatives of key decision-makers in the ecosystem. For instance, ISCA regularly submits comment letters on exposure drafts drawn up by international bodies such as IASB and IFAC.
ISCA encourages continuous learning and upskilling among our members so that they possess relevant skills in the digital age. We continue to support accountancy professionals in their development of soft skills, such as creative thinking, emotional intelligence and collaboration, which are crucial in Industry 4.0. Apart from our classes and seminars, we also have over 400 e-courses in our CPE e-learning library for members to acquire new skills at their own time and convenience so that they are equipped for the digital economy.
The use of digital learning platforms has grown over the past year, as members sought to upgrade their skill sets and gain new knowledge amid the circuit breaker period. With the social distancing requirements arising from the pandemic, ISCA curated live webinars and e-learning modules under our eLearning Space to provide members with virtual learning support.
ISCA implements a holistic cybersecurity strategy to ensure data security and privacy, with procedures and policies in place for the most vulnerable cyber risks, including access-restricted ICT systems and an encrypted database.
We also conduct regular reviews and enhancement of our policies and internal processes to mitigate risks associated with data breaches, as well as monthly vulnerability scanning, and annual penetration testing on our applications, networks and servers.
The Institute enhanced our perimeter security using advanced automated threat detection and response against a variety of threats including malware and ransomware. Our cybersecurity practices include round-the-clock services to detect possible threats and protecting our user access control with multiple factor authentication.
The Institute provides the latest cyber information and known data breaches or threats to all staff, and ensures all members of our ICT team undergo security training.
To promote a culture of vigilance when handling personal data, we hold regular briefings for our employees on the policies related to the Personal Data Protection Act (PDPA). Our employees have attended training courses related to the PDPA. We also send email reminders to employees about our personal data protection policies, such as encrypting and securing files containing personal data. We encourage good password hygiene among our staff as a simple but consequential way to prevent data breaches, and to stay vigilant against phishing scams and other malicious communications that invite devastating ransomware attacks.
Workforce planning and ensuring a sustainable talent pipeline is part of our comprehensive talent management strategy. We recognise that if individuals are to remain valuable to our team, they need to continue to strengthen their skills and acquire new ones to be future-ready. Hence, ISCA continually focuses on training and developing our staff for long-term success, and supports each individual’s career aspirations, as appropriate.
We take steps to retain critical and top talent, and ensure that each member of our team is recognised for their achievements, treated with dignity, and maintain a healthy work-life balance.
Our reputation is one of the Institute’s most valuable assets. The positive perception of ISCA in the minds of our members, regulators and other stakeholders is vital to our success and the trust and relationships we have built with them.
Managing this strategically starts with building an accurate picture of our strengths and weaknesses to quantify the impact of identified risks on our reputation and to create a baseline for measurement and improvement.
The Institute has an ongoing process to detect and manage issues that can affect our corporate identity and reputation. We also manage, protect, and improve our reputation through sound corporate values as well as robust policies and processes to identify, assess and respond to risks in a manner that is consistent with the Institute’s culture.