Management effectiveness: Assessing management of protected areas?

To maximise the potential of protected areas, we need to understand the strengths and weaknesses in their management and the threats and stresses that they face. There is increasing pressure on governments and other bodies responsible for protected areas to monitor their effectiveness. The reasons for assessing management effectiveness include the desire by managers to adapt and improve their management strategies, improve planning and priority setting and the increasing demands for reporting and accountability being placed on managers, both nationally and internationally. Despite these differing purposes for assessment, some common themes and information needs can be identified, allowing assessment systems to meet multiple uses. Protected-area management evaluation has a relatively short history. Over the past 20 years a number of systems have been proposed but few have been adopted by management agencies. In response to a recognition of the need for a globally applicable approach to this issue, the IUCN World Commission on Protected Areas developed a framework for assessing management effectiveness of both protected areas and protected area systems. This framework was launched at the World Conservation Congress in Jordan in 2000. The framework provides guidance to managers to develop locally relevant assessment systems while helping to harmonise assessment approaches around the world. The framework is strongly linked to the protected area management process and is adaptable to different types and circumstances of protected areas around the world. Examples from Fraser Island in Australia and the Congo Basin illustrate the use of the framework.

A software audit framework for spyware risk mitigation

Our research described in this paper identifies a three part premise relating to the spyware paradigm. Firstly the data suggests spyware is proliferating at an exponential rate. Secondly ongoing research confirms that spyware produces many security risks – including that of privacy/confidentiality breaches via illicit data collection and reporting. Thirdly, anti-spyware controls are improving but are still considered problematic for several reasons. Our research then concludes that control measures to counter this very significant challenge should merit compliance auditing – and this auditing may effectively target the vital message passing performed by all illicit data collection spyware. Our research then evolves into an experiment involving the design and implementation of a software audit tool to conduct the desired compliance auditing. The software audit tool is positioned at the protected network’s gateway. The software audit tool uses ‘phone-home’ IP addresses as spyware signatures to detect the presence of the offending software. The audit tool also has the capability to differentiate legitimate message passing software from that produced by spyware – and ‘learn’ both new spyware signatures and new legitimate message passing profiles. The testing stage of the software has proven successful – albeit using very limited levels of network message passing variety and frequency.