Hacking hackers

“In Cyberwar, Spies May Be Targets,” The Wall Street Journal, May 25, 2017 B4.  In a breach of protocol, the hackers behind the WannaCry ransomware attack may be releasing the names of some of the hackers working for the NSA.  Certainly cuts down on their foreign travel.

If they can’t keep their own secrets secret, what’s a body to do?  Will this shut them down?

How well does your company keep its secrets?  How important is it to your employees?

Leave a comment

Filed under Access, Business Continuity, Controls, Duty, Government, IT, Privacy, Security, Third parties

Shameless self-promotion, chapter 2

I did a presentation today to the Houston Chapter of ARMA on the question of “Duty.”  This explores the fundamental dichotomy between autonomy and compliance.  A rough draft of the presentation, together with audio, is available at the following link: http://bit.ly/2qXkD31

Leave a comment

Filed under Uncategorized

A handful of stories

  1. Compare

“FCC Won’t Move Against Colbert for Crude Remarks,” The Wall Street Journal, May 24, 2017 A3.  Remarks about Trump don’t draw a fine.  The question remains, what will?  What’s the impact of the regulator not even trying to enforce regulatory standards?

With

“Pakistan Investigates Social-Media Critics of Its Military,” The Wall Street Journal, May 24, 2017 A8.  Twenty-seven critics investigated for “unacceptable” comments criticizing and ridiculing the military and judiciary.  The FCC wasn’t consulted.

2. “U.S. Sues Chrysler Over Emissions Tests,” The Wall Street Journal, May 24, 2017 B1.  Apparently VW wasn’t the only one seeking to game the emissions-testing process.

3.  “Human Still Rule Machines in Insurance,” The Wall Street Journal, May 24, 2017 B1.  Despite the new sources of data, and the ability of computer programs to determine how much an individual insurance policy should cost, humans are still a necessary decision-maker.

4.  “Target Settles Probe Into Its 2013 Hack,” The Wall Street Journal, May 24, 2017 B3. Following the 2013 data breach, Target pays an additional $18.5 million to settle state charges.

5. “High-Ranking Chinese Regulator Faces Probe,” The Wall Street Journal, May 24, 2017 B14.  Assistant chairman of the China Banking Regulatory Commission fired for breaking the rules.  Details not available.

Leave a comment

Filed under Accuracy, Analytics, Compliance, Compliance, Controls, Corporation, Culture, Duty, Employees, Governance, Government, Information, Internal controls, Management, Managers, Oversight, Supervision, Value

Reporting, vel non

Does your radar go wild when someone suggests delaying the report of information?

“Sunrun Sales Data Seen as Skewed,” The Wall Street Journal, May 23, 2017 B1.  In the run-up to the company’s IPO, some managers were told by their managers to hold off on reporting a number of canceled contracts.  Reporting this information would have reduced the sales numbers, as the canceled contracts were a large percentage of total orders.

What does it say about a culture where the bosses ask managers to do this type of thing?  And no one says, “No”?  Was no one bright enough to connect the dots?  What else is suspect?  Are employees clueless as to their common law duties to report wrong-doing or deviations from company processes?

 

Leave a comment

Filed under Accuracy, Compliance, Compliance, Controls, Culture, Data quality, Duty, Employees, Governance, Internal controls, Management, Managers, Oversight, Supervision, To report

You manage what you measure

If the Board asks how much the company paid for something, “I don’t know” isn’t a good answer.  Neither is “We can’t track that today.”

“Algorithms Help Calpers Tally Fees,” The Wall Street Journal, May 23, 2017 B1. The question was how much the pension plan had paid private-equity managers in performance fees.  It turns out the answer was $3.4 billion, over 25 years, with $490 million last year.  Answer was derived using algorithms.

“It took five years to develop a new data collection system that requires private-equity managers to fill out various templates describing their various fees.”

How comforting – a self-graded exam for $3.4 billion in fees.

What’s information worth?  How can you manage without it?  How did they?

Leave a comment

Filed under Access, Analytics, Board, Collect, Controls, Corporation, Data quality, Directors, Duty, Governance, Information, Internal controls, Management, Operations, Oversight, Oversight, Protect information assets, Third parties, Use, Use, Value, Vendors

Texas Administrators

Soon to be signed into law is a bill holding school administrators, superintendents, and principals criminally liable for failing to report teachers who commit “inappropriate acts” with students.  The offending teachers are already potentially liable.

“Texas Measure Targets Improper Teachers, The Wall Street Journal, May 22, 2017 A3.

Surprising it wasn’t the law already.  Mr. Bumble was right:  the law is a ass.

Leave a comment

Filed under Communicate, Communications, Controls, Duty, Employees, Governance, Government, Internal controls, Management, Managers, Oversight, Supervision

Digging out

I was otherwise engaged last week and missed posting.  Here are some catch-ups.

Leave a comment

Filed under Accuracy, Board, Communications, Compliance, Compliance, Content, Controls, Corporation, Directors, Discovery, Duty, Employees, Governance, Government, Inform market, Inform shareholders, Internal controls, Investor relations, Oversight, Privacy, Protect assets, Protect information assets