When does one use or disclose information?

Often, one has information but doesn’t act immediately, or require others to act on it immediately.  But there have been several instances of the government sitting on information that later turns out was really important.  Is this just not recognizing the risk?  Would they have done anything differently?

“FAA Was Slow to Act On Engine Warning,” The Wall Street Journal, May 21, 2018 B1.  FAA (and the airline industry)  knew of the potential for engine blades to crack for 2 years.  The manufacturer increased inspections. Then one blade cracked, destroying an engine and killing a passenger on the Southwest airlines flight in April.

This seems to link Governance (Who was responsible for deciding that the risk was adequately managed?) and Information (Did everyone have the same level of information?).  Is there also a Compliance vector?  The airlines were complying with government directions.

And how much does the flying public rely on the government to take care of such things?

Advertisements

Leave a comment

Filed under Governance, Protect assets, Reliance, Risk assessment, Who is in charge?

Sniff test

What happens to compliance when the CEO and her boyfriend collaborate to create a culture of secrecy and fear?

“Partners in Blood,” The Wall Street Journal, May 19, 2018 C1.  Reports from the trenches at Theranos, which said it was able to run a range of tests from a few drops of blood; it couldn’t.  SEC charges company with fraud, and investors lose millions.

While the implications of a relationship of the CEO goes to Governance, are there also links to Compliance and Information?  What impact did the culture have on the company’s compliance?  How do investors know about the nature of a CEO’s personal relationships leaking into the corporate environment?

Who should have seen this and reported it to someone?  Why didn’t the directors smell a rat?

Leave a comment

Filed under Board, Compliance, Culture, Culture, Directors, Duty, Employees, Governance, Oversight, Oversight, Risk, Supervision, To report

Use/misuse

“Data Firm Files for Bankruptcy,” The Wall Street Journal, May 19, 2018 B3.  Cambridge Analytica, who used Facebook data in connection with the Trump campaign, files for Chapter 7 (not Chapter 11) bankruptcy.

Is this an impact from misuse of information?

Leave a comment

Filed under Access, Compliance, Controls, Corporation, Duty, Governance, Internal controls, Protect assets, Third parties

Readability

“Tips for Decoding Privacy-Policy Gibberish,” The Wall Street Journal, May 18, 2018 B4.  In the run-up to implementation of the GDPR in Europe next week, companies are updating their privacy policies.

Does anyone read these, or understand them?  Do your employees read and understand your policies?  Who’s at risk if they don’t?

Leave a comment

Filed under Communications, Compliance, Compliance (General), Controls, Corporation, Directors, Duty, Employees, Governance, Internal controls, Oversight, Policy

Shoes of the centipede

“Wells Fargo Faces More Woe Over Client Data,” The Wall Street Journal, May 18, 2018 B1.  Another shoe drops at Wells Fargo (when will it ever end?) after disclosure that employees in the wholesale business (non-consumer) banking side changed and added customer information without approval.  Reason: to meet a compliance deadline.

Is there another organization with so many compliance failures?  It started with consumer banking and credit cards and now seems to have permeated the entire enterprise.  Is it risky to call this an enterprise?  What influenced their behavior?  Why are the directors not in the dock?  Weren’t they in charge of establishing and ensuring the culture of compliance?  This is a bank, for God’s sake.

Is it easier to find someone who was or wasn’t involved in some type of bad behavior at Wells Fargo?

Leave a comment

Filed under Accuracy, Board, Compliance (General), Controls, Corporation, Culture, Culture, Directors, Duty, Duty of Care, Employees, Governance, Internal controls, Managers, Oversight, Oversight, Supervision

Which is the tail and which is the dog?

“CBS Board Defies Shari Redstone,” The Wall Street Journal, May 18, 2018 B1.  Board tries to reduce the control exercised by an 80% shareholder.

This is going to be fun to watch (if you’re not one of the other shareholders).  Interesting question on what the controlling shareholder (and the Board) can and cannot do.

Here’s a subsequent post from another source, if you want background.  Caution – heavily legal.

Leave a comment

Filed under Board, Controls, Corporation, Directors, Duty, Governance, Internal controls, Investor relations, Oversight, Shareholders, Who is in charge?

Keeping conversations semi-private

“Police Move to Make Their Radio Traffic Private,” The Wall Street Journal, May 18, 2018 A3. Police encrypt or delay release of radio traffic, limiting but not preventing public access.  Keeps the crowds down.

So, they can’t limit your speech, but they can delay your access to theirs?  Makes sense, if they’re planning a SWAT raid.  How transparent do we want the police to be?  How transparent should your company be?

Leave a comment

Filed under Access, Business Continuity, Controls, Duty, Government, Information, Internal controls, Operations, Security, Third parties, Value