Monthly Archives: November 2013

“Managing” information

I had difficulties finding a suitable article in today’s The Wall Street Journal.  But rather than admit defeat, I decided to go with this.  But it’s a reach.

“Russia’s Olympic Effort Sputters,” Wall Street Journal, November 30-December 1, 2013, A9

I had thought from the headline that this story would be forecasting that the site would not be ready for the Olympic Games, less than three months away.  Well, yes and no.  The places where the athletes will compete are all done.  What is less done is all the rest – the hotels, the shops, etc.

How do you manage life under a microscope?  Reporters looking for news to report (i.e., bad news). Is “managing” that process “information management”?  Or just Public Affairs?  Or Communications?  What’s the link, if any, to Information Governance?  Is it on the cusp of Crisis Management?

Leave a comment

Filed under Business Case, Communications, Governance, Information, Operations, Risk

Whatcha’ goin do?

Your boss asks you to  something illegal.  You comply, for fear of losing your job. Was this a test?

I suspect your company doesn’t have a strong compliance culture.

“Ex-Analyst at SAC Cites Job Fears,” Wall Street Journal, November 29, 2013 C2

Jon Horvath says his boss made him do it.  The “it” involved getting and passing along inside information. In an insider trading trial, his boss’s lawyer says the boss was unaware that any of Mr. Horvath’s information had been illegally obtained.

How many compliance programs use a sting to find out whether employees will break the law if the boss asks them to?  Or would that be harmful to the sense of trust between the employees and their boss?  Would they believe their boss would really do that? (Either ask them to do something illegal or participate in a sting?

Leave a comment

Filed under Business Case, Compliance, Controls, Culture, Governance, Information, Internal controls, Legal, Policy, Requirements, Risk, Value

Big medical data sharing

“Medical Center taking turn to digital,” Houston Chronicle, November 28, 2013 B1

Texas Medical Center will provide training and free data analytics software to its 54 member institutions.  Permits collaboration on multi-institution data, if the pesky personal data privacy issues can be resolved. One hospital (Baylor) has 12 petabytes of data.

Let’s see.  Technology. Privacy. Knowledge sharing/management.  What happens if you have this data and this software and get sued?  Any discovery questions?

Leave a comment

Filed under Business Case, Discovery, Information, Interconnections, IT, Knowledge Management, Legal, New Implications, Operations, Ownership, Privacy, Requirements, Risk, Use, Value

Controls and culture redux

“Weatherford to Pay $253 Million Fine,” Wall Street Journal, November 27, 2013 B2

“A Service tale of illicit kale, of whisky and women wild.” (The Ballad of Yukon Jake by Edward Paramore, Jr.)

It’s a familiar story.  Oilfield service company settles FCPA and trade sanction allegations. Allegedly paid foreign officials bribes and travel and entertainment expenses (primary offense) and created false books and records to hide the costs (secondary offense).  Also penalized for not cooperating with the investigation.  Alleged failure “to set up an effective system to detect and prevent corruption.” Really?  Really?

Lessons:  bad environment (overseas, some sketchy countries) means higher risk; bad culture (bribes normal course of business) will bite you; red flags ignored (agent refuses to sign anti-bribery contract; use of code names) can haunt; rapid expansion raises risks; lack of internal controls precedes violations of law; the books and records provisions of the FCPA have real teeth.

Leave a comment

Filed under Business Case, Compliance, Controls, Culture, Governance, Internal controls, Legal, Requirements, Risk, Third parties

123 and FDA

Analytics. Information. Regulation.

Apparently, providing a chemical analysis of your spit is regulated by the FDA.

I remember holisitic hair analysis thirty years ago.  They took a hair sample and burned it, reading the chromatics of the flame to tell you what was in your hair.  Can’t remember whether it was real science.

But 123andMe made a pretty good business of offering to do a DNA analysis of your saliva.  Built a huge DNA data base, and helped people trace their ancestors and identify possible predisposition to certain illnesses.  Sort of an early warning system.

Whose information is it, anyway? And what’s the bigger risk, false positives or false negatives? Or is protecting people from potentially incorrect information within the agency’s charter?

“Gene Startup Ordered To Cease Marketing,” Wall Street Journal, November 26, 2013 A1

Leave a comment

Filed under Business Case, Controls, Data quality, Definition, HR, Information, Legal, Operations, Ownership, Privacy, Requirements, Risk, Use, Value

On average, 30 Gigs per custodian

Microsoft says it stores 60 million pages of information for each piece of litigation, while only 88 pages get admitted into evidence at trial.  On average, each custodian has 30 gigabytes of information, versus 17 gigabytes two years ago.

“Meet the New Pack Rats,” Wall Street Journal, November 25, 2013 B7

As the courts explore potential revisions to the rules, businesses struggle to hold on to what they think they need to hold on to.

Leave a comment

Filed under Business Case, Controls, Discovery, Governance, Information, Internal controls, Legal, Operations, Protect assets, Records Management, Risk

Cross-training at Cornell

One solution to address the lack of “information governance” is to try to teach IT to the Records Management or Legal folks.  Or to teach the business folks Records Management, Legal, Compliance and IT security.

“Cornell M.B.A. Program Melds Technology, Management Skills,” Wall Street Journal, November 25, 2013 B4

Cornell is starting a course to teach IT folks advanced business skills.  Is this type of cross-training the way of the future, for all of us?



Leave a comment

Filed under Business Case, Governance, IT, New Implications, Operations, Use

On the internet, no one knows you’re a dog.

The cartoon is part of internet lore.  I have this phrase on a sticker, translated into Mandarin.

But what if it mattered to you or someone exactly how many Twitter followers you had? Say, you’re an ad agency that get’s paid based on a metric that includes that?  Is that information important?  What’s it’s quality?

“Millions of Fake Accounts Dog Twitter,” Wall Street Journal, November 25, 2103 B1

How many fake accounts are for sale?  Notwithstanding Twitter’s policy against them.

Leave a comment

Filed under Business Case, Controls, Data quality, Definition, Information, Operations, Risk, Third parties, Use, Value

Changing rules of thumb

What do you do when your point of reference changes?

Used to be, the reference mark for oil field activity was the rig count.  Fifty or sixty years.

Now, with the shale formation activity, the rules they are a changing.  It’s not just rigs, but how many wells they’re drilling and how productive those wells are.

“New technologies require new math in the oil field, Houston Chronicle, November 24, 2013 D1

How do you prepare for changes in the metrics in your business?  Is this an information problem or a management of change problem, or both?


Leave a comment

Filed under Business Case, Business Continuity, Definition, Information, New Implications, Operations, Use

What we have here is a failure to communicate

What if, following a software upgrade, the computers controlling your subway trains suddenly couldn’t communicate with the rail switches?

“Computer Glitch Strands Commuters in Bay Area,” Wall Street Journal, November 23-24, 2013 A3

Lessons? Test a software before you roll it out?  Where have we heard that before?

Is this an information governance/management issue? If not, why not?

Leave a comment

Filed under Business Case, Business Continuity, Controls, Definition, Information, Interconnections, Internal controls, IT, Operations, Risk, Value