A poster child, at last!

The discussion about information governance is normally directed to Management, where the argument is either compliance (yawn) or ROI (impossible to measure). But hope springs eternal.

The Target credit card breach has yielded a worthwhile public service (beyond providing this teacher fodder for my information governance course).

“Ouster of Target Directors Is Urged,” Wall Street Journal, May 29, 2014 B2 http://on.wsj.com/SUu6FU

Finally, someone is taking the battle to where it belongs — the Board. The Board has a duty to comply with the law, of course, and to exercise reasonable oversight over the operations of Management. But the Board has a fiduciary duty to take reasonable steps to protect the assets of the company. Information is an asset. Ergo, if they don’t fulfill their duty, either sue them or run them off. Then information governance may get more attention.

Leave a comment

Filed under Board, Controls, Duty of Care, Governance, Information, Internal controls, Management, Protect, Protect assets, Protect information assets, Risk, Security, Value

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s