Monthly Archives: October 2014

Link between information and money

Citigroup cut its 3rd-quarter results (reported Oct. 14) due to higher legal fees and “‘very recent communications with certain regulatory agencies.'”

“Legal Shadow Falls Over Citi,” Wall Street Journal, October 31, 2014 C8. $6.4 billion in litigation expense already this year.  That’s a lot.

Not much detail in the “very recent communications” or “certain regulatory agencies.”  Doesn’t uncertainty lead to downside pressure on stock values?  How clearly do you communicate with the market?

Leave a comment

Filed under Board, Compliance, Data quality, Inform market, Inform shareholders, Investor relations, Risk

You got zippers? I’ve got pants.

A marriage, or at least a dating relationship, between IBM’s analytics with Twitter’s big data.

“Twitter, IBM to Harness Tweet Data for Business,” Wall Street Journal, October 30, 2014 B6.  Parties for an alliance to offer business solutions based on Twitter users’ actions and opinions.  500 million Tweets a day.  Uses include: customer service, product planning, consumer surveys (without the survey), and public safety.

Interesting combination.  Who else might do this?  Don’t Google and Amazon do it already, albeit without the advisory model?  Where else are there humongous volumes of data?  Where are there underutilized analysts or analytic software?

Leave a comment

Filed under Analytics, Business Case, Data quality, Information, Interconnections, New Implications, Ownership, Privacy, Value

Today’s Top Three

Normally, I pick one story.  Today, I couldn’t choose among these three, as the issues are just too important.

“Insider Probe Focuses On Medicare Agency,” Wall Street Journal, October 29, 2014 A1. SEC investigation of whether Medicare officials leaked information about proposed treatment limits, and various traders traded on that information.  What’s information worth, and what controls do you put in place to protect that value?

“Fast Traders Get SEC Data Seconds Early,” Wall Street Journal, October 29, 2014 C1.  Study showing companies are paying $1,500 a month for access to company filings (particularly insider stock purchases) seconds before they reach the rest of the market, and that such early access affects trading volume and price.  What’s faster access to data worth, and how do you have a level playing field when seconds matter?  Is speed of access part of information governance?

“How Technology Is Killing Defense,” Wall Street Journal, October 29, 2014 D6.  Football offenses are able to anticipate the actions of football defenses by careful analysis of the game films. [It’s fascinating to me how many of the good stories on analytics in use come from professional sports.]  More information distributed to people who actually use it leads to better decisions. And less-effective blitzes under the prior art.

Leave a comment

Filed under Analytics, Board, Business Case, Collect, Compliance, Controls, Culture, Culture, Governance, Information, Internal controls, Management, Protect, Protect assets, Protect information assets, Third parties, Use, Value

Oversight and the Internet

Who controls the information posted on the Internet?  Government regulators or the group that oversees the web registrars?

“Internet Gatekeeper Clashes With Regulators on Drug Sales,” Wall Street Journal, October 28, 2014 A1.  Regulators want ICANN to investigate websites selling drugs online more vigorously, but ICANN says it doesn’t have the power.  ICANN, which has 22 employees to enforce against websites, says all it can do is terminate the contract with the registrar.

What does oversight mean?  If you don’t have the power to enforce, can you really oversee something?  If you have the power, but don’t use it, is that the same thing as “no oversight”? What happens if no one has the power to oversee?  Do the regulators need to just take direct action against the alleged wrongdoers?  Or enact and enforce new regulations?  Or sue Google or FedEx for allowing this to happen?  What about the Commerce of Department, which is in charge (for now) of “oversight” of ICANN?

Leave a comment

Filed under Controls, Interconnections, Internal controls, IT, Oversight, Ownership, Risk, Third parties

Beyond the firewall

Information governance focuses a lot of time and attention on internal compliance with law and company policy and the protection/security of corporate information.  One aspect of protecting/securing corporate information is to protect/secure it where it lives, which may not be just within the corporation.

“Firms Raise Hacking Defenses,” Wall Street Journal, October 27, 2014 B5. are looking at how one group of vendors control access and use of the bank’s information: the outside lawyers.

Do your vendors follow your information policies and record retention and disposal processes?  If you have litigation or an investigation, you likely have a duty to preserve and produce relevant information in the hands of your vendors.  Do you audit them, too?

Leave a comment

Filed under Board, Business Case, Compliance, Compliance, Compliance Verification, Controls, Governance, Information, Interconnections, Internal controls, IT, Management, Oversight, Privacy, Protect, Protect assets, Protect information assets, Records Management, Risk, Security, Third parties

Prodromes

A prodrome is an early warning sign of a disease or crisis, normally viewed after the fact.

Consider privacy laws, a bigger thing outside the US.  They may prevent the sharing of information with a third party.  What if what the third party doesn’t share turns out to be fairly important?

“Canada Privacy Law Curbed Intelligence Effort,” Wall Street Journal, October 25-26, 2014 A9. The guy who killed a Canadian soldier with his car earlier this week was on the Canadian watch list following attempts to travel to Syria to join the Islamic State fighting.  But Canada didn’t share that information with the US authorities.

In this case, no harm, no foul.  But might there be another case where a person on the Canadian watch list enters the US and does harm?  Would people in the US view that as a proper protection of that person’s privacy?  Would Canadians?

What impacts do the privacy restrictions on information sharing have outside their jurisdiction?  Do other controls, in place to protect against enumerated hazards, raise their own risks?

Leave a comment

Filed under Business Case, Communications, Controls, Data quality, Information, Internal controls, Privacy, Risk, Third parties, Use, Value

Bundling

How do you get people to download your data?  Offer to pay the cost of the download?

“Will Free Data Become The Next Free Shipping?” Wall Street Journal, October 24, 2014 B1. Websites offering to compensate users for the impact on their cell phone’s data cap, if they’ll view the promo videos on the website.  Hershey, Hotels.com, and StubHub experiment with the concept.

AT&T gets props for figuring out a way to monetize, letting companies pay for the cost of streaming the data their customers consume.  Sort of like a 1-800 number to place orders.  Will this become the norm?  Is it subject to abuse?

Would this help you reach customers you wouldn’t otherwise reach?  Is enabling customer access part of information governance?  Is information-without-access a tree falling in a forest, with no one listening?

Leave a comment

Filed under Business Case, Communications, Governance, Information, Interconnections, Internal controls, Investor relations, Risk, Value