Monthly Archives: May 2018

Multiple policies

“Starbucks Takes as Break For Its Antibias Training,” The Wall Street Journal, May 30, 2018 B2. Starbuck’s shuts down for several hours to train its employees on what “bias” means.  Response to incident when two men were arrested for refusing to either buy something or leave the store.  Cost: $10 million and counting.

While some may view this as a large publicity stunt, or post-crisis communication/image repair, others may see it as a strong statement of what Starbuck’s culture is or will be.  Starbuck’s also changed its policy of not allowing non-customers to sit in its stores and use its restrooms.

What happens when you have one policy (no bias) that conflicts with another policy (restrooms for customers only)?  How are employees supposed to know which policy to follow?

Does your company have policies that conflict with one another?

Advertisements

Leave a comment

Filed under Board, Communications, Compliance, Compliance (General), Controls, Culture, Culture, Duty, Employees, Governance, Internal controls, Oversight, Policy

Risk and Developers

After Hurricane Harvey, Houston residents could be heard asking, “What building developer would decide to build houses in a flood plain?” “Why would a City Official push such a project?” “Who would buy a house there?” “How would they ever get insurance?”  Similar discussions in flood-prone areas in Florida.

“Homes Were Built Despite Documented Lava Threat,” The Wall Street Journal, May 29, 2018 A3.  Affordable homes were built in an area with a history of lava risk.

Did we have any controls in place?  How were these controls implemented?  How many of them failed?  Who is responsible/accountable?

Next thing you know, we’ll rebuild houses in the same site.  Somebody else will pay for it.

If you always do what you’ve always done, you will always get what you always got.

Leave a comment

Filed under Communications, Controls, Corporation, Duty, Duty of Care, Governance, Government, Oversight, Supervision

A Mayor’s challenge

“Probes, Cyberattack Distract Atlanta as It Pitches Amazon,” The Wall Street Journal, May 29, 2018 A3.  Investigations of former mayor and the aftermath of a ransomware attack hamper efforts to entice Amazon to the city.

Corporations should conduct structured risk assessments.  Do cities?

One assumes Atlanta has done a risk assessment and identified the risk of official misconduct.  Did it also capture the risk of a cyberattack?  Did the risk assessment suggest that if these risks occurred, Atlanta would lose the chance of phenomenal growth?

 

Leave a comment

Filed under Business Continuity, Communicate, Compliance, Compliance, Controls, Duty, Duty of Care, Governance, Government, Internal controls, IT, Management, Operations, Oversight, Protect assets, Risk assessment, Security, Third parties

Extra credit reading

Interesting Journal Report on health care technology.  Several articles on new uses of information, or uses of new information, in order to do everything from brain surgery to looking after aging parents.

Headlines:

  1. “Augmented Reality Gives Brain Surgeons a Better View,” The Wall Street Journal, May 29, 2018 R1.
  2. “AI Tools Help the Blind Tackle Everyday Tasks,” The Wall Street Journal, May 29, 2018 R4.
  3. “Robots and Chatbots Look After the Elderly,” The Wall Street Journal, May 29, 2018 R6.
  4. “Apps Promise to Help Avoid Pregnancy,” The Wall Street Journal, May 29, 2018 R7.
  5. “For Those With Dementia, an Assist From Technology,” The Wall Street Journal, May 29, 2018 R8.
  6. Doctors, Beware: You’re Being Watched,” The Wall Street Journal, May 29, 2018 R10.”

Interesting.

Leave a comment

Filed under Collect, Definition, Information, Operations, Use, Use, Value

Bait and switch?

You make some promises, or strong indications, to a star performer that he or she is so above average, next year you will get ___ a year early.  [Fill in the blank]

How do you handle a change in direction?

“Goldman’s Rising Stars Told to Hold,” The Wall Street Journal, May 26, 2018 B9.  Two years ago, a group of high-potential employees were told they were on the fast track and would get promoted before the rest of their class.  Now they are told there is no fast track this year.

How do you handle it when you have to tell your star performer that she/he’s not going to get what you told them they were going to get?  Have you just put your crown jewels into play?  How do you rebuild trust and confidence in your best and brightest?

Is this Information or Governance or just bad management?  Does it matter whether you told them in writing or not?  Is that a risk that was considered?

 

Leave a comment

Filed under Definition, Duty of Care, Governance, Information, Protect assets, Risk, Who is in charge?

WWW

“New EU Rule Puts Scare Into Websites,” The Wall Street Journal, May 26, 2018 B4.  US websites block access by people in the EU to avoid breach of new GPDR.

This raises several interesting questions.

  1. What’s the risk that your website collects or stores information in violation of the General Data Protection Regulation?
  2. Is it better to cut off service to people in the EU rather than to take the risk that you don’t comply with EU privacy legislation?
  3. Will this open up a new market for Google-like and Facebook-like European competitors?
  4. How will the users in the EU react?
  5. Just how hard is it to comply with the GDPR?  You write a policy and take some internal steps to control your use of consumer information.
  6. Is this Y2K revisited?
  7. Is this Information, Governance, or Compliance?  A combination of some all of those?

Leave a comment

Filed under Access, Business Case, Compliance, Compliance (General), Controls, Corporation, Duty, Governance, Government, Interconnections, Internal controls, IT, New Implications, Oversight, Privacy, Protect assets, Risk, Technology

Programming flaw

If your business includes programming software to perform certain tasks, you no doubt have quality control processes.  Are those processes “information governance”?

“Software Flaw Trips Fiat Chrysler,” The Wall Street Journal, May 26, 2018 B1. Short circuit could prevent you from disengaging the cruise control. Results in recall of 5.3 million vehicle.

Cost of effective quality control: unknown.  Cost of a defect: priceless.

Are these people behind the design of driver-less cars?

Leave a comment

Filed under Accuracy, Controls, Definition, Governance, Information, Interconnections, Internal controls, IT, Oversight, Technology