Category Archives: Policy

Violating company policy

Who gets fired for violating company policy?  How often is it a senior executive?

“Visa Cites Behavior In Firing Executive,” The Wall Street Journal, December 4, 2017 B3.  We don’t know what the violation was.  Yet.  But he was a high-flyer, handling the Apple and PayPal partnerships.

Does this send a message to the rest of the organization?  Does it depend on the policy he violated?

Does your company publish information on how many people have been disciplined for violations?  If not, why not?

Advertisements

Leave a comment

Filed under Compliance, Compliance, Controls, Corporation, Duty, Employees, Governance, Internal controls, Management, Oversight, Policy

Nissan, too

“Nissan Report Faults Management,” The Wall Street Journal, November 18, 2017 B3. Factory workers falsified inspection data.  Nissan recalls 1.2 million vehicles.  Did management press too hard when setting targets?

Everyone on the manufacturing floor knew the inspections were being done by under-qualified workers, and hid it from the inspectors.  Management was clueless.  Practice was the norm for nearly 30 years.

Would your culture allow this to happen in your company?

Leave a comment

Filed under Accuracy, Compliance, Compliance, Controls, Corporation, Culture, Data quality, Directors, Duty, Duty of Care, Employees, Governance, Internal controls, Management, Oversight, Policy, Protect assets, To report

King Canute revisited

“Afghanistan Orders WhatsApp Blocked,” The Wall Street Journal, November 4, 2017 A9.  Some providers don’t comply.

King Canute ordered the tides to recede.  With limited success.  Does your company issue policies that just won’t work?  What does it say about the person issuing the policies and what does it say about your company’s culture?  What about how well the company’s other policies will be adhered to?

Internet neutrality – is the power to regulate (and tax) the power to prohibit?  Whether exercised or not?

 

Leave a comment

Filed under Access, Compliance, Controls, Governance, Interconnections, IT, Policy

Kobe (2)

“Kobe Steel Discloses More Reporting,” The Wall Street Journal, October 14, 2017 B3. Falsification of quality documents is much more prevalent than first reported at Kobe Steel.  Twice the number of customers now involved.  500.

Once you find a rotten apple, one can make certain assumptions about the rest of that barrel.  It’s a culture issue, at its core.

Leave a comment

Filed under Accuracy, Board, Compliance, Compliance, Compliance Verification, Controls, Corporation, Culture, Culture, Data quality, Definition, Directors, Duty, Duty of Care, Employees, Governance, Information, Internal controls, Oversight, Oversight, Policy, Protect assets, Protect information assets, Third parties

A top goal?

“CEOs Make Protecting Data a Top Goal,” The Wall Street Journal, October 13, 2017 B4.  Unfortunately, the focus is on cyber-security rather than the broader information risk profile.  While this affect CEOs’ email habits, as they are phishing targets?

While this is a start, do CEOs really understand how much their company’s proprietary information is worth?  Or their duty to protect the company’s assets (people, physical equipment, cash, and information)?  Why not?

And where are the boards?  Don’t they have an overarching duty to oversee the major risks the company is facing and to make sure there’s an effective program in place to address?

I hear the violin.  Is Rome burning?

Leave a comment

Filed under Access, Board, Compliance, Compliance, Compliance Verification, Controls, Corporation, Culture, Directors, Duty, Duty of Care, Employees, Governance, Information, Internal controls, IT, Managers, Oversight, Oversight, Ownership, Policy, Protect assets, Protect information assets, Security, Value

Disclosure

“A Hot Startup Misled Advertisers,” The Wall Street Journal, October 13, 2017 A1.  Outcome Health apparently misled advertisers as to how many units their ads were appearing on.  The investigation continues.

How would your employees react if ask to provide inflated numbers to potential customers?  How would your investors react after a story appears on page one, above the fold?  Probably reflects in the valuation of the company.  And what about your company’s extensive political contacts?

Leave a comment

Filed under Accuracy, Board, Communicate, Compliance, Compliance, Compliance, Compliance Verification, Controls, Corporation, Culture, Culture, Data quality, Directors, Duty, Duty of Care, Employees, Governance, Inform market, Inform shareholders, Information, Internal controls, Investor relations, Managers, Oversight, Oversight, Policy, Protect assets, Protect information assets, Use, Value

Electrical banana (reprise)

Slack is a new communications software in use in many companies.  Do your policies deal with the implications of the use and misuse of yet another new technology?  How will you handle this when litigation comes in?

“Tips to Tighten Slack Users’ Skills,” The Wall Street Journal, October 12, 2017 B4.

Leave a comment

Filed under Access, Communications, Compliance, Content, Controls, Corporation, Discovery, Duty, Duty of Care, Employees, Governance, Information, Interconnections, Internal controls, IT, Legal, New Implications, Oversight, Policy, Protect assets, Security