Doug Laney has done a lot of good stuff on infonomics, and the value of information. But can information have a negative value?
“FBI Didn’t Follow Up Tip By Person Close to Shooter,” The Wall Street Journal, February 17, 2018 A1. FBI got a tip on January 5 about the person who ended up shooting up the school at Parkland on February 14. Failed to act on it. Seventeen people died.
Do you have a duty to use information you have? What if you have important information and you don’t use it, or can’t use it because you can’t find it? Is that a liability (i.e., a “negative asset”)?
Do your internal controls make sure that critical information gets to the decision makers promptly? If not, who’s responsible?
Look at the past year or two in industry and you will find several examples of the cost of not having important information reach the right people at the right time. For example, Wells Fargo management didn’t learn of the account cramming until months or years later. The Board at GE didn’t know about the two-plane approach the CEO was using.
Which is worse, knowing or not knowing? Don’t know, but certainly knowing and not doing anything is the most expensive.
Filed under Access, Controls, Corporation, Directors, Duty, Duty of Care, Employees, Governance, Government, Information, Internal controls, Oversight, To report, Value
The quality of information is largely based on its accuracy. Excluding others from using that information can also be valuable, such as trade secrets, patents, or copyrights. An additional factor is the information’s timeliness: getting information before someone else allows you to use that information first. Even fractions of a second can matter.
“CME Defect Aids Speedy Traders,” The Wall Street Journal, February 13, 2018, B1. Five years ago, some high-frequency traders took advantage of the small time gap between (a) when they received confirmation of trades and (b) when those trades were reported to the market. Based on this information, they deduced the direction of market movements and sold or bought, as appropriate, before that information was in the market. The exchange fixed this. Sort of, as the problem has reappeared, albeit much smaller. But microseconds matter, when it’s the computers that are doing the trading.
What’s the point? Well, what information would you pay more for to get it sooner? Do you rely on getting information at the same time as (or before) your competitors, allowing you to use your superior skill, foresight, and industry to profit from it?
“Uber Settles Trade-Secrets Case,” The Wall Street Journal, February 10, 2018 B1. Uber pays more than $240 million to settle case, and agrees not to use certain technology on self-driving cars, allegedly belonging to Waymo. The agreement not to use was worth perhaps $250 million.
How does your company make sure it isn’t using a third party’s intellectual property without permission? Is this an important part of your compliance program? How does your company manage its acquisitions of new companies, some of whom (or their employees) may not have been as diligent in avoiding trade secret theft?
How can you prevent people from bringing information that you do not want into your company? What are your processes?
Filed under Board, Compliance, Controls, Corporation, Duty, Duty of Care, Employees, Governance, Information, Internal controls, Oversight, Ownership, Ownership, Policy, Protect assets, Protect information assets, Supervision, Third parties, Value, Vendors
What if you get information from an unexpected source? What’s that worth?
“Stanford’s Aid Whistleblower,” The Wall Street Journal, February 1, 2018 B5. A second-year MBA student does a study of scholarship decisions and blows the whistle on his own school. Based on information found on a shared drive.
The information is there. Are you aware what it says? What’s it worth to have that analysis before someone else does it? Is this something that Stanford wished wasn’t found, eight years later, on a shared drive?
Is this post about the value of information or the value of managing who gets access to what? Or something else?
Filed under Access, Controls, Duty, Duty of Care, Governance, Information, Interconnections, Internal controls, IT, Protect assets, Security, Value
“U.S. Probes Supplier to VW,” The Wall Street Journal, February 1, 2018 B2. Engineering firm under criminal investigation for alleging helping VW cook the emissions tests – altering the nature of the information provided to the government. See also, “Robert Bosch Workers Face Probe,” The Wall Street Journal, February 1, 2018 B3. (Similar allegations, but involving Chrysler).
Are you concerned about your vendors? Do you make sure they comply with law? Do you appreciate the data that confirms your own compliance? What’s it worth to have that data be accurate?
Were this a blog about Crisis Management and Emergency Response, there would be an entry here about what you should do when you hear that someone else in your industry has been doing something bad.
Filed under Accuracy, Board, Compliance, Compliance, Compliance Verification, Controls, Corporation, Data quality, Definition, Directors, Duty, Duty of Care, Employees, Governance, Information, Internal controls, Oversight, Oversight, Protect assets, Protect information assets, Third parties, Value, Vendors
“Cryptocurrency Exchange to Pay Back Customers,” The Wall Street Journal, January 29, 2018 B4. Company to pay customers back $426 million after hack of cryptocurrency.
What is cryptocurrency except information that people agree has a certain value? If that information is hacked, isn’t it the same as a theft of a client account?
No Christmas bonus for you, I guess.
Filed under Board, Controls, Corporation, Definition, Duty, Governance, Information, Internal controls, Protect assets, Protect information assets, Security, Value
You discover a product flaw. One of the first things on your crises management list of things to do is notify your biggest (or best) customers.
“Intel Told China of Flaw Before U.S.,” The Wall Street Journal, January 29, 2018 A1. Intel tells its Chinese customers of a security flaw in Intel chips before telling the US government. Flaws discovered in June 2017. Not disclosed to the market until after a website in the UK reports on them in January 2018.
Who thought waiting to tell the US government was a good idea? Where are they now and what are they doing (and for whom)?
Getting information early increases the value of that information to you. Six months? What happened in the meantime? What did the Board know? Did they approve the communications plan?
Filed under Board, Communications, Corporation, Directors, Duty, Duty of Care, Governance, Inform market, Information, Oversight, Security, To report, Value