Category Archives: Interconnections

Tracking who sees what

“Goldman Employee Is Arrested,” The Wall Street Journal, June 1, 2018 B8. A banker now on leave from his job at Goldman Sachs charged with insider trading.  He allegedly accessed information about upcoming mergers and acquisitions and then traded stocks.

‘The bank’s internal records show he accessed information about the deals when he placed his trades….”

Your company no doubt tracks who accesses what information on your computer systems, right?  And connects the dots when you buy stock later?

Advertisements

Leave a comment

Filed under Access, Compliance, Compliance (General), Controls, Corporation, Duty, Employees, Governance, Information, Interconnections, Internal controls, IT, Oversight

Do your customers have an alternative?

What happens to your business if you or your customers can’t get to the Internet?

“Visa Hit by Outrage In Parts of Europe,” The Wall Street Journal, June 2, 2018 B12.  Users of Visa cards in Europe couldn’t use their cards on Friday as the result of a hardware failure.

Are you prepared for a hardware failure that prevents your customers from reaching you?  Is this an aspect of information governance?  Business continuity planning?  Both?

Leave a comment

Filed under Access, Business Continuity, Interconnections, IT, Operations, Risk

WWW

“New EU Rule Puts Scare Into Websites,” The Wall Street Journal, May 26, 2018 B4.  US websites block access by people in the EU to avoid breach of new GPDR.

This raises several interesting questions.

  1. What’s the risk that your website collects or stores information in violation of the General Data Protection Regulation?
  2. Is it better to cut off service to people in the EU rather than to take the risk that you don’t comply with EU privacy legislation?
  3. Will this open up a new market for Google-like and Facebook-like European competitors?
  4. How will the users in the EU react?
  5. Just how hard is it to comply with the GDPR?  You write a policy and take some internal steps to control your use of consumer information.
  6. Is this Y2K revisited?
  7. Is this Information, Governance, or Compliance?  A combination of some all of those?

Leave a comment

Filed under Access, Business Case, Compliance, Compliance (General), Controls, Corporation, Duty, Governance, Government, Interconnections, Internal controls, IT, New Implications, Oversight, Privacy, Protect assets, Risk, Technology

Programming flaw

If your business includes programming software to perform certain tasks, you no doubt have quality control processes.  Are those processes “information governance”?

“Software Flaw Trips Fiat Chrysler,” The Wall Street Journal, May 26, 2018 B1. Short circuit could prevent you from disengaging the cruise control. Results in recall of 5.3 million vehicle.

Cost of effective quality control: unknown.  Cost of a defect: priceless.

Are these people behind the design of driver-less cars?

Leave a comment

Filed under Accuracy, Controls, Definition, Governance, Information, Interconnections, Internal controls, IT, Oversight, Technology

It is indeed a world-wide web

“Tech Firms Update Privacy Protections,” The Wall Street Journal, May 8, 2018 B4.  Firms adjust their privacy policies to comply with European restrictions, even where the European restrictions don’t apply.

The US tried, with some success, to export the joys of ediscovery in litigation; Europe has successfully imposed/influenced privacy restrictions beyond their borders.

Is this just standardization for the convenience of the firms, or for the protection of their customers?  Does it matter?

Leave a comment

Filed under Access, Compliance, Compliance (General), Controls, Corporation, Duty, Duty of Care, Governance, Interconnections, IT, Oversight, Policy, Privacy, Protect assets, Supervision, Third parties

Can you censor?

“China Censors Spark Uproar In Quashing Student Activist,” The Wall Street Journal, April 25, 2018 A7.  Students make a request for open records from the Peking University about 20-year old rape allegations. The government rejects it. And then slams a student who circulated a letter telling her story through social media.  And that story circulates.

It sure is hard to put the genie back in the bottle after information gets to the Internet.  Are your controls adequate?  How do you enforce them?  Even if you have a command and control culture?

Leave a comment

Filed under Access, Compliance, Controls, Duty, Governance, Government, Interconnections, Internal controls, IT, Oversight, Third parties, Who is in charge?

Phone companies can’t conspire, can they?

“Probe Focuses on Cellphone IDs,” The Wall Street Journal, April 21, 2018 B1.  DOJ investigates.

Are phone companies (and a standard-setting company) conspiring to make it harder for you to keep your phone number if you change carriers?  Or are they trying to make phones smaller?

Is your phone number information?  If so, to whom does it belong?  Is this just about whether you have to remove the SIM card to change carriers?

Just asking.

Leave a comment

Filed under Access, Controls, Definition, Information, Interconnections, Internal controls, Ownership