Category Archives: Uncategorized

Departure – Wells Fargo

For those of you who want a fuller history of the Wells Fargo case(s), here’s a link to a solid piece from the D&O Diary.



Leave a comment

Filed under Uncategorized


A small promotional message.  I was honored to provide a presentation at the ARMA Spring Conference in Houston yesterday.  The title of the presentation was “Headlines: A Year’s Worth of Information Governance Failures.”

The presentation described the top seven IG failures since April 25, 2017, and then discussed other headlines that fell into a number of buckets.  The source materials were the headlines from this blog in the last year, pulled from the Archives.

If you want to see and hear a rough draft of the presentation, or to just see the slides, go to


Leave a comment

Filed under Uncategorized

Google this

“Google’s Practices Threaten Privacy, Too,” The Wall Street Journal, April 23, 2018 B1. Google’s practices may expose more information related to you.

What is you information worth to you?  What is it worth to someone else?  Who profits? What controls are in place and how effective are they?

Do you read their policies?  Do you care?

Leave a comment

Filed under Access, Analytics, Controls, Information, Ownership, Privacy, Third parties, Uncategorized, Value

Routine teaching case

“Insider Trade Alleged After Equifax Breach,” The Wall Street Journal, March 15, 2018 B1.  The CIO of an Equifax unit indicted for insider trading after learning of the Equifax hack, but before that information was disclosed.  Sold nearly $1 million in stock 10 days before the disclosure.

This reminds me of the lawyer who approved the sale by some Equifax execs of some stock after the breach but before disclosure.  See post here.  Those executives have since been cleared, as they didn’t know of the breach at the time of the sale.

The company said it had cooperated in the investigation (no doubt having re-read a copy of the Yates memo).  The defendant had been promoted to be Equifax’s CIO before the trading was discovered, at which time the offer was “rescinded.”  He hadn’t been told about the breach, but figured it out.  Avoided $117,000 in losses.  But not getting fired and indicted.


Leave a comment

Filed under Access, Compliance, Controls, Duty, Employees, Governance, Internal controls, IT, Oversight, Security, Uncategorized

MetLife, continued

“MetLife Pension-Benefits Executive to Retire,” The Wall Street Journal, February 27, 2018 B10.  Senior executive in charge of the unit that misplaced 13,500 retirees retires.

The cost of not using information.

See prior study.

Leave a comment

Filed under Uncategorized

Shaking up GE

GE has had a tough year.  Or two.  So it’s making major changes in the Board.

“Embattled GE Reshapes Board,” The Wall Street Journal, February 27, 2018 B1. Several directors removed after stock dropped 45% in 2017.  Eight directors retiring.

This this a reaction of their failure to govern?  Or just a reaction to bad results?  Will the new board act differently?  Are the shareholders better protected?  Or there cultural problems to be addressed, so the CEO doesn’t fly two jets?


Leave a comment

Filed under Board, Corporation, Directors, Duty, Oversight, Shareholders, Uncategorized

What’s it worth?

“Wall Street Takes Aim At Market-Data Sales,” The Wall Street Journal, December 7, 2017 B1.  Banks and trading firms want the SEC to limit the amount that stock exchanges can charge for selling market data.

Apparently, capitalism is a one-way street.  Or not.  And market data has a large value.

Leave a comment

Filed under Information, Uncategorized, Value