Do What I Say - Not as I Do

Once upon a time, a catastrophe claimed the reputations of several, very large companies, that, in their arrogance, jettisoned all reasonable standards of common sense and corporate governance simultaneously. These were global brands which failed to realise, as have most other companies, that the critical elements of the business process in the 21st century demands a fresh perspective, a paradigm shift of kinds, involving matters of reputation and risk.

Time for a new acronym perhaps, as if we didn’t have enough already. On this occasion, though, it reflects a new business science, one that can take a number of different but related areas, such as information security and ethics and brand management and subject them to what I call ‘Corporate Integrity Analysis & Management’ (CIAM).

Enron, Merrill Lynch, Xerox, Computer Associates, Bank of Ireland, The Department of Transport, Norwich Union, Ford. The real list is even longer but each name reflects a story, which has had an adverse impact on the company or department involved and which, in most, if not all cases, is related to a technology, it’s management and potentially, the absence of appropriate controls involving internal regulation or policy.

Companies today are more than ever before defined by their brand; McDonalds and Nike to name but two. In a wired-society, both the value and public confidence in a brand that has been built-up over decades can be destroyed in a matter of hours, either through a single malicious act or through the activities of an individual or group of employees. I would argue that in attempting to protect their brands and the business upon which it is based, companies today are failing to see the wood for the so-called trees. Where the arrival of new technology and the Internet may act as a powerful facilitator, it also presents the greatest danger to any Enterprise. This isn’t anything new, we all know the risks, both internal and external, There’s hacking and viruses. There’s the ever-present danger of loose and irresponsible email. The liability risk surrounding inappropriate content and there are questions of ethics and corporate responsibility and much more besides.

When a brand is compromised, the responsibility will invariably fall at the feet of the CEO, particularly when the value of the stock collapses around his ears, as in the case of eBay when it was hacked by a seventeen year old. Invariably however, the problem arises because a vital element of the company’s virtual infrastructure has been delegated down the chain of command. This was true when I asked Jeff Bezos of Amazon two years ago if he was confident that Amazon was secure. From his perspective, this wasn’t a business issue but it quickly became one when the site was attacked not long after.

It’s time; I believe that business took a more holistic view of the connection between risk and reputation. It’s no longer sufficient to place anti-virus in one box, corporate liability in a second and business ethics in a third. We need a better way of assembling the many different pieces of the puzzle into a single picture that better describes the many new risks to business and which can be more easily managed from the top of the Enterprise. Perhaps CIAM is one name for it but perhaps you can suggest another?


Popular posts from this blog

Civilisational Data Mining

The Nature of Nurture?