Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

Learning From Disaster | Part Two - Transparently Obvious

Months before Enron declared bankruptcy an unidentified employee sent the company's top executive an unequivocal message.
Page:

"I am incredibly nervous that we will implode in a wave of accounting scandals," she wrote in a letter to Kenneth Lay, the corporation's chief executive officer. Congressional investigators looking into the company's collapse revealed the letter's existence in February. The letter, said one, is "breathtaking in detail".

While accountants used to be the eyes and ears of shareholders, some of the worst scandals of "The Year of Corporate Collapses" might have taken much longer to come to light without the efforts of concerned insiders capable of assessing the true financial health of the company and prepared to speak up about their fears.

As the stories behind the scandals unfold there is growing awareness that CIOs have a crucial role to play in enabling these honest whistleblowers. In the future, analysts say, a CIO's credibility will depend on their ability to help keep the organisation honest and accountable by providing the tools to make financial information as transparent as possible.

"The number of articles devoted to the Enron debacle during the past months has been enormous, but the impact on CIOs has been poorly addressed," Gartner notes in a report. "CIOs will be caught between trying to prove the value of IT and trying to boost their own credibility at a time when systems are becoming complex, chaotic and risky. A handful of CIOs will enjoy a rebirth of credibility during the post-Enron period as they concentrate on accessing, integrating and facilitating insight into information. Many other CIOs, however, remain so enmeshed in managing technology, rather than in managing information, that their credibility will suffer."

Gartner notes that although CIOs may not be discussing esoteric changes in accounting standards and reporting regulations post-Enron, CIOs will certainly be affected by the resulting changes. "They must prepare to be active players in facilitating financial reporting, defining financial governance, dispelling technology myths created by financial analysts and implementing government regulations. Although details have not gelled, enterprises will likely be expected to disclose information about financial results more frequently. Visionary CEOs and CFOs will start to make those changes ahead of any forced regulatory change as a way of rebuilding shareholder confidence."

With all too many executives having been investigated, fired, jailed or just deeply humiliated, and with untold employees still trying to pick up the pieces of the accounting scandals of recent times, the public debate has been largely comprised of questions. How did all this happen? What happened to the auditors who were supposed to be assuring corporate integrity? How can companies spend so much money on financial information systems and still not know their own organisation's financial health? Why weren't there more concerned employees ready to blow the whistle? And pertinently, why did those with the power to act ignore those with the power to warn?

CIOs should play a critical role in answering some of those questions.

Auditors can be deceived or corrupted, and too many companies have made a habit of overriding or ignoring internal controls such as multiple crosschecks or approvals of accounting data designed to preserve financial integrity. The financial press can only play a limited role in uncovering scandal, while markets can only assess information on the public record, meaning it can take a long time to detect aggressive or irregular accounting. That makes the CIO's role in providing good technology capable of making the financial health of the company fully transparent, along with the IT governance to keep IS efforts fully aligned, essential.

Page:

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

More about: ACT, Adaytum, BIAS, Billion, Deloitte Touche Tohmatsu, Deloitte Touche Tohmatsu, Enron, FedEx, Forrester Research, Gartner, HIS Limited, Meta Group, Metlife, Oracle, PeopleSoft, PLUS, SAP, Securities and Exchange Commission, WEBSTER

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the CIO comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Whitepapers
Latest Stories
Community Comments
Latest Blog Posts
Whitepapers
  • 10 Essential Steps to Email Security
    Modern business is reliant on email. All organisations using email need to answer the following questions: How do we control spam volumes without the risk of trapping a business email? How do we prevent infections from email-borne viruses? How do we stop leakage of confidential information? Can we detect and stop exploitation from phishing attacks? How do we control brand damage from occurring due to employee misuse? How do we prevent inappropriate content from being circulated?
    Learn more »
  • Delivering Tomorrow's Backup and Recovery Infrastructure
    The data protection market has changed considerably over the past decade. During this time, the market witnessed a fundamental shift away from relying solely on tape for backup and recovery to using disk-based backup solutions to address challenges including backup performance, reliability, and recovery time objectives. This paper highlights that firms evaluating next-generation data protection solutions must expect a greater degree of integration between the technology components in today's data protection path.
    Learn more »
  • Using Application Control to Reduce Risk with Endpoint Security
    Unwanted applications, like games, result in productivity loss. This is often the primary consideration when applying application control. But unauthorized applications also increase your company’s risks of malware infection and data loss. This paper details how endpoint security solutions that incorporate application control provide the most efficient, comprehensive defense against unauthorized applications.
    Learn more »
All whitepapers
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.
Recent comments