Please enable JavaScript.
Coggle requires JavaScript to display documents.
Governance of information - Coggle Diagram
Governance of information
The management of both information and knowledge can give competitive advantage and many organisations are increasing their focus on both areas
Boards are increasingly being expected to ensure that information and knowledge are managed effectively within their organisations and that they are protected.
Boards should ensure that policies on information disclosure are developed and enforced by the management within the organisation
The CEO is usually the person within management responsible for ensuring the adherence and compliance with this policy
An information disclosure policy should include the following
Objectives and principles of the disclsoure
The main objective of disclosure is to keep stakeholders informed about the company to enable them to make informed decisions when dealing with the company
Information should therefore be accurate, accessible, timely, complete, balanced between the positive and negative
Selected disclosure of information should be prohibited unless required by law
Auhtorised persons
The policy should set out who is authorised to disclose what information to which stakeholder group
Usually the CEO, CFO, investor relations office and CS will be authorised to make disclosures
To ensure uniform and consistent disclosures, it is important that these individuals co-oridnate the statements that they will be making to their audiences and this is often done either through disclosure committee or the board
Public information
The policy will usually set out what information about the company is in the public domain
This will include company documents such as the articles of association, annual reports and accounts, press releases, information on company's website, regulatory disclosures
Confidential information
The policy should set out what information should be kept confidential, eg trade secrets, who would normally be able to have access to that information and the steps taken to protect that information
Insider information
This is information that would, if disclosed, move the company's share price
The handling of this type of information would normally be set out in the policy
Managing insider information is a major part of the CS role. The following are some of the maters that the CS may consider when handling insider information
Confidentiality of board papers
Extra care should be taken when distributing paper board pakcages
This might mean using double envelopes, anti tear envelopes and hand delivery rather than email or courier
If the documents are made available electronically through a board portal, the CS should make sure the system is as secure as possible, eg by encrypting documents
Careful consideration may have to be given to securing the computers used to prepare the papers to be included in the package
If shared drives are used or computers are entworked, the CS should know who has access to these drives and networks
If a password is needed to access certain drives, th CS should know that usually the administrator of the system (often an IT person or sometimes an outsocurced person) can access the drive/folder
It has been known in highly sensitive transactions for the papers to be prepared and kept on an offsite server usually maintained by the company's law firm
Confidentiality of board discussions
Is the room in which the board is meeting soundproof?
Can anyone see into the room from outside? Especially if a PowerPoint presentation is made, will it be visible
Some listed companies even check for listening devices an coat windows so that no one can see in to ensure confidentiality
Insider lists
These lists are often required by regulators for listed companies, although they can be used by any company involved in a commercially sensitive project
To control the spread of confidential information, insider lists contain the names of people, internally and externally who are aware of the project
Only those on the list can discuss the project, if someone else needs to be consulted they have to be added to the list
The CS is often the holder of the insider list
The communication plan for the project
The CS may be asked on behalf of the board to work with management to produce a communication plan for the project
This will indicate who should be communicated to, how and when
If the company is listed or is a regulated business, then any regulations for communications should be reflected in the plan