Opinion

Time for an Integrity Gut-Check

Too many leaders have forgotten the basics. Just look at the fallout over predating stock options and the investigations scandal at HP

By Bob Bragdon, Publisher, CSO

November 01, 2006 — CSO —

Too many leaders have forgotten the basics of corporate integrity. The fallout over predating stock options and the investigations scandal at Hewlett-Packard are prime examples of this. I would wager that much of what HP did during the course of its investigations into news leaks from its board of directors is not that different from what many other corporations have done in the past.

Protecting your organization's intellectual property, and that includes deliberations from board meetings, is an area of primary concern for any business. The board of directors must be able to operate in an environment in which it can be a forum for frank and open discussions about the operations of the business, without concern that those same deliberations will be on the front page of tomorrow's Wall Street Journal. I find it completely understandable that any board would undertake an aggressive campaign to unmask the sources of such leaks.

That being said, shouldn't common sense play a role here?

In the HP example, it appears that the executives and board members involved with the investigations sought, and received, legal advice to make sure that their actions were on the up-and-up. When you ask your attorneys for advice and they tell you you're OK, you really should be able to rely upon that guidance. That's part of the equation, but not all. The missing step in this process is the commonsense part, the integrity gut-check questions that ask, How does this look from the outside? How does this look to investors and customers? Or, put another way: How would this story look if it were to appear on the front page of the newspaper? In HP's case the answer is pretty clear regardless of the legality or motivations of their actions: It doesn't look very good at all.

We can get into a discussion of whether the use of pretexting is illegal. Legal experts I have spoken with say it depends. In this case the California attorney general charged that the use of pretexting was an action that allegedly led to the violation of state privacy laws. So, some would say, it wasn't pretexting per se that got HP into hot water.

But in the caustic climate in which businesses must operate today—an environment in which executives must anticipate criticisms against their business that are not related to bottom-line performance—everything needs to pass through an integrity gut-check, to evaluate potential risks.

Ultimately the issue at hand is a matter of leadership. In the often confusing world of risk management, a business must rely upon individuals who may or may not be equipped to address these issues. An investigations professional uses pretexting as a tool to discover important information. An information security professional uses "ethical hackers" to look for IT infrastructure weaknesses. A business executive backdates stock options. All of these, at a point in time, appear to be reasonable actions when you're sitting on the inside looking out. But what does it look like from the outside looking in?