You are here

IT Governance: The Management and Control of Information Technology and Information Integrity

27 August, 2015 - 13:02

At 8:46 A.M. on September 11, 2001, American Airlines Flight 11 crashed into the north tower of the World Trade Center (WTC) in New York City. A short time later, at 9:02 A.M., United Airlines Flight 175 crashed into the south tower of the World Trade Center. Two other flights were hijacked that day and crashed; American Airlines Flight 77 crashed into the Pentagon near Washington, DC, and United Airlines Flight 93 exploded in a field 80 miles southeast of Pittsburgh. By the end of the next day it was believed that over 6,000 lives had been lost (this number started at over 10,000 and was later revised to less than 3,000) and several buildings in or near the sixteen-acre WTC complex had collapsed or had been severally damaged. Those buildings included: WTC buildings One and Two (the north and south towers), WTC buildings Three through Six, 3 World Financial Center, The Millennium Hotel, and 1 Liberty Plaza. Incredible human suffering, as well as numerous acts of kindness and bravery, resulted from this tragedy. The day-to-day lives of individuals, governments, and businesses were also affected in many predictable and some unforeseen ways.

In the aftermath of this tragedy airlines did not fly for several days, Wall Street trading was suspended for the remainder of the week, and hundreds of businesses located in and around the WTC struggled to resume anything that might resemble normal operations. To do so, these businesses needed to replace infrastructure such as offices, phones, computers, and data. At the same time, they needed to locate their personnel and put them back to work using new facilities. Companies and individuals throughout the world were also affected. For example, supply chains that depended on the airlines were disrupted, as were organizations with operations, communications, or technology infrastructures that had been in or around the WTC. These recovery activities tested, under the most extreme circumstances, organizations’ business continuity and contingency plans.

At almost the same time, events were unfolding in the fall of 2001 at Enron Corporation in Houston, Texas. These events, while not resulting in the same loss of lives and physical destruction as the events of September 11, would affect the lives of thousands and would have ramifications that would ripple throughout the world economy. Enron started the year 2001 as the seventh largest (in revenues) U.S. corporation, with a market value of $80 billion. During the course of the fall of 2001 it became known that Enron had overstated profits by $600 million over the previous four years. In November Enron issued revised financial statements to reflect correct numbers. On December 2, 2001, Enron declared bankruptcy, the largest U.S. bankruptcy claim in history.

Enron stockholders lost $80 billion in investments. Employees and retirees, whose 401(k) plans contained Enron stock, experienced disproportionate losses. Enron management, while encouraging the general public and Enron employees to purchase Enron stock, had divested themselves of hundreds of millions of dollars of the soon-to-be worthless stock. To inflate its earnings, Enron had engaged in business transactions with partnerships controlled by its own officers and had concealed the true nature of these partnerships.

In January of 2002 we learned more about the scope of this legal and ethical scandal. After the problems at Enron surfaced, documents were shredded at Enron and at the offices of Enron’s auditors, Arthur Andersen. Enron V-P Sherron Watkins revealed a memo that she had sent to Enron CEO Kenneth Lay warning that accounting scandals might cause the downfall of Enron. As a result Enron became the target of Justice Department criminal probes, congressional and SEC investigations, and shareholder lawsuits.