"ISS believes that in light of the company's significant exposure to customer credit card information and online retailing, these committees should have been aware of, and more closely monitoring, the possibility of theft of sensitive information, especially since it involves shoppers and the communities in which the company operates, as well as the overall impact on brand reputation and brand value," the report says.
In a statement, Target said the board views risk oversight a "full board responsibility" and said it had been among the "best-in-class within the retail industry, having made "significant" data security investments.
"As one would expect, following the criminal attack that resulted in the data breach, the board is re-examining the entire risk oversight structure, including senior management roles and reporting structures, as well as Board oversight," the company said.
In December, Target disclosed that its point-of-sale systems had been compromised by cyberthieves who gained access to the personal and financial information of tens of millions of customers. The breach triggered several congressional hearings and a blistering
Amid the fallout from the breach, Target's chief information officer,
But ISS noted that there were questions about the adequacy of Jacob's credentials to be the chief information officer. It noted that her public biography listed previous roles such as head of guest operations. DeRodes, by comparison, has a deep background in information technology and data security, it said.
Target is still looking for a new chief security officer and chief compliance officer, in addition to a new chief executive since the board fired
But ISS said these actions by the board seem to be "largely reactionary in nature." It noted that Target's stock has fallen about 11 percent -- or a
"For shareholders who have seen the value of their investment decline by over 10 percent, this might appear to be a case of 'too little too late,' " ISS said. "The addition of these 'new' positions raises serious concern about how Target could have been running a business of its size and complexity without these permanent roles."
Among those ISS recommends voting against is interim board chairwoman
It recommended a yes vote on
The report also recommended a yes vote on a shareholder proposal to have an independent chairman. Previously, the CEO also served as chairperson of the board.
In its statement, Target said the board prefers to have flexibility to determine which leadership structure best serves the interests of Target based on the circumstance.
"The board believes there are many strong governance practices in place at Target that balance any risk of concentration of authority that may exist with a combined chair/CEO position, including the requirement to have an independent lead director in those situations."
The company added that the board has not made a decision yet whether it will continue with an independent chair and will re-assess its leadership structure once a new CEO is announced.
(c)2014 the Star Tribune (Minneapolis)
Visit the Star Tribune (Minneapolis) at www.startribune.com
Distributed by MCT Information Services