The Deloitte Centre for Corporate Governance released ‘The Tech-Intelligent Board: Priorities for Tech-Savvy Directors as they oversee IT Risk and Strategy’ report recently, which examines boards of directors’ roles in providing effective oversight of information technology (IT) and highlights key issues for boards to consider.
“In modern day corporations, technology is not only ingrained into everyday business operations; it is also a competitive differentiator,” says Adel Melek, Global Managing Director, Information & Technology Risk, Deloitte Touche Tohmatsu Limited (DTTL).
“As a result, boards’ responsibility for overseeing IT is magnified. However, our report highlights that while many directors would like to devote more time and attention to IT, they simply don’t know how.”
The numerous IT risks regarding the security and privacy of client data, safeguarding of intellectual property, and compliance with legal and regulatory requirements and international standards make the oversight of IT an imperative for boards.
“Directors have a multitude of reasons to get involved in IT oversight — not the least of which is the data that shows that organisations with boards who are actively involved in IT perform better financially,” said Dan Konigsburg, Director, Deloitte Global Centre for Corporate Governance, DTTL.
The good news is that directors do not need an intimate knowledge of every element of their organisation’s IT systems, but rather an understanding of IT as a business driver.”
The Tech-Intelligent Board report includes an examination of five critical IT-related issues for boards to consider:
Enabling IT to support the board
A host of technology tools are available to allow for greater board and committee effectiveness—fostering more frequent communication, allowing for ease of sharing documents and materials, and providing reports or analytics that can help boards gain insight into the organisation’s risk management process.
Taking a risk-intelligent approach to IT oversight
Most boards understand that there are risks associated with IT, but few appreciate the full spectrum of these risks. Board members need to assure themselves that they are not missing critical areas of oversight, that they are providing oversight at the appropriate level, and that management has workable plans in place to deal with various risk scenarios.
Aligning IT strategy to business strategies
Directors need to be involved in IT strategy at two levels: understanding the role that technology plays in enhancing the organisation’s ability to achieve its strategic objectives, as well as developing the IT strategy.
Ensuring major IT projects deliver on their investment
Boards need appropriate information to understand the financial, operational, risk, and reputational effects of an IT project on the organisation.
Administering IT education
When a director’s knowledge of IT increases, their comfort with using IT increases. This direct relationship is aided by providing education to the boardroom on a recurring basis.