Board IT Governance

Posted on May 31, 2012 by Gavin Keeley

Is it time to consider an IT for the non-IT director course in the same way we have a Finance for the non-finance directors course? When I did the Institute Of Directors’ Diploma in Company Direction course in the UK this was certainly part of the syllabus, however, it wasn’t that long ago that senior executives and directors would openly boast as to their ineptitude with IT, and it is within this corporate culture that many of the current executives and directors have been groomed.

The key IT governance points for directors, I believe, are risk and board performance. On the risk issue, directors carry heavy personal penalties for failing to adequately manage risk, up to and including imprisonment for serious breaches. Given that many companies today face a ‘failure of IT equals a failure of business equation’ the risk issue cannot be underplayed. This has both operational and strategic dimensions in so far as inappropriate disaster recovery capability can lead to a business being unable to conduct its business and I have personally witnessed a number of successful businesses that have folded when an ‘event’ has occurred. The strategic failures are more difficult to quantify but equally many examples abound of how a new entrant to an existing stable market has used a technology enabled new business model to disrupt and ultimately drive out existing encumbent players. These are both issues that must be diligently and routinely probed by the directors albeit probably through the auspices of the board risk subcommittee, and I personally support that the CIO/head of IT for the organization should regularly attend the risk subcommittee.

The risk issue plays directly to the second issue of board performance and the debate about the benefits of diversity. Many directors still have a legal or financial qualification as the ‘usual’ prerequisite to being appointed. However, notwithstanding the point that many IT people fail to understand the business context, in an IT is from Mars and The business is from Venus context, there is certainly a growing recognition of the essential need for some of the directors to have deep IT understanding in order that the operational executive can be appropriately held to account in the same way directors would routinely probe the validity of the company’s financial statements. There was an excellent article in the AFR last year that looked at the record amounts of money being invested in IT programmes in the big four banks and the experience and background of the directors of the respective organizations, which left the journalist asking the question as to whether shareholders interest were appropriately being managed given the potential inability of the director’s to sufficiently probe the effective performance of the largest capital expenditure programmes in those organizations.

So I see this issue as one of education I.e. firstly how to convince current boards that new members must be sought with this specific IT capability, and secondly how do you convinced IT people to get the broader skills required that they can be a competent director as opposed to a technical consultant. In both instances I see a role for professional bodies such as AICD and the ACS to potentially collaborate on this.

Unknown's avatar

About Gavin Keeley

I am an experienced technologist and business leader with a career spanning nearly 30 years in international consultancy and corporate roles across a diverse range of sectors. During the last decade I have had a number of Senior Executive roles, as Chief Information Officer or Chief Technology Officer, in large complex corporate and government environments, ranging in size from tens to thousands of IT personnel. During the 80’s and 90’s I founded and established a successful IT Consulting company, after an initial period learning my trade at a ‘big four’ consultancy. The company I founded became renowned, through white papers, trade articles and at conferences, for pioneering with emerging technologies at a portfolio of blue chip companies in Europe and the US. I was at the forefront of the wave of new technologies such as Decision Support and Executive Information in the 80’s and throughout the ‘90’s I was again early with internet and advanced networking technologies - including a number of ‘world first’ client implementations for, amongst others, Oracle and Microsoft More recently I was the first CTO for Aviva in the UK and implemented the world’s first “Pay As You Drive” capability for the Insurer. As Executive General Manager for Business Technology Solutions at Suncorp I was responsible for leading business innovation through technology, and as CTO at Hollard Insurance pioneered a new cloud based technology strategy for the insurer. I have qualifications in both Computing and Business, in addition to my professional teaching qualifications, and media training, that make me a capable communicator. I am a seasoned public speaker at industry conferences, plus a guest lecturer at a number of Universities and have published articles on my leading edge perspectives. I advise companies through the government Mentoring for Growth programme, sit on the boards of a number of Australian companies, and chair the Queensland Group X Digital Careers Program.
This entry was posted in Uncategorized. Bookmark the permalink.

Leave a comment