Boards of directors increasingly are turning their attention toward IT. And while board-level oversight can be scary, evidence is mounting that CIOs, their departments and their enterprises can - and should - thrive in the spotlight.
Bill Farrow remembers the time when his company's board of directors first realized just how critical technology - especially robust, redundant technology - was to the success of their organization, the Chicago Board of Trade. It was in April 2003 (Farrow can't recall the exact day), and the futures and options exchange had been hit by a message storm: an influx of computer impulses that suck up computing power and preclude servers from finding available capacity for processing all the messages. Farrow's staff had been monitoring the performance of the servers and feared they might become overloaded and crash. The IT staff brought the trading system down for a few minutes until they could clear the queues of messages. Within 20 minutes, the system was back up. By acting quickly, IT staved off catastrophe. The servers didn't crash; no trades were lost.
Farrow, who is executive vice president in charge of IT, says his board thanked him for catching the problem before the systems crashed. And when he proposed a new trading platform to ensure that such a close call never happened again, the board members didn't baulk. They quickly approved the new infrastructure, even though it would cost tens of millions of dollars.
Corporate boards are increasingly aware of how dependent their companies have become on IT, and they are paying closer attention than ever before to its workings, even more so than they did during Y2K, according to Richard Nolan, a business professor at the University of Washington. At the same time, computer crashes, denial-of-service attacks and the need to automate compliance with new government regulations have heightened their sensitivity to IT risk and the need for board-level scrutiny. "There are so many opportunities where things can go wrong for CIOs," says Bob Weir, CIO of Northeastern University in Boston. As if managing a company's central nervous system wasn't enough responsibility, CIOs have become stewards for an enterprise's information assets and, in some cases, for as much as 60 percent of its capital spend, according to Nolan.
In recognition of that, a handful of companies - including FedEx, Procter & Gamble and A&P - have established subcommittees of their boards devoted to overseeing business-critical IT projects, new technologies and internal controls. And even those boards that don't yet have a subcommittee devoted to IT are more closely scrutinizing its operation through other committees.
The trend toward board-level IT oversight may sound threatening to CIOs, especially since it's largely being driven by negatives such as risks and regulation. And it is true that since the majority of corporate directors are current or former CEOs and financial types, they don't always know a great deal about the costs, risks and benefits of implementing technology. Therefore, some board members may lack the qualifications to ask the right questions about IT. In some situations, they might focus too heavily on cost issues and not be able to help their CIO evaluate, say, whether he or she has a sound program in place for training sales staff on a new CRM tool to ensure that the deployment doesn't tank.
Yet, many IT executives are discovering that board scrutiny can be of benefit to them. CIOs whose boards pay attention to IT say it gives them greater visibility within the enterprise, puts IT on a level playing field with other functions represented by board-level committees - such as finance and HR - and provides support for evaluating projects, risks and investments. CIOs such as DTE Energy's Lynne Ellyn and FedEx's Rob Carter say executives who don't have such board-level attention should push for it, either through the audit committee or through a separate IT oversight committee.
"There's a lot of wisdom in the boardroom," Ellyn says. "Being able to get advice from board members on how to manage consultants and how to do the cultural change pieces of a big project is invaluable."
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.