The board must be aware of technology risks and have a clear way to measure the benefits derived from technology.
This series explores how the board of directors can help the company leverage technology to create a differentiated customer experience and sustainable competitive advantage. That can only happen when there is a clear understanding of risks that exist in the current environment and transparency in how the impact of technology is measured.
Risks and Impact
Every company has risks associated with the current state of their technology and most boards are not aware of those risks.
Is your company dependent on old, home-grown systems? Do the interfaces with other systems periodically fail? Does the system crash? How much revenue would be at risk if a key system were down for a day or more?
Does your company measure cyber resilience? Are you protected against a ransomware attack? Is personal information about customers and employees encrypted?
Does your software development team reserve time to repay technical debt? Yes, shortcuts are taken to meet deadlines. If you accumulate enough of those shortcuts without repairing them, your systems become a house of cards. Is the board aware of the increasing technical debt and how it is being addressed, if at all?
Are security updates applied to servers and network equipment in a timely manner? Are employees educated and tested on email security and phishing attempts?
There are many more examples of technology risks that exist in most companies but are never reported. I don’t mean the minor risks. I mean the big ones that could pose an existential threat to the business or create a material disruption to revenue, cash flow, and reputation.
Boards typically don’t ask. And audits often don’t uncover or report many of these risks. And if the audit does report, CIOs are quite adept at downplaying the risk.
Boards need to do a little more digging to uncover the risks and their potential impact to protect the company and properly fulfill their fiduciary responsibility.
I’ve written and spoken quite a bit on measuring the value of IT. Can your CFO and board articulate the return on their IT investment?
Information Technology is an asset, and like any other significant asset, we must measure the return. Most executives and boards that I speak with don’t believe they can measure the return on their IT investment. Not only can they, but they must.
When I was CIO for a billion-dollar division of a Global 1000 company, my CFO certified that IT was putting approximately 14 million dollars a year on the bottom line. Stated differently, IT enabled the profit margin to improve by 1.4 points. When it came time for post-9/11 budget cuts, IT was exempted because we were the only ones improving the bottom line while our divisions struggled for revenue.
IT is a significant investment and the board must understand not only the risks but also the value being derived in return.
There is not enough space to go into all the details in this article, so feel free to contact us (see below) if you want more detail. Briefly, the five most important technology measures, and examples of metrics to use, are:
ONE: Customer Service
Expect IT to measure and report on customer satisfaction vs total cost of ownership and expect them to continuously improve satisfaction at a decreasing cost.
Cyber resilience can be measured by time to detect a threat and time to remediate one.
Service availability can be measured by uptime for critical services like email, networks, key systems, etc.
THREE: Software Development and Maintenance
IT should report the percent of projects completed on time, within scope, and on budget.
Ask IT to measure the cost per story point or function point (these are measures of work effort) and strive to deliver more features at a continuously decreasing cost.
Have IT report on the timing of error detection in the software lifecycle. Most errors should be found in unit testing where it’s least expensive to fix. If we get all the way to regression testing or deployment before we find an error, we spent a lot of money to get there, only to return to development.
Expect IT to report the reliability of production software based on availability and always drive to improve that number.
FOUR: Project ROI
Return on investment for business projects supported by IT is a critical measure and it forces us to hold business sponsors accountable for the results delivered after investing IT resources. Contact us for much more detail about this.
FIVE: Budget Compliance
IT adherence to operating and capital budgets should be a natural for every organization.
Coming up are Questions the Board Should Ask, and How the CIO Should Prepare for Board Meetings.
These articles are purposefully brief and aim to provide high level guidance and trigger ideas. As always, if you want more information or don’t want to wait for all the upcoming articles, email Emily Ford at Emily@WolffStrategy.com and she’ll set up a complimentary 30-minute consultation with me.
Larry Wolff is the founder & CEO of Wolff Strategy Partners, a boutique consulting firm specializing in Enterprise Strategy Management, Digital Transformation, IT Leadership, and Executive Coaching. Larry has served as CEO, COO, CIO, Chief Digital Officer, and management consultant for public, private, international, and emerging growth companies. His specialties include corporate and IT strategic planning, technology led business transformation, business and IT turnarounds, merger integration and large-scale project rescues. His methodologies span industries and scale to companies of all sizes.
Feature image by Elnur from 123rf.com.
Copyright © 2021 Wolff Strategy Partners, LLC