Gartner has found that 91% of businesses embrace emerging technologies. But 70% of them fail due to ineffective project management and lack of board oversight, which is where a risk management board can play a crucial role. Additionally, 88% of organizations don’t have an IT governance board, a crucial element of sound IT decision making.
This time, you will learn about the role of board of directors in IT governance. Discover the IT board composition and responsibilities. Learn all about IT board meetings, including frequency and discussed topics.
Get a board meeting agenda template and discover more ways to enhance IT governance and board meetings. Keep reading to learn the best governance practices IT boards implement to overcome challenges.
Discover effective management tool for your board
Rely on our choice – iDeals BoardVisit Website
What is an IT governance board?
An IT governance board, often called an IT governance committee, is the division of a board of directors responsible for IT technology performance and economic and regulatory matters within the organization. Naturally, each organization has its own models of board governance.
A committee charter for the IT governance board oversees IT strategies, reviews IT operations, and advises the chief information officer (CIO) on the organization’s technology development.
Note: We have a detailed article on what is a committee charter and what it includes.
Why is an IT governance board important?
IT governance committee responsibilities center around IT policies, risk assessment, resource allocation, and strategic fit. The primary advantages of IT governance board lie in its ability to ensure the company has a competitive edge in the technology realm and makes wise IT decisions. It also protects technology systems from failure under substantial organizational change.
The following factors speak of a critical but overlooked demand for board-level IT governance:
- IT budget expenditures skyrocket. While Harvard Business Review says 2023 will be more reluctant toward IT evolution, global IT budget spending is still projected to reach $4.6 trillion.
- Corporate boards miss IT governance opportunities. McKinsey emphasizes that boards of directors often lack dedicated IT expertise to align technology decisions and frameworks with business goals and strategies. Only 12% of global fortune 500 companies have tech committees.
- Companies misuse IT technologies. Fivetran research has found that 80% of companies spend resources on irrelevant data for decision making. Low-quality technology resource planning leads to revenue losses in 41% of survey respondents.
- Businesses digitalize more than ever before. An industry research firm, IBISWorld, finds that 28% of businesses will be conducted online in 2023, which is a threefold increase since 2002.
Composition of IT governance board
Ofir Turel and Peng Liu, PhDs in Information Systems from California State University, have found that only 7.8% of companies have tech-savvy board members. These researchers suggest setting up an independent IT governance committee consisting of people with professional IT experience. It’s also wise to include at least one audit committee member with a technology background.
The IT oversight committee may have a couple of tech experts and board members with financial, legal, and other expertise.
As for an exact IT committee composition, there is no one-size-fits-all approach. One can leverage the experience of organizations with IT committees. Thus, the International Labor Organization (ILO) has the following IT governance team.
|Permanent members||Deputy Director-General (DDG) for Management & Reform.DDG’s Representative for Field Operations and Partnerships.DDG’s Representative for Policy.Financial Management Director.Information Technology and Management Director.Human Resource Development Director.Strategic Programming Director.|
|Observers||Director of Office of Legal ServicesDirector of Internal Audit and Oversight|
|Administrative support||Head of INFOTEC Project, Governance and Management Support Unit|
Meanwhile, Energy Action, an Australian energy procurement firm, has a much smaller IT committee:
- Chief Executive Officer
- Chief Financial Officer
- Business Operations Director
- Chief Information Officer
IT governance frameworks
Effective technology governance must follow well-defined guidelines.
An IT governance framework is a set of instructions for implementing IT governance structure within an organization.
Several IT governance frameworks have been developed based on decades of business activity. The most recognizable IT governance frameworks include the following.
|Framework name||Framework’s scope|
|ISO/IEC 38500:2015||It applies to current and future IT systems and targets executive management, auditors, internal and external IT experts, and higher executives.|
|COBIT (Control Objectives for Information Technologies)||It connects IT governance to enterprise risk management, internal controls, and other regulations and guidelines. COBIT targets IT professionals, managers with strong IT backgrounds, and auditors.|
|FAIR (Factor Analysis of Information Risk)||It provides guidelines for technology risks related to the use and implementation of IT systems. It targets cybersecurity experts and IT executives.|
|ITIL (IT Infrastructure Library)||It provides guidelines for managing an IT service throughout its lifecycle. It targets IT specialists, CIOs, IT directors, and business managers.|
|CMMI (The Capability Maturity Model Integration)||It provides guidelines for improving software service development processes and mitigating associated risks. It targets software developers, CIOs, IT experts, and managers.|
IT governance board responsibilities
BNY Mellion, McKinsey, ILO, and many other organizations outline the following role that the board of directors should play in IT governance:
- Approve IT strategies. The IT board identifies technological demands and opportunities and approves IT initiatives and software choices. It should review the latest technology trends, including machine learning, AI, cybersecurity, etc., to leverage competitive advantage.
- Oversee IT resources and financials. The IT board should revise technology investments and M&A deals and participate in related financial decisions. It should review the IT asset management strategy, inspect IT resources and approve software, hardware, and IT staff requests.
- Supervise IT frameworks and governance policies. The IT board should establish IT governance frameworks, assign responsible departments, and supervise technology reporting. It reviews core IT policies, including system access, device management (such as BYOD), maintenance rules, security, and safety practices.
- Manage risk and compliance. The IT board oversees technology risk frameworks defining security assessment tools, risk prevention policies, employee training, etc. The IT board approves risk treatment plans and compliance policies and consults senior management on data threats and security breaches.
IT governance board meetings
The technology committee should gather when IT is involved in the corporate strategy or on demand. It holds quarterly meetings based on the organization’s planning cycles or even monthly meetings. Here is an example of an IT board meeting agenda and business aspects under discussion:
- Call to order
- Approval of previous meeting minutes
- Approval of previous business matters
- CIO reporting:
- Current technology strategy and risk oversight
- IT metrics review
- Current IT budget review
- Advisor presentations:
- Latest tech trends review
- Cybersecurity risk framework assessment review
While ideally, IT board committees should meet regularly, they don’t attend meetings concurrently in 67% of organizations based on the Deloitte survey.
The National Institute of Standards and Technology states that boards need to pay more attention to team dynamics and support for less tech-savvy senior leaders, especially at a virtual board meeting.
Technology committees and management teams can improve attendance and overall board engagement by reimagining meeting agendas, as the National Council of Nonprofits suggests.
Specifically, boards can prepare agendas beforehand and use board meeting templates to boost engagement before and during the meetings.
|At Board-room.org, you can check the following meeting templates:|
Board resolution template
Board meeting agenda template
Board meeting minutes template
You can also significantly simplify IT governance by using a board portal as it enables interactive digital agendas, meeting minute builders, and meeting attendance tracking.
IT governance board challenges and best practices
IT governance remains a new subject for boards of directors, and they face previously unmet challenges. Discover the main challenges of IT governance boards and the best practices to overcome them.
Balancing IT investments and business strategies
PwC’s innovation benchmark report has found that 54% of executives fail to align innovation strategies with business objectives. While 61% of them are open to new tech, 72% say they can’t outrun competitors.
Scott Moody, the Vice President of Technology of Carousel Industries, says CIOs are often powerless when other departments want to enhance IT technologies despite limited budgets.
As investment strategies often fail due to an avalanche of ongoing issues, boards, committees, and managers must adapt strategies to respond to ongoing challenges.
✅ Best practices to solve the challenge: Board-room.org suggests enhancing board communications with the following approaches:
- The organization should establish an open uninterrupted communication line between board directors, board committees, and managers.
- IT boards can use board management software to ensure business continuity. A board portal provides a centralized executive communication hub for addressing ongoing challenges and communicating strategies in a paperless board meeting.
Managing conflict of interest
Any board director may have a conflict of interest (COI) at some point. For instance, an IT advisory expert favors an influential technology company because their family members work there. The conflict of interest is highly undesirable as it contradicts appropriate board governance duties.
✅ Best practices to solve the challenge: Board-room.org suggests establishing a conflict of interest policy and outlining the following aspects:
- Disclosure. Establish conflict of interest disclosure mechanisms, such as written disclosures and annual certification forms.
- Treatment. Define penalties for board members hiding any conflict of interest.
- Prevention. Implement annual board member declaration of affiliated businesses to recognize COI in advance.
Maintaining the right level of oversight
|“Boards expect CIOs to do more than provide operational excellence in managing risk and security.” Peggy Foran, chief governance officer, SVP, and corporate secretary of Prudential Financial Inc.|
Today’s IT governance board roles and responsibilities should focus on security, risk assessment, as well as innovation, and intensive growth.
These duties often fall under opposing business models. As a result, the IT board struggles to maintain the right level of oversight and balance innovation and risk prevention.
- Strategy — Growth, innovation, customer experience, ecosystem, and resource management.
- Performance — Financial performance, business operations, talent management.
- Risk — Disaster recovery, regulatory matters, disrupting technologies and security breaches.
IT governance and board of directors should go hand in hand for effective decision making. The IT governance board oversees IT strategies and ensures the organization’s core business systems align with its business objectives.
IT governance committees often struggle with balancing IT strategies and business goals due to a lack of communication. However, they can improve meeting agendas, use board meeting templates, and shift their communications to board management portals.
iDeals board portal is one of the top choices for IT governance among Board-room.org experts. It provides a robust combination of security, flexibility, and ease of use, while offering dedicated workflows to host IT documentation, communicate IT strategies, and arrange board meetings.
Time to use the modern board management software!
iDeals Board serves board of directors, committee members with a comprehensive suite for governance toolsVisit Website
What is an IT governance board?
An IT governance board is a board committee responsible for IT strategy oversight, technology systems, IT financing, and risk management within the organization.
Why do organizations implement IT governance infrastructures?
Organizations implement IT governance infrastructures to ensure their technology systems withstand repeated service interruptions and align with business objectives.
Who should be on an IT governance board?
An IT governance board should consist of a Chief Technology Officer (CTO), Chief Executive Officer (CEO), and independent directors with technology and cybersecurity expertise.