What Questions the Board Should Ask Of IT


Board AgendaMost reports to board about the performance of Information Technology group’s performance relate to costs related metrics such as headcounts and expenses. But as the world is changing, topics such as digital business models, process automation and changing skill mix needed to support organisation’s aspirations are becoming more relevant to organisations success. How IT manages the integration of new technologies can help determine the success of the digital strategy. Hence, just relying on the cost related metrics does not provide a reliable indicator of IT performance. Continue reading “What Questions the Board Should Ask Of IT”

Enhancing Board’s Technology Agenda

Board AgendaTechnology is becoming increasingly important to businesses. Businesses depend on technology not just for process automation or ERP (Enterprise Resource Planning). Increasingly, technology is providing new operational capabilities, opening up new markets, and providing opportunities to gain better customer insights. It is fair to say that technology is now integrated in the way businesses work. Understanding the implications of technology trends has become critical for the future success and survival of businesses. Continue reading “Enhancing Board’s Technology Agenda”

Can CIOs avoid politics?

Typical CIO Attitudes to Politics

Many CIOs are scared of organisational politics and think it is a dirty business. Often CIOs come from a technology background and technical expertise is their forte. Politics, and wheeling and dealing are not their comfort zone. They focus their energy on finding the best technology solutions for the business’s problems. The CIO’s daily battles are about up-time  service delivery, and project delivery. They shy away from business level politics wherever they can. Many CIOs see politics as a ‘necessary evil’ or some sort of ‘game’ to play. Those who tend to look at politics in this way tend not to be very good at dealing with company politics. Continue reading “Can CIOs avoid politics?”

What Makes an IT Strategy Good or Bad?

Most CIOs would claim to have an IT strategy, but what makes some IT strategies ‘good’ and others ‘bad’? Recently there was a discussion on LinkedIn on this topic. Here are some noteworthy comments from that discussion about what makes a good IT strategy.

‘A great IT strategy that sits on the shelf is useless, and a bad IT strategy that gets executed can be even more harmful.’ Continue reading “What Makes an IT Strategy Good or Bad?”

IT Leaders Guide for Making Effective Board Presentations

For any company executive, fronting up to a board meeting and presenting is a daunting challenge. You work hard all year but the board sees you only a couple of times during that time. You have to package everything you do in a brief presentation. CIOs have an additional challenge. Boards are rarely interested in technology. They don’t understand the jargon.

If you don’t present well or fail to engage the board, it does not matter how efficient you are or how good your proposal is. Worse, a poor impression may even derail a career. In such an environment engaging effectively with boards, making good impressions and getting that funding request approved can be a major challenge.
Over my career, I had to present to the boards several times in different companies. This article, based on my experience and that of colleagues, aims to offer guidance to CIOs and other IT executives who want to win the board game.

Role of the board of directors

Before starting to put together a board presentation, it is important to understand the role of company board of directors. The board chooses the chief executive and approves the appointment of senior executives. The board’s role is to direct and control the company. The board must understand how proposed actions will impact the company’s performance.  Direction setting includes overseeing strategic planning and major decisions. The control function requires that the board watch the company activities, systematically managing risks and compliance.

In short, the board is focused strategic planning, major decisions, performance monitoring, risk management and senior management capability.  Typically, the boards don’t get involved in the details of execution, which is the responsibility of the CEO. Hence the board has to be satisfied with the ability of the CEO and his leadership team.
Every interaction with the board is an opportunity to show that you are a capable business leader; they can trust your judgement and have confidence in your ability to lead and execute. If the board trusts your business judgement, you will have greater influence and your recommendations will be viewed favorably  It’s an opportunity to shine but there is also the real risk of revealing your weaknesses. This just emphasises the importance of the interaction. The challenge becomes even more acute as a typical IT executive may only get one or two opportunities to get in front of the board. Typically board presentations are only 15 to 30 minutes or less. As a result, it is vitally important to get it right.
Board presentations fall into three categories.

  1. First is the ‘state-of-the-union’. Here an executive is giving an annual update for the business unit.
  2. Second is a ‘request for approval’ for a new project or initiative.
  3. Third is the ‘please explain’. The board wants more information on an issue / risk or event that could impact on business performance.

Board members are generally not technology literate. For technology investments, the CIO needs to show how the technology would improve business performance e.g. customer service, profits, revenues, compliance etc. They want to know if the benefits from the new initiative exceed the technology and implementation risks. The CIO has to satisfy the board that the risks are understood and effectively controlled.

Winning tips


Now that we understand the board’s role and focus, it is time to begin the preparation.  It is a mistake to underestimate the preparation time. I remember planning a preparation 3 – 4 months before the scheduled board meeting and this is not unusual. Status updates and proposals are scheduled to give presenters ample time to prepare, while the ‘please explain’ request can arise with a short notice.

  1. Understand the board submission process – Companies have well-defined processes and protocols to be followed for board submissions. Take time to understand the process, what is the accepted format (text document or PowerPoint, cover sheet), what are the pre-submission approval processes (e.g. CEO sign-off, leadership team run-through), what are the deadlines for submission. Getting these wrong can derail your presentations before the starting gate. Talk to others, get copies of the previous submissions. The company secretary is an authentic source and is also responsible for the board agenda.
  2. Understand what is on the board agenda – Make sure you understand what is on the full agenda. Research the current business priorities and challenges and talk to the other presenters to understand their proposals. If proper, coordinate your message with that of the others. This will avoid repetition (or worse contradictions) and help the team express a consistent message.
  3. Research board members – Try and understand more about the board members, their background, special interest or expertise and technology knowledge. Find out who are more active or influential around the board table and their focus areas. Try to understand their capacity to understand technical information.


Whether you are an IT leader or Marketing leader the board looks upon you as a member of the senior leadership team. Always keep this in mind for the board interactions.

  1. Align the message to the board’s interest and needs – Align your message to themes like company strategic goals, effective governance and risk control, business growth and efficiency, customer service etc. These will resonate better than release upgrades, infrastructure investments, virtualization and service-oriented architecture, etc.
  2. Eliminate jargon and use business language – Use of jargon is the quickest way to lose the board’s interest. What is obvious to the technology literate younger generation may be incomprehensible to many board members. Talk about how IT (or the current proposal) is supporting or enabling business, helping improve customer experience, reducing time to market. Better still get the business sponsor to co-present business proposals. Talk about how you are addressing risks via compliance, disaster planning and governance.
  3. Sell opportunities at the executive table first – If you have new ideas or approaches discuss these with the CEO and business executives first. You may have to do significant groundwork to get them on board with new opportunities. If they agree, it is quite likely the CEO will discuss it informally with the Chairman or other board members. One has to defend ideas at the board table, not raise new ones.
  4. Keep at high level but prepare for a deep-dive – The board presentations are brief. 15 -30 minutes is what is on the agenda. In reality, it could be shorter. Keep the message at the strategic level but be ready with facts and figures to back it up. Board members tend to ask lot of questions, so prepare for these. Get help from CEO and CFO to find out what questions to expect.
  5. Research the company history– Board members can have long memories. Check if this idea/ proposal has been tried before, and, if so, was it successful? Did the projects deliver? Why not? How will it be different this time? Failure to research and address these questions may mean a lack of approval or a delay.

Get ready to deliver

  1. Rehearse and rehearse again – With time short and pressure high don’t leave anything to chance. Make sure you are on top of all the presentation material and the facts. Try a dry run with your team and the executive team if necessary. Get their opinion and revise.
  2. Write down questions and answers – It is easy to forget answers when under pressure. Write down the questions and answers and keep them at hand. Practice Q & A with your team.
  3. Prepare a two-minute version – Board meetings can be unpredictable. Presentation time can be cut drastically. State your purpose clearly and be ready to succinctly summarise your report / proposal. Seek to gain support for one key point that moves the board in the desired direction.
  4. Get ready for interruptions – Questions can start as soon as you stand up. They have read your submission. Don’t let these questions derail your presentation. Pause, breathe and smile before answering each question. Turn negative questions into positive answers. At all costs avoid blaming anyone. Stick to the facts.

Follow these tips and you are on your way to winning the board game. All the best for your next presentation! For a further discussion on how you can effectively engage with the board, please contact author.

Is your IT Department Under Control?

Controlling IT

Do you know if your IT department is under control? How does one determine if the IT capability is well managed? Is IT well managed if the IT service is in line with service levels? Is IT in control if projects are delivered more or less on time? Or one can say IT is under control when information is secure? What should a CEO or a CIO do to ensure that the technology function is well governed?

What is governance? The term ‘governance’ is derived from the Latin it is derived from the Latin work “gubernare” – the action of steering a ship. Governance provides a structure for setting objectives and monitoring performance to ensure that the objectives are achieved. Essentially, governance defines who makes what decisions, how decisions are made and who is accountable for what.

IT Governance is a part of corporate governance. In current digital economy, the importance of technology within most organizations is increasing. It is becoming important to ensure that IT meets the organizations objectives. While there is usually no debate about the concept of IT governance, there are still many views about of what constitutes IT governance. Some people equate IT governance to IT service management (ITSM), others think it is managing information and security.  But IT governance is all this and more.

Five Focus Areas of IT Governance

At the core IT governance is about two things. How IT delivers value to the business and how well IT risks are mitigated. When there is strategic alignment of business and IT objectives value is delivered.  Embedding accountability in the organisation ensures risk management. These lead to the five focus areas for IT governance. These are:

  1. Strategic alignment,
  2. Resource management,
  3. Performance measurement,
  4. Value delivery and
  5. Risk management

First three areas are the drivers and the last two are the outcomes or the results. These are connected in a continuous governance life-cycle. Strategy alignment is usually the first step. From strategy next step is delivery of expected value through implementation while controlling the risks. Next, results are regularly measured, reported and actioned. Finally, strategy is re-evaluated and adjusted. Resource management decisions are made throughout the governance life cycle. Organisation’s culture, values, mission and vision create the environment within which it operates (value drivers).

Let us look at each of these five governance areas further.

IT Strategic Alignment

What is strategic alignment? Strategic alignment is achieved when the organisations strategic objectives inform building of IT capabilities which are necessary to deliver value to business. It means that IT strategy is aligned to business strategy. But just strategy alignment is not enough. It also means IT operations too are in alignment with the business operations.

For IT to deliver value to the enterprise, there need to be clear linkages between the aims of the business and the direction of IT. Therefore when creating the IT strategy one must consider:

  • the business requirements,
  • the competitive environment,
  • the impact of the current and future technologies and business trends,
  • current capability of IT to be able to deliver the expected levels of service,
  • cost of existing IT and whether it is providing value, and
  • the investments needed to meet expected service levels.

The board or executive level IT steering committee ensures strategy alignment. It checks that:

  • IT strategy is aligned to the business strategy,
  • IT delivers against the strategy (within budget, functionality and outcomes) and
  • IT investments between support and capabilities needed for growth / transformation are balanced.

Effective alignment also requires creating and maintaining awareness of IT’s importance for the business; clarifying role that IT should play (e.g. enable vs. utility vs. transform) and monitoring IT performance and the impact of projects and service operations.

Value Delivery

Value delivery ensures IT investments are generating appropriate return-on-investment. Value delivery means delivering within budget and with right quality that achieves the promised benefits. The benefits may be cost reduction, new capability/ products / services, customer satisfaction or top/ bottom line growth. IT value is also delivered by delivering the infrastructure that allows the business to grow. Off course for the value delivery to be effective, the value must be created in the right areas. This is where alignment is so important.

Value is demonstrated in many different ways. Value-for-money means IT operations and services are being run in a cost-effective manner. Measuring cost and quality of IT services and comparing against peer group (benchmarking) is an accepted method. New business value is created when IT helps make better decisions, transforms processes, improves customer interaction or helps deliver new products. Return on investment can be used to measure this value. (For more on IT value read).

Risk Management

In recent research conducted by Ernst & Young, the top finding was that organizations, that do focus on strategic risks and have integrated their various risk management activities, outperform their peers financially. Managing enterprise risks is the primary driver for governance in many organisations. Amongst the many enterprise risks, IT risks form a part of operational and systemic risks. Since most businesses are heavily dependent on IT for operations and service delivery; how IT risks are managed is important to boards and regulators. Examples of typical IT risks are business continuity, change control, information security, and new technology implementation.

Successful companies:

  • Generate two-way open communications about risk with stakeholders,
  • Provide stakeholders with the relevant information that helps then make informed decisions,
  • Have the board or management committee play a leading role in defining risk management objectives.
  • Adopt and implement a common risk framework across the organization,
  • Assign accountability for the risks to executives.
  • Establish a system of internal controls to manage these risks.

Even when no immediate actions are planned, analysing and being aware of the risks improves decision making.

Resource Management

Resource management aims to optimise IT investment, use of IT assets and resources to improve performance.  Many businesses don’t get the full value from their IT assets and their associated costs. Resource management also includes managing outsourced services so that the service is delivered at acceptable price.

Effective resource management requires that procurement, project management, workforce planning (recruitment, retention and skills development), and work tools and facilities are managed well. Good resource management ensures that IT support services are prioritised in line with needs and importance of business operations. Similarly life cycle of IT assets (hardware, licences and applications) need to be managed to reduce outages, costs and impact of changing technologies. Balancing cost of infrastructure with the quality of service is also important for resource management.

Performance Management

Managing performance of projects and IT services is a focus here. A balanced scorecard approach will allow performance measurement from multiple perspectives, such as Financial, Customer, Internal process and Learning. IT balanced scorecard (IT BSC) is very powerful aid to reporting IT performance and also to achieve business alignment. Balanced scorecards that include a mix of both outcome (what is being done) measures and drivers of performance (how you are doing) are effective for improving performance.


IT Governance is a key to ensuring IT is under control. Governance requires that all aspects of IT performance and risk are monitored and controlled in a way that improves overall business performance. IT governance is not a one-time activity but a critical management process. Little will be achieved without the support from the top. Organisations that have effective IT governance manage IT costs, risks and performance more effectively and can said to have IT under control.