Savvy leaders bridge the tech governance gap

A stronger alignment is needed between business goals and IT strategy.

Another day, another cyber attack. Australia has certainly not been immune from the hacks and data breaches that have affected more than just the share prices of many businesses worldwide. With IT and business interwoven so tightly in today’s digital economy, board members and senior executives cannot separate themselves from the governance of technology and the oversight of areas such as cybersecurity and risk management.

In global business technology association ISACA’s newly released Better Tech Governance is Better for Business research, establishing a clearer connection between business and IT goals was overwhelmingly (69%) the top priority that respondents identified senior leaders should pursue to achieve stronger business outcomes and increased agility. That becomes a much smoother proposition when organisations prioritise technology savviness on the board of directors.

Enterprise leaders must do more to emphasise the governance of technology. Only 21% of senior leadership and boards report they are briefed on risk topics at every leadership meeting, and only one-third of organisations assess risk related to technology use on a monthly or more frequent basis.

Research respondents were also asked to name organisations whose boards they perceive to be doing an exemplary job of business technology governance. Of the more than 150 organisations noted, Microsoft, Google and IBM were most often cited as leading by example.

Locally, for companies such as Sydney-based financial products and services organisation Tyro Payments, governance is already paying off. “Business decisions at Tyro are aligned with technology-based solutions, leveraging technological and governance components to improve Tyro’s overall resilience and confidence in its technology and product stack,” according to Sascha Hess, director of operations at Tyro Payments Ltd. “Aligning business and technology decisions has created a culture where leaders and team members alike have already clearly seen advancements toward our overall business results.”

According to Hess, board directors at Tyro represent a very good mix of technology savvy and domain expertise. The entire board embraces technology and views technology as a business enabler.

Organisations with tech-savvy leadership are well positioned to pursue the strategic investments in equipment, training and other resources needed to successfully innovate. In businesses lacking that governance leadership, IT is driving investment decisions and buying products and services that may not fit with the overarching business strategy.

An IT investment strategy needs to be in collaboration with and in support of the organisation’s enterprise goals. Conversely, business leaders should not completely drive technology investment decisions without input from the organisation’s technology and security experts.

Directors and top executives hold the ultimate responsibility for overseeing cybersecurity and risk management, but must also set the right tone and culture throughout the organisation.

Jo Stewart-Rattray heads ISACA’s SheLeadsTech program, and chairs the Branch Executive Committee of the Australian Computer Society. She is also director of information security and IT assurance at BRM Holdich, and past chair of ISACA’s Audit Committee, Leadership Development Committee and Security Management Committee.

Graphic courtesy ISACA.

Follow us and share on Twitter and Facebook