The accounting scandals that dragged down Enron Corp., WorldCom Inc. and others in recent years have led to a variety of fixes—from new laws regulating accounting and financial reporting to stock exchange rules governing the makeup and governance policies of corporate boards—all in hopes of shoring up investor confidence. Will it be enough to avoid the next major corporate calamity?

Harvard Business School Professor Emeritus Richard L. Nolan doesn't think so.

Resource Library:

In a speech before the Society for Information Management this past October, Nolan warned that additional board oversight must now be extended to information technology. "IT is the next disaster waiting to happen," says Nolan. "Companies are running on autopilot. We're seeing boards that are essentially inactive, while even top managers are giving short shrift to IT." That's why, he says, "the next big thing in corporate governance in my view is the board-level IT oversight committee," similar to the audit and compensation committees most corporate boards already have.

Nolan ought to know: He has taught accounting and information-technology management at Harvard since 1969, with a 14-year break to cofound and run the consulting firm Nolan, Norton & Co., which was purchased by KPMG in 1987.

"Most of my work as an executive and consultant was directly with senior managers, and when I came back to Harvard I was invited to join a number of boards right away. I decided to concentrate on boards and IT issues, and I've been doing that ever since."

He has served on the boards of eight companies, and is currently a director at Novell Inc., Arcstream Solutions Inc. and A&P (the Great Atlantic & Pacific Tea Company Inc.), where he is helping to create an IT committee.

"The role of these boards is still a work in progress," he said at SIM. "But in my view, these committees are responsible for ensuring a continuous dialogue takes place between top management and the people in the IT department."

This dialogue, Nolan told Executive Editor Allan Alter in an interview at Nolan's Cambridge, Ma., office, should cover five areas: managing IT and information assets, strategy, service levels, legal issues and avoiding nasty surprises. Companies that create such committees will not only be better positioned to avoid disasters, they'll also be better able to size up the business value of emerging technologies like Internet Two and open-source systems, and find opportunities to use IT to differentiate themselves, reduce costs and create strategic value. Greater board involvement in IT, says Nolan, "is required as companies adjust and speed up their business models." What follows is an edited version of his views.