CIO Insight: Why is it critical in 2004 that boards pay closer attention to information technology?
Nolan: After 30 or 40 years of IT spending, 55 percent of the capital investment of an average company is now going into information technology. That in and of itself demands more senior management attention. However, that's not the only reasonand maybe not even the most significant reasonto get boards involved. The role of IT is expanding both deep within organizations and across organizations. The notion of a firm's boundaries has changed: Companies have become permeable, and decisions affect entire networks of companies. Meanwhile, every organization today is absolutely dependent upon IT. The underlying architecture is essentially a foundation built on sand because legacy systems have not been kept up to date. Most companies are dependent upon obsolete systems that need to be replaced.
But all of this is already followed by the IT executive staff, and presumably by the CEO they report to. Why are boards needed to oversee it?
Anytime you have an environment with high rates of change, such as we've been experiencing over the last ten years, management controls are challenged, and can get out of whack. The accounting systems were first. At Enron, Jeffrey Skilling testified before Congress, after the company had gone bankrupt, that he didn't understand the off-balance-sheet accounting and left it to his accountants. Then WorldCom entered Chapter 11. There we discovered the board did not have financial experts on the audit committee, and the audit charter actually contained language claiming that because none of the committee members were financial experts they could not be held accountable for the statements that were made.
The next shoe to drop will be information systems. We again have a situation in which too much is being left to the technical people and the CIO. Senior management is not engaged enough in strategic information-technology decisions and situations that could put the company at risk. We will see a company run into serious problems. In fact, we've already seen some. According to an article on ERP in the Harvard Business Review, executives at FoxMeyer Drug Co. contended that the failure of its ERP system helped drive the company into bankruptcy in 1996. After spending seven years and close to half a billion dollars implementing a mainframe ERP system, the Dow Chemical Co. stopped and started over with a client-server version. Even well-managed Dell Computer spent a huge amount of money on their ERP systems and faced some write-offs from a rocky start.
IT activity has evolved so rapidly that it now has a future-shock kind of impact. Senior management is not really up to speed on their degree of dependence on IT, or on IT's impact and strategic potential. It's an accident waiting to happen. Someone needs to intervene, and the board is the best mechanism for rendering this much-needed top-down leadership.
And the risk is that a group of heads-down executives thinking about day-to-day company concerns cannot consider everything they should?
Yes. We're involved right now in a research project on Internet Two, the high-speed Internet of the academic community. It's contributed significantly to the mapping of the genome and a lot of the collaborative research that is going on today. Interestingly, there are Internet Two applications in healthcare, physics, chemistry and veterinary medicine, but not one in business. How is it that there isn't anyone in business looking for killer apps? There doesn't seem to be that kind of dialogue.
The Role of Standards in Cloud Security
Security is often cited as a primary cause for concern...Watch Now
Ensuring Resources for Mission Critical Workloads
Application workloads can thrive in cloud environments,...Watch Now
Improving Security in the Public Cloud
One of the main concerns about moving data to a public...Watch Now