Patrick Hendier, independent director specializing in IT governance, APIA Swiss member and independent consultant, answers all our questions on this important topic.
IT governance is an integral part of corporate governance. In fact, it aims to ensure that an organization’s IT resources and processes are used efficiently and aligned with the company’s overall strategic objectives. For this reason, IT governance is the responsibility of the Board of Directors in its role of Oversight and Organization. Studies have shown that good IT governance can boost profitability by up to 20% for identical strategic objectives between different companies.
IT-related expenses in companies are generally the second largest budget item after personnel. Yet, surprisingly, many boards of directors still don’t have IT experts on their boards to ensure alignment between corporate strategy and IT projects. As a result, IT operations or management (in the best of cases) often decide on the priorities of what needs to be implemented. Yet IT is only a means to an end, never an end. This is why the Board of Directors needs to formulate the strategic directions and objectives it wishes to give to IT, in line with its own overall strategy, so as to establish the corresponding IT needs and resources. The Operational part must therefore “set to music” or “execute” with the means given to it what has been decided at the strategic level.
Are you aware of the risks involved in not using your data?
In today’s world, data has become a company’s most valuable asset. But what happens if data is stolen or suddenly unavailable?
It is imperative to be able to precisely identify the critical applications within your IT infrastructure, then formalize them by having them validated by company management and the board of directors. It is also necessary to establish, together with Management and the Board, what is the maximum tolerated unavailability of systems, as well as the maximum loss of data, in days, hours, seconds… For example, what software or systems are absolutely essential to guarantee the smooth running of your strategic and operational operations, and how much can you “live” without these systems? It’s essential to know these elements to be able to prepare action plans in the event of unavailability, and to ensure the level of service expected by the business.
How do you know if your IT governance is up to date?
Ask yourself if it exists in your organization:
- an IT strategy and IT guidelines?
- IT objectives linked to business objectives?
- an IT sourcing strategy?
- a description of IT risks and critical applications?
- clearly defined roles and responsibilities for IT and other bodies?
- Monitoring of major projects by the Board of Directors and the Managing Director?
- Involvement of the IT department in corporate strategy as a value driver?
- reports and performance indicators based on defined service levels, submitted to the Board of Directors and the General Management?
What to do with new technologies?
As with any IT project, you need to ask yourself what these new tools are actually for. It’s important to stay informed and keep an active watch, without changing your entire organization if you don’t need to.
An independent director specializing in IT governance :
IT governance is a pillar of corporate strategy, and the presence of an independent director with IT expertise on the board can make a valuable contribution to guiding IT-related strategic decisions. This approach provides a better understanding of the company’s costs, technologies and needs, enabling informed decision-making that is always in line with corporate strategy.
If you need to find a competent professional, APIA Swiss is at your disposal.
APIA Swiss Team