NEW YORK -- Over the next 40 years, IT leadership will move from the role of an individual contributor to a team sport. The huge burden of the CIO -- ensuring that IT is effectively managed -- will move to a company and board-level responsibility, according to Richard Nolan, William Barclay Harding Professor of Business Administration at Harvard Business School.
Nolan believes an IT-certified expert or IT oversight committee is the next big thing in corporate governance. He introduced this concept to an audience of IT executives at the SIMposium 2004 conference in New York City.
"There is a major need for board-level certified IT experts now," said Nolan. Companies need to invest in the potential of IT. To do so, they need a board of directors for the CIO. The group would be responsible for anticipating the next big thing in IT and communicating it to business and IT organizations within the company.
This external committee would have meaningful discussions on key issues from the top level down. Asset management, service levels, strategy, lawsuits and surprises would be among the issues. Nolan provided examples of the types of questions the committee would address in respect to each of these issues.
- Do the firm's professionals have the appropriate IT infrastructure and applications to exploit development and intellectual assets?
- Information resources: Is the company getting adequate return for its investment in information resources?
- Do companies have in place adequate security to ensure the protection and confidentiality of its information assets?
- Does the company have in place management processes to ensure 24x7 service levels, including tested backup -- especially since we are fully dependent on IT in so many cases today?
- Are processes in place to exploit discovery and execution of IT strategy opportunities?
- Are processes in place to ensure against risk of IT strategic jeopardy?
- Is benchmarking a standard practice to ensure maintenance of company's competitive cost structure?
- Are procedures in place to ensure against costly lawsuits?
- Are processes in place to insure IT and the board against risk?
Big companies, such as FedEx, A&P and Mellon Bank are forming IT oversight committees to address these issues.
Last month, A&P's board of directors agreed to form an IT oversight committee. The goal of the committee is to have external governance over IT and ultimately engage IT with the business. The board hopes the IT oversight committee (made up of four external directors) will create a dialogue between the internal departments and help the organization foresee the next big wave of IT.
"From an IT standpoint, we think the formation of an IT oversight committee is a positive thing," commented Richard Bauer, VP and CTO of A&P. "IT best practices often get put aside in favor of more urgent issues. This type of committee will allow for discussion (and prioritization) of IT initiatives and best practices."
FedEx is also an early adopter of the IT oversight committee concept. The new committee at FedEx oversees major IT-related projects and technical architecture decisions. The committee is ultimately responsible for advising FedEx's senior IT management team on future projects and initiatives.
But not all IT executives think an oversight committee is beneficial or necessary. "Until we recognize IT as having a chair at the board table, you can have as many external advisory boards as you want. It won't make a difference," said Dean Lane, senior IT director for Symantec and author of "CIO Wisdom."
The number one job for all departments in any organization is to keep the business running. "Even if new IT initiatives will bring money into the organization, you still need to fix the current problems," said Lane.
An external advisory board must realize that emergencies come up and things break. These situations need to take priority over new initiatives and revenue-generating projects, added Lane.
FOR MORE INFORMATION: