IT governance gets the board's attention

A small number of companies, including Novell and Federal Express, have elevated responsibility for IT governance to their boards of directors in an attempt to ensure that they have high-level oversight of technology investments.

Download this free guide

Infographic: Future-proofing UK technology

The current potential of the UK technology industry is restricted by the lack of tech and digital talent available. Read through this challenge for the future of UK business and our economy.

Start Download

• Corporate E-mail Address:

  You forgot to provide an Email Address.

  This email address doesn’t appear to be valid.

  This email address is already registered. Please login.

  You have exceeded the maximum character limit.

  Please provide a Corporate E-mail Address.

By submitting my Email address I confirm that I have read and accepted the Terms of Use and Declaration of Consent.

By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

Novell established its board-level IT oversight committee in January, and Richard Nolan, an outside director who chairs the committee, said he expected other companies to take similar steps as executives start to examine the legal risks that IT investments pose under the financial reporting requirements of the Sarbanes-Oxley Act. 

"This is an area where boards of directors will be named in stockholder suits," said Nolan, a management professor at the University of Washington Business School in Seattle.

Novell's oversight committee, which includes four other directors from outside the company, monitors major projects and decisions about the company's technology architecture. Nolan said its duties include working with senior IT executives and addressing questions such as whether Novell is getting adequate returns from its technology investments. 

Having directors oversee IT activities "is an enforcing function", Nolan said. "This can shine a light on issues." 

FedEx created an IT oversight committee four years ago which includes board members.

Like Novell's committee, the one at FedEx oversees major IT-related projects and architecture decisions and advises both the senior IT management team and other board members on technology issues. 

Over the past few years, many large companies have created IT steering committees to help prioritise funding for high-cost projects. But most of those committees are made up of business unit leaders and department heads, and they do not include board-level participation beyond senior executives such as chief executive officers and chief financial officers. 

For example, KeySpan established an IT governance board early last year, according to Frank La Rocca, co-chief information officer at the natural gas distributor, electric utility and energy services firm.

The panel, which meets monthly to scrutinise IT investments, includes KeySpan's chief financial officer and chief strategy officer, as well as several executive vice-presidents and business unit heads. No external directors are members at this point, La Rocca added. 

Board-level IT governance and oversight committees are just beginning to emerge, said Tom Pohlmann, an analyst at Forrester Research. 

"There are many cases where the chief information officer presents to the board of directors once or twice a year," he said. "But overall, this is not a trend that I'm observing." 

Steve Bandrowczak, chief information officers at DHL International, said he is unsure whether IT governance at the board level will be widely adopted. DHL itself has yet to move in that direction, he said. 

"Most company board meetings have little time to cover IT strategy," Bandrowczak said. "That's not to say board meetings don't discuss major business initiatives that require a major IT project. But the two go hand in hand." 

Thomas Hoffman writes for Computerworld