Our world has a remarkable capacity for rebalancing itself — Newton’s third law tells us that every action has an equal and opposite reaction. And the comparable rule I see in business is that every new opportunity creates a threat, and vice versa. So while the digital era is opening up powerful new opportunities to reinvent business models and transform customer interactions, it is also exposing companies to significant new risks.
Cybersecurity is one obvious example. Businesses are subject to ever more complex cyber attacks, which CIOs have to help figure out how to ward off.
And related to this is the issue of brand reputation. CIOs are being put under pressure by regulators to go public about any security lapses that occur. As businesses increasingly become custodians of consumer data, those who develop a reputation for leaking or improperly sharing information will face a major loss of brand equity.
In some sectors, there are a number of other risks, such as new tax and regulatory requirements. As they rush to catch up with the digital revolution and to implement proper safeguards, governments — especially those within the EU — are introducing a plethora of new laws on tax, privacy, data handling and other issues. And they are setting steep fines for those who fail to comply.
To retain control in a digital era, CIOs must successfully manage these risks by putting effective rules and processes in place. In essence, they must set out sound digital governance. Such governance is a vital — albeit often underappreciated — element of a CIO’s role in developing the business, and it is something that can serve to give CIOs a voice at the boardroom table (see pages 23–25 of our Born to be digital report for more).
So what does building a digital governance framework involve? CIOs need to think about the following questions:
- Are you leading from the front on digital? Any approach to digital governance will be completely undermined if it’s not given your backing and authority. Make sure it’s given the relevant attention from the outset.
- Have you set out a strategy for digital? Make sure you understand the core objectives you’re trying to achieve from more robust governance. Are they in line with the firm’s wider aims and its regulatory responsibilities?
- Have you put the right people in the right places? This is about your core operating model, and ensuring that you’ve worked out the right approach to building your digital team — whether that is a centralized core function, or whether you take a decentralized approach across the business, or some other hybrid approach.
- How well have you upgraded the organization’s skillset? Digital technology requires new skills and expertise, much of which may still only just be emerging in your business. Work out what capability you’ve got in place, and what you’ll need to bring on board.
- Have you set out the rules of engagement on digital? To be successful, you’ll need to map out the procedures, policies and standards that need to be applied to digital technology. This task can often overlap with the COO’s agenda, which could make for a timely partnership.
- What have you done to build a culture of digital? There’s likely to be great enthusiasm already about digital technology across the business, not least within sales and marketing. Be sure to tap this enthusiasm — and make it part of the business culture.
You may already have basic answers to these questions in place. But, as with any foundational work, the more solid the base, the stronger the structure that will follow. I certainly don’t blame today’s CIOs for focusing their energies primarily on avoiding digital risks, but there is an urgent need for them to view digital governance as an opportunity to demonstrate leadership and vision — and to win new plaudits from the board. Have you done enough on this? Let us know about your experiences in the comment section below.