Overseeing a company's information technology activities is a significant challenge for directors. The pace of change in this area is rapid, the subject matter is complicated, and the highly technical language used to describe emerging technologies and evolving risks makes this a challenging area. And many companies are relying more and more on technology to get ahead, often prompting substantial changes in how they operate. On the other hand, cyber risk impacts nearly all companies and is top of mind for directors. All of these factors can make the board’s IT oversight responsibility appear harder than perhaps it really is.
Recent data from PwC’s 16th Annual Global CEO Survey found that more CEOs in the US (31%) believe a cyberattack or major disruption of the Internet is likely to occur than global CEOs (20%). In February, President Obama issued an executive order to concentrate on our critical infrastructure cybersecurity.
That executive order calls on federal agencies to strengthen US cyber defenses by sharing more public-private information, identifying and prioritizing US critical intellectual property (IP) infrastructure, and building a cybersecurity framework.
More directors spent more of their board hours discussing IT risks and opportunities in the last year, according to the 934 directors responding to PwC’s 2013 Annual Corporate Directors Survey (ACDS). Additionally, the survey showed 62% of directors say their company’s IT strategy and risk mitigation approach anticipates potential competitive advantages from emerging technologies, up from 56% a year ago.
But the specific digital areas receiving director attention and the desired areas of focus by investors are not necessarily the same. For example, eight in ten directors are at least “mod¬erately engaged” in overseeing the status of major IT project implementations. However, only 60% of investors believe the board should be “at least moderately” engaged in this area.1
What can the board do to enhance the IT oversight role? Structured frameworks for IT professionals and management already exist; however, they are not designed with the board's oversight role in mind. To fill this void, PwC developed Directors and IT―What Works Best: A user-friendly board guide for effective information technology oversight, which introduces our IT Oversight Framework, to help boards figure out the most effective way to oversee IT at their companies.
|Other key issues|
Learn what PwC has to say about IT Governance:
Additional information about IT Governance:
1PwC’s Comparison of the 2013 Annual Corporate Directors Survey and 2013 Investor Survey (What matters in the boardroom? Depends on whose shoes you’re in.