Interrogate your systems

To what extent do investments in information technology really contribute to business value?

A staggering 95% of global companies believe that the successful deployment of information technology is vital to long-term business success, and yet almost 50% of companies rarely or never discuss IT as a board-level agenda item. At the same time, two thirds of chief executives are unable to describe the IT governance processes within their organisations.

These are just some of the startling findings that arise from a recent IT Governance Institute global survey carried out by PricewaterhouseCoopers.

The same survey also reveals that in reality, the biggest IT issue facing companies is understanding the tangible business benefits of investments in IT.

Companies have been throwing money at IT for years. But in a growing number of businesses, IT costs – typically only second in magnitude to staff costs – are not properly understood. Despite a consensus on the importance of IT to business success, there is still a lack of involvement and comprehension at board level.

‘The only thing I understand about IT within my company is how much it costs,’ the chairman of a major organisation recently told me. But in fact, he was wrong. He didn’t know the cost. The ‘smoke and mirrors’ management accounting made it almost impossible to understand how much money was going into the IT black hole. This begs the question, if companies don’t know what IT costs, how can they hope to understand if it is delivering value?

This is where a positive approach to IT governance can help, and the reason why the ICAEW’s IT faculty is dedicating a conference on 27 April to this subject.

At its core, governance is concerned with two responsibilities. First, it must deliver value and enable the business – and be seen to do so.

Second, the related risks must be mitigated. IT presents the extreme of both.On the one hand, very large investments often with uncertain returns, and on the other, critical, potentially crippling risks. This is all counterbalanced with the exceptional opportunities that IT brings for growth and renewal.

Governance of IT presents many challenges for board members. They must be aware of the role and impact of IT on the enterprise, define constraints within which IT professionals should operate, measure performance, understand risk, and obtain assurance.

Effective IT governance must therefore include a proper structure, supported with appropriate metrics to demonstrate that there is a satisfactory return on investment.

The global financial services company ING has in recent years developed a system like this, together with an annual IT dashboard process to provide transparency at board level of IT costs, value, operational performance, and competitor analysis.

A key success factor of ING’s structure is the fact that three members of the IT policy board – including its chairman – are also members of the executive board. This ensures there is no disconnect or unawareness of IT issues at main board level.

Meanwhile, the annual dashboard process, whereby operational and financial metrics are collected and analysed, ensures full visibility of IT metrics. This includes cost and staff information, return on investment from IT-related projects, and costs and losses arising from IT-related operational incidents. This data is benchmarked against similar data specifically commissioned on ING’s main competitors, and is projected forward three years.

Without such data the board would be flying blind and unable to make key decisions to help improve performance and contain costs. The process also assists significantly in helping ensure that technology continues to be properly and consciously aligned with business needs.

Already it is making a huge difference. The decisions made to date from the improved access to this information have enabled ING to avoid more than EUR200m (£132) of future costs. In just one year the company has directly slashed staff costs by EUR32m through providing visibility at board level of the cost of external contractors compared with internal staff.

The company believes that there is the potential to save further millions of euros through improved IT-investment management processes, both at portfolio and individual project levels.

And yet the perceived cost of implementing IT governance is one of the main obstacles holding companies back from doing so – at least that’s what the governance survey indicates. ING has been able to prove that, far from being a cost, the value of the process is very significant indeed.

But IT governance will never be effective without the board being able to ask the right questions and just as importantly, to understand the answers.

The IT Governance Institute recently published an updated version of its IT Governance Board Briefing, which provides guidance to board members and others on how to implement appropriate processes and metrics. This document is available for free from the ITGO website (

Among other useful advice, it provides a series of questions that board members should ask about the contribution and management of IT within their businesses (see box).

If a board of directors cannot articulate answers to such questions, this will demonstrate a clear lack of IT governance within their organisation.

At best there’s a risk that IT value is not currently being achieved.

At worst, the business may be under significant threat both from better informed competitors and IT-related failures.

If IT is still not on the boardroom agenda in your organisation, these questions are a good starting point for making sure it is properly addressed in the future.

  • Paul Williams is chairman of the ICAEW’s IT Faculty. For details of its IT governance conference on 27 April, see


  • How important is IT to the long-term success of the business?
  • Are we obtaining value from our investment in IT? How do we know?
  • Are we investing more or less in IT than our main competitors, and why?
  • What are our principal IT-related risks and what is being done to mitigate them?
  • How much have IT-related failures cost us over the past year?
  • What are our most significant IT-related initiatives?
  • Do we deliver our IT projects on time, on budget and with full functionality?
  • Have we learnt the right lessons from our IT projects over the last 12 months?
  • Who, at board level, is accountable for IT-related successes and failures?
  • Does every board member understand our IT governance structure?

Related reading