Six Suggestions for Ensuring Technology Fluency in the Boardroom

By Jim DeLoach


Technology Online Article

Every director on your board should be technology-engaged. No director gets a pass.

With business and technology inextricably intertwined, today’s directors need to possess sufficient knowledge of technology issues to execute their duty-of-care responsibilities. In fact, research indicates that technology-savvy boards experience a financial performance payback: An analysis of US-listed companies’ boards determined that companies with at least three technology-savvy board members outperformed other companies. These outperforming companies reported notably higher profit margins, revenue growth, return on assets, and market capitalization.

It’s beneficial to have one or more people with deep technology expertise serving on the board or as advisors to the board, independent of management. However, the pervasiveness of technology suggests that every director should at least understand how technology enables the organization’s strategy and business model, as well as the implications of disruptive innovations to their industry.

Below are six suggestions to help make sure your board has the technology fluency it needs

1. Accept that disruptive change is the norm. According to a recent global survey, many significant risk concerns for the next decade have a technological underpinning: for example, the rapid speed of disruptive innovations, the threat of new competitors, evolving customer preferences, utilization of insightful data analytics, resistance to change, and data privacy and cybersecurity. The focus on innovation and digital transformation to retain relevance has never been stronger.

2. Stay current with the evolving technology landscape. The most prominent suggestion from a December 2021 NACD Master Class session is also fundamental to other complex matters: bring outside experts into the boardroom and invite them to keep the board apprised of technological trends. Alternatively, identify and lean on expert resources inside the organization—regardless of the function they’re supporting. When seeking guidance from management and advisors, insist on getting it in plain, practical terms.

It helps to view technology as a strategic enabler rather than a shiny object. Focus on the organization’s long-term strategic goals and how technological innovation can help reach those goals. Consider the capital deployment ramifications alongside the related opportunities and understand how existing legacy technology in the organization might hamper goal achievement. Recognize the risks emerging technologies can pose—for example, the risk of improper algorithms and bias inherent in artificial intelligence—and discuss them with management.

3. Engage the full board on the right questions. Technological fluency is also about learning, and learning comes from asking the right questions and obtaining input from the right subject matter experts. Critical questions for the full board to consider include the following:

  • Is technology identified as an integral part of the company’s strategy and key initiatives? Does the CEO dashboard monitor technology investments that enable improvements to customer engagement, process efficiency, products and services, and competitive position?

  • Are the organization’s digital transformation efforts properly prioritized to deliver the expected value and results? (For example, are multiyear plans reevaluated every three to six months in view of changing markets and customer needs?) Are plans resourced with the requisite skill sets, or is help needed?

  • What are the long-term plans for hybrid work environments? How will the company enable access and connectivity to ensure productivity, safety, and security in the future, considering the next generation of mobile connectivity and systems as well as data access?

  • What programs are management considering to protect the organization’s critical data and information assets and to comply with global data privacy requirements?

  • What are the company’s business continuity, crisis management, and disaster recovery plans? Are contractors and outside services aligned to support them? Does the technology infrastructure enable or hinder business resilience? How would operations be affected if a security breach were to occur, and how quickly could the company respond?

  • Are the processes that management chooses to automate focused, streamlined, and simplified enough that automation makes sense? Is selecting a process for automation a strategic decision (for example, to focus employees on more complex, value-added tasks)?

The board should expect management to consider these questions and the accompanying resources needed to be successful.

4. Ask: Should the board have a technology committee? This has been a discussion point for well over a decade. The focus of such a committee varies by company, and these committees remain relatively uncommon. It’s up to each board to decide how best to provide strategic oversight regarding technology. That said, every director should be technology-engaged.

The view discussed at the NACD Master Class session was that while a technology committee may be appropriate under certain circumstances, technology oversight responsibilities should ordinarily not be entirely relegated to a small handful of board members. And knowledge of and attention to technology shouldn’t be limited to a separate board committee—whether that committee is a technology, audit, or risk committee.

As technology often drives overall business strategy, knowledge of technology-enabled opportunities and risks is relevant to many board discussions with management. A designated technology committee is not a panacea.

5. Focus on the implications of technological advances for talent availability. The board should be cognizant of how technology impacts talent availability. Over the long term, the limited pool of technology professionals will be drained quickly by overwhelming demand for skilled, experienced talent as new technologies take root in the execution of business models. As a result, human capital strategies require a revisit.

Continuous learning, upskilling, agility, and innovation should be emphasized as core values. None of this will happen organically. Training and upskilling must be intentional and pushed by management, with the board’s encouragement.

6. Remember that cyber risks come with the technology territory. Organizations should have a cyber response team in place and ready—with legal, forensics, communications, and other resources. Such teams should be steeled through preparation and practice. Prevention is also imperative. Many services and products are available to protect the organization from incidents and breaches. Multifactor authentication (MFA) is an example, and everyone in the organization should be required to use MFA on company systems to provide a critical layer of protection. Finally, boards should ensure management is taking appropriate steps to retain cyber insurance coverage.

Jim DeLoach
Jim DeLoach is managing director of Protiviti. DeLoach is the author of several books and a frequent contributor to NACD Directorship Online.