Why Your Board of Directors Can’t Sleep on IT

CFOs and CIOs often don't know the costs and the drivers of IT expenditures or the progress and ROI of IT projects. And that's when bad things can ...
Larry TiemanNovember 14, 2011

While many companies and their CIOs today are working hard to make IT part of their business’s strategy, the most successful companies are making IT integral to the business’s strategy at the board level.

When a company decides it needs to transform its business through IT — its processes, products, or go-to-market strategies — it often needs to look outside for that expertise. Some will turn to one of the major consulting firms to help develop the appropriate strategy; others will engage a CIO to lead the transformation, and the CIO may then hire a consulting firm with an implementation capability. The next step — and one that’s not taken often enough — is to add IT oversight expertise to the board of directors.

Board members usually have neither the technical savvy nor the time to oversee the complicated implementation of a transformative IT strategy. Yet major IT-enabled business projects are risky, and failure can have a significant impact on profitability. By relying solely on consultants, the CIO, or some combination of the two, the business is limiting the information and perspectives it can receive and setting itself up for trouble.

The 7 Habits of Highly Effective CFOs

The 7 Habits of Highly Effective CFOs

Download our whitepaper to discover the technical and behavioral skills needed to lead your business forward.

The Cost of Bad Advice
Usually, the consultants’ advice is excellent, but not always. At American Airlines (AA) in the late 1980s, one of the major strategy consulting companies was engaged to help reduce IT costs and increase the return on investment of IT projects. The consultants’ advice, boiled down, was to allocate the IT investment to each business unit and let that unit decide how to spend the money.

It would take the airline two years to recover from the disaster that ensued.

When the business departments were given their IT budgets, many submitted project bids to outside companies, but integrating these projects into AA’s existing systems required in-house expertise (and resources) for which the contractors seldom planned. And since there were no offsetting reductions in overall IT head count and infrastructure costs, the total IT spend for the company rose substantially while project success declined dramatically.

The vendors and contractors engaged by the units warned the unit heads that AA’s IT department would object to these projects because they undermined IT’s control. This argument effectively negated the IT leadership’s warnings. The airline needed someone sitting on the board to question the risks, the plan gaps, and the wisdom of these initiatives. But there wasn’t, and most of these projects were expensive failures.

Proof of Failure
There are many companies that have suffered for want of board-level oversight. The FoxMeyer Drug board probably did not understand the risks involved in the major SAP ERP implementation it undertook in 1996, at which time FoxMeyer was the second-largest drug distributor in the United States. FoxMeyer ignored the signs that the project was going astray, and bid out future contracts based on the cost reductions the company expected to receive and never did. It suffered huge losses, filed for bankruptcy, and was eventually sold.

Was Hershey’s board adequately briefed on the risks of a big-bang implementation of a new fulfillment system that caused $150 million in lost shipments for Halloween 1999? Doubtful. And shouldn’t the Kmart board have urged its leadership to invest in its supply chain, as Wal-Mart, Target, and Kohl’s were doing, or at least questioned executive management on the lack of investment? The consequences for Kmart were dire, and in 2002 it was forced to sell off 250 stores.

But these are examples of things going wrong. They’re dramatic, but board-level oversight of IT may be even more important to ensure that a company is using technology to drive innovation.

Many years ago, FedEx assigned several of its board members to act as an IT oversight committee. This group reviews major IT projects and strategies, and reports to the full board. The FedEx board has some outstanding technical minds to serve as the core, and other board members with financial and business expertise (some skeptical of the value of IT). In this way, the FedEx committee provides oversight of the strategic IT function without eating up the full board’s valuable time.

The Board’s IT Responsibilities
There are several realities (some unpleasant) that corporate boards should understand about their company’s use of IT.

IT’s strategic role needs to be explicit to be effective. As discussed in “IT: Business Asset or Strategic Liability? Your Choice,” corporate boards should recognize that IT is already part of the business strategy, whether once upon a time a deliberate decision was made or not. Boards should question the CEO about the company’s IT strategy, how that strategy is enabled, what opportunities have been identified, and how much progress has been achieved. Boards also should ask about IT trends in the industry and what key competitors are doing or could do. Boards especially should be asking what innovations would change the industry and undermine the business model (think iTunes,, and

Boards should be on the lookout for potential impediments to success. Who controls the resources, the budget, and has decision rights on how those resources and budget are used? When decision rights are not aligned with corporate priorities, IT investments do not deliver business value.

The link between corporate priorities and IT projects is often vague. The process of making IT investments is seldom transparent. Corporate boards should ensure that there’s an accountable governance process to determine which IT projects are staffed and funded. In particular, boards should ask the CIO how projects are aligned to corporate objectives, and ask the CFO what the expected benefits are and how those benefits will be harvested.

The total cost of IT usually is unknown. Few CIOs and fewer CFOs know what’s being spent on IT, where it’s being spent, and if the projected value is being achieved. (Most CFOs doubt it, justifiably.) It’s rare that a company is getting the full benefit of investments that are almost always larger than thought.

Boards should know how much of the IT spend is dedicated to maintaining existing systems, and how much is spent on supporting new projects that have committed to cost reductions or increased revenue. In many companies, the cost of maintaining existing systems is 80% of the total IT budget. That leaves very little for investment in innovation and new business projects. Added to the fact that most projects are not aligned with corporate priorities, the sad truth is that there’s very little money being spent on projects that actually could do the company some good.

Boards should ask the CIO for a plan to increase the percentage of the budget going to new projects with revenue or cost-reduction commitments looking for at least a 10% improvement. At the same time, they should be very skeptical of those plans and numbers because most CIOs don’t know their true costs and cost drivers.

There’s a lot of redundancy and waste in IT. Few CIOs keep an accurate inventory of applications, databases, and hardware. Fewer still can accurately map applications to computers, and applications to business owners and business processes. A large company will have hundreds of servers, mostly underutilized, and some not used at all. How many redundant systems does the company have? What computers are running those systems, and how many programmers are supporting them? How much is being spent on maintenance and license fees for the commercial software, the other technical software on the computers (e.g., operating systems), and the computers themselves?

Some of the system redundancy and cost is due to business units buying or building systems without knowing what other units already possess. Some of the redundancy and cost comes from poor IT practice, such as inadequate procurement oversight. And customer and employee data is probably replicated in hundreds of databases on different computers because that’s easier than centralizing it. Boards should insist that IT assets be as transparent as possible. The total IT spend and how that spend is distributed are a proxy for how efficiently the company uses IT assets and how well IT supports the business.

Not a Board of Geeks
Boards can assess a company’s IT efficiency and competitiveness without concerning itself with technology. At the board level, IT is a business function with a key strategic role. What is IT’s role in this company and industry? Is the role being met, and what needs to be done? These questions will usually lead the board into significant business-strategy discussions and help ensure that the company is properly positioned to take advantage of technical innovations and spending money and resources appropriately.

Larry Tieman has been a senior vice president at FedEx, a CIO, and a CTO for the past 20 years. He can be reached at mailto:[email protected].