By: Konstantinos Takos

Edited by: Issam Zaghloul


BuildingTrust

The Digital era

You hear it called the digital revolution – the transformation of how we work and live, which is one of the great megatrends that will continue shaping the world this century.  Organisations in the Middle East are coming to the realisation that technological advances will have the greatest impact on their business over the next five years. This is in line with what CEOs (85%) responded in last years’ PwC survey of Middle East CEOs.

The speed of change is accelerating and the majority of businesses are increasingly becoming dependent on technology-driven transformation programmes. Over the last two decades, a technology revolution has changed the way we do business. Change will only continue and while it will offer opportunities for innovation and productivity, the digital era presents new risks and challenges. A digital ecosystem has developed, linking enterprises to customers and suppliers through multiple channels.

Innovation built into everything

Only by seeking new ways of delivering their products and services will companies stay ahead of the competition and maintain a strategic edge. Businesses that are confident in their ability to deliver technology enabled transformation will have a distinct advantage in this new world.

In last year’s PwC’s survey of Middle East CEOs 30% said innovation around products and services would provide the main opportunity to grow their business over the next 12 months (second only to increasing their share of existing markets). Many of those products will be shaped by a combination of new technologies and investments in the form of industrial automation, cloud computing, enhanced Enterprise Resource Planning (ERP) systems, customer experience innovations, Big Data and the growth of connected devices – the so-called Internet of Things (IoT).

Not surprisingly, Middle East executives are interested in shaping their organisation in the best possible way to cater for innovation, whether this is through new organisational roles, better processes and reporting, stronger corporate governance or increased interest on IT altogether.

Boards spend more time on IT

With technology rapidly changing the way companies do business, Boards increasingly recognise the importance of effective IT oversight. That’s likely why the amount of board time dedicated to IT oversight increased year-over-year according to PwC’s Annual Corporate Directors Survey 2013. Directors are enhancing their digital IQ by meeting more frequently with the company’s Chief Information Officer (CIO) as they are dealing with challenges like the ones below:

  • Significant IT investments

Businesses are making significant investments in technology led transformation to gain competitive advantage in the digital age. With fewer and fewer skills retained in most businesses to achieve these, successful delivery is far from assured.

  • Focus on resilience

Businesses have never been more dependent on secure, reliable technology, systems and data. Cyber breaches and system outages are being reported daily – destroying trust between businesses and their stakeholders.

  • New regulation and standards

Regulators and standards setters are slowly starting to define a raft of regulations and frameworks that businesses will eventually need to comply with in order to ensure that they build the right level of trust into their technology environments.

Focus on trust

Many global companies now invest a good deal of time and effort to demonstrate business transparency and build trust. Indeed, 68% of Middle East CEOs report that customer and client confidence in their companies has improved in the last five years. Still, most Middle East CEOs understand that relationship is only as strong as its weakest link. 60% say they were concerned about the lack of trust in business as a potential threat to their organisation.

When it comes to technology, getting the right attention in the boardroom is key. With digital opportunities and risks becoming so central to business strategy, boards and audit committees must have the digital expertise to set the level of risk that they are willing to accept. They must be able to ask the right questions and hold management to account. Naturally, the level of trust required to be placed on their IT departments is increasing exponentially.

Governance

IT governance is a key ingredient in building trust in the digital era, but behaviours and expectations of what this means are varied. The level of importance that organisations in the Middle East place on IT governance tends to be relatively low and it is seen as an afterthought or at best a way to satisfy nebulous compliance requirements. For many within IT, better governance is euphuism for more bureaucracy and “process” imposed by compliance functions. This is in line with the typical mistake many IT departments do when confusing management with governance. The key decision making meetings tend to resemble management or operational meetings due to the level of detail involved and the reactive nature of discussion.

As a consequence, it is difficult to consolidate and report upwards the right level of information around performance and risk mitigation. Only about a quarter of directors “very much” agree that the company provides them with adequate information for effective oversight (PwC’s Annual Corporate Directors Survey 2013). A lack of representation from outside IT in the main decision making forums misses out another key ingredient in building trust on what the IT department is doing and how this can be aligned to the overall business strategy.

To make matters worse, when the IT department is audited the main findings usually tend to focus on the lack of documentation and inappropriately designed operational processes. This reinforces existing views on IT governance, while the information flow, reporting and decision making responsibilities remain conveniently unclear. This is despite that the International Standards for the Professional Practice of Internal Auditing mandates the internal audit activity to assess whether the information technology governance of the organization supports the organization’s strategies and objectives (2110.A2).

It is not all negative though, as new standards (e.g. COBIT 5) that are slowly being adopted by the IT department help explain and elevate the importance of IT governance. Some CIOs who are increasingly pressured to engage with the Business are seeing this as a great opportunity to change and also elevate their status within their organisations.

Skill shortage

Changing though seems too great of a challenge for many CIOs. The majority of skills within the IT department focus on pure delivery of IT services. The lack of business partnering skills is being felt acutely as Boards demand from their IT departments to step up and take a more prominent role.

According to Middle East CEOs the key business threats facing businesses are availability of key skills (70%) and IT departments are caught in the middle of the search for new talent. It is not about holding the right qualifications but demonstrating the right behaviours that will help nurture trust and confidence. People are important, and their actions have a direct impact on the business and its security. Creating the right culture where people instinctively do the right thing as with many organisational issues lies at the heart of the issue.

Trust in the Digital Era

Organisations are facing rapid technological change, increasing data complexity and a growing cyber-security threat – all of which are raising the risk profile of IT to the business. Organisations will only be able to have the confidence to embrace their digital future, if they have trust in their data and security, resilience built into their systems, and with the assurance that the digital transformations projects will succeed.

Making the right choices and ultimately drive profitable growth requires a renewed focus on relevant skills acquisition and better governance. Provided these are aligned to the overall strategy of the organisation this can be the first step for building trust in the digital era. Trust combined with a new attitude to risk will allow organisations to unleash their potential and the confidence to take risks.


Konstantinos Takos MSc, ACA is a Senior Manager at PwC and leads the Technology Governance and Risk service in the Middle East.

To comment:   konstantinos.takos@ae.pwc.com