Why it’s necessary for management to understand IT

by | Mar 1, 2016 | IT Security, Pen Testing | 0 comments

Information technology is no longer just the department that buys new computers and answers help desk calls. Its actions, influence, recommendations, and spending impact nearly every corner of a company.

IT can determine how well the company complies with industry standards and government regulations. It can either enhance or impede the sales, marketing and customer service processes. And it plays perhaps the largest role in how quickly an organization can grow, change or adapt to changing market conditions.

Because of its expanded role in most companies, IT can no longer be ignored by upper management. Senior management must play an active role in determining how a company will use its technology resources in today’s digital economy.

Below are three of the many reasons management must understand and be involved in IT.


IT is a major expense

On average, companies of all sizes spend anywhere from 3 percent to 7 percent of their annual revenues on information technology. And it accounts for about 40 percent of capital investments.


Yet larger investments in IT doesn’t always translate to improved company or financial performance. In fact, the opposite is often true: companies that are more frugal and disciplined in their IT spending perform better. Corporate America is littered with failed IT projects, duplicate technology and software implementations that didn’t deliver promised results.

Without upper management involvement and understanding, IT procurement can resemble the Wild West and an organization can be crippled with shadow IT projects, unnecessary software and overspending.

IT is a major source of risk

It’s difficult to imagine a greater risk to a company than the increasing possibility of a data breach or other hacker attack on network infrastructure. Cyber attacks have become an almost daily occurrence and an expensive one to remedy.

A survey released recently by Kaspersky Lab, titled “Security of Virtual Infrastructure,” found that, on average, small and medium-sized business (SMBs) will spend roughly $73,000 on recovery costs of a security breach on a virtual network, and $34,000 when the breach occurs on non-virtualized infrastructure. The average cost for large enterprises to recover from an attack on physical networks is about $454,000, but more than double — $942,000 — when it happens on a virtual network.

Anybody who has access to your organization’s network is a potential vulnerability. Management that doesn’t understand this reality may assume their IT department has adequate safeguards in place, or they may side with the marketing or sales executive who thinks the new password or bring your own device policies are too draconian. It is imperative for upper management to understand the organization’s IT risk posture to hold all staff members accountable for cyber security.

The expense involved in preparing for and responding to cyber attacks isn’t the only reason management should understand this category of IT. Regulators, customers, vendors and investors are increasingly asking what companies are doing to protect sensitive data, and they’ll be continually posing that question to the C-suite. It’s therefore imperative that upper management understand those safeguards to alleviate those stakeholder concerns.


IT is a strategic advantage

In today’s digital environment, IT should no longer be relegated to support role. How companies manage IT is critical to competitiveness. If management is sufficiently involved in IT investments, technology enables corporate initiatives such as process re-engineering, total quality management and even expansion. In addition, technology is nowadays an integral part of the traditional 4 Ps of the marketing mix, which include Product, Price, Promotion and Place (aka distribution).

Even if your companies product or service isn’t IT related, technology in many organizations is a source of data and analytics that influence key decisions on product and company strategy. In addition, your technology investment and strategy will largely determine the effectiveness of the other three.

Your prices are influenced by how efficiently you produce products and services, and technology is often the catalyst to maximizing efficiency. It can make employees more productive by providing instant access to information, standardizing processes and reducing mistakes and redundancy.

Technology is also a big part of the promotion and advertising process. People often discover a company through a web search, email campaign or social media presence.

IT investment is also a major part of how effective your product or service is distributed. One obvious example is a company that sells directly through a website. But technology is critical in logistics and inventory management, and whether the company’s dealings with customers and suppliers are efficient, scalable and timely.

While senior management can’t be involved in every IT proposal and decision, it must ensure that technology investments and policies are compatible with the organization’s overall vision and strategy.