By: Joseph Yaw ASUMANG
According to Deloitte’s 16th (2025) annual Tech Trends report, the business case for growth reveals that the most promising and profitable futures will likely emerge from industry and technology convergence.
This opinion buttresses the new phenomenon of the overwhelming dominance of business by technology and the business world’s inseparable hinge to technology, and yet here in Ghana, technology is inadequately represented in the board room, the apex body of corporate governance.
Is technology’s poor showing in the board room a symptom of a fundamental disconnect between technology governance and corporate governance, in a way that weakens the board’s oversight over technology?
There is ample justification for better alignment between technology governance and corporate governance, considering the roles of the board and executive management as the principal and agent respectively, and their shared fiduciary responsibility towards shareholders, in the wider scheme of IT management and overall corporate governance.
The unique place of technology as an all-important double-edged strategic lever for business success, also lends credence to the need for alignment.
The board has a responsibility and a key role to play in recalibrating the connection between IT governance and corporate governance, to enhance its oversight capacity over technology for business success.
THE CHALLENGE
Digital technology’s foray into business has been quite dramatic by all accounts, considering the wave of digital transformation sweeping through the business landscape. Nevertheless, technology is not actively present in boardrooms.
The absence of widespread adoption of technology into the practice of corporate governance is a manifestation of what can be described as a misalignment of information technology governance and corporate governance.
Traditionally, boards have been constituted with bias for predominantly business administrators such as accountants, economists, sales or finance professionals and the occasional membership with some technical background (engineering, telecommunications or IT), specifically related to the core business of the company.
The backgrounds of members of the board of a cross-section sample of the listed companies on the Ghana Stock Exchange were analysed with the following results.
| Member Professional Background | Percentage |
| Accounting/Finance/Banking | 41% |
| Marketing | 2% |
| Business/Economics/Management | 26% |
| Law | 5% |
| Risk | 1% |
| Engineering | 7% |
| HR/Psychology | 3% |
| Biology/Chemistry/Pharmacy | 5% |
| Information Technology | 9% |
Sampled survey of board member professional background of listed companies in Ghana
21st March 2025
From the survey, close to 70% of board members have business (accounting, finance, banking, economics and management) backgrounds, while only 8% have a technology background.
The percentage representation of members of technology background for all the combined non-banking companies reduces to 5%, with 60% of companies having no membership with a technology background at all.
All the banking companies surveyed have a member with a technology background, with 11% share of the total membership. This can be said to be the result of the specific directive from the regulator with respect to the management of cybersecurity risk.
Globally, Gartner predicted that by 2026, seventy percent (70%) of boards will include at least one member with expertise in the field. Forbes expressed similar sentiments for their 2024 cyber security predictions about a year ago and suggested that in 2025, boards should look to paving a new path forward that recognizes that boardroom status quo is not sufficient to address the unique opportunities and risks of the digital future.
The contention here is that broadly speaking, there is a gap within today’s corporate governance practice, which does not reflect the real focus of business when it comes to technology.
IT governance must dovetail more firmly into corporate governance to enhance board oversight over technology for it to assert its influence in a way that reflects its pivotal role as an enabler to the attainment of strategic business goals and the guarantor of information security for business to pursue its goals.
IT GOVERNANCE AND CORPORATE GOVERNANCE
The key question is, how exactly is IT governance related to corporate governance and what is the basis for the call for better alignment? IT governance and corporate governance are governance frameworks with separate but interconnected spheres.
While IT governance relates to the sub-set domain of the IT function specifically, corporate governance presides over the entirety of the organization. IT governance must be considered as integral to corporate governance, which is the overarching set of processes, procedures and policies aimed at managing an organization to deliver its objectives, ethically, legally and efficiently.
Corporate governance: Corporate governance embodies the system by which companies are directed and controlled, with the board as the apex organ, entrusted with the responsibility and authority to ensure sound and ethical operation of the company in the best interest of all stakeholders.
Part of the board’s responsibility for sound and ethical operation is delegated to executive and senior management for the day-to-day activities, but the board retains ultimate responsibility and accountability to shareholders.
IT governance: On its part, IT governance has a mandate to provide a structured approach, using guidelines on policies, procedures, processes, controls, security and accountability, to the strategic management of IT resources within a company to ensure effective alignment with the company’s strategic goals.
This key mandate is aimed at ensuring that IT investments support business objectives. Various IT management and governance frameworks such as COBIT (Control Objectives for IT), ITIL (Information Technology Infrastructure Library) and well-established Enterprise Architecture frameworks like TOGAF (The Open Group Architecture Framework) all imbibe the notion of aligning IT and the business strategy as a centerpiece of effective IT management.
Shared fiduciary responsibility: The primary objectives of corporate governance cascade down to IT governance, whose overall focus is to align technology-related activities to the strategic objectives of the organization to deliver value from IT investments.
IT governance aims as well to manage IT-related risks effectively and to ensure the efficient use of IT resources. These specific objectives and focus of IT governance directly support the goals of corporate governance, not least the goal of protecting shareholder interests by steering the company in the right direction.
Common elements implicit in both frameworks like strategy alignment, efficient resources use, accountability, and risk management, highlight the interconnected nature of IT governance and corporate governance and points to a shared fiduciary responsibility.
TECHNOLOGY’S EVOLVING ROLE IN BUSINESS
Technology and business have become inextricably bound together in today’s world. The evolution of using information technology systems to drive business, a phenomenon which started many decades ago, has been boosted in today’s digital age.
The internet age of the early nineties laid the groundwork for the transformative role of technology in business.
The digital age: The current digital age and its expression in the form of digital transformation has cemented the coupling of technology and business conclusively.
Digital Transformation, whether through an elaborate and deliberate transformative initiative or a selective ad hoc and opportunistic use of digital technologies for a particular business solution, points to an attempt to create a link between productivity and business outcomes using technology.
The commentary today regarding the influence of technology in business, highlights its significant role in enabling business strategy and facilitating business operations.
The dependency of business on technology is evident and widely recognized. One only needs to consider the theme of the 2025 world economic forum – “Collaboration for the Intelligent Age” – to understand the strategic place of technology in business and the economy at large.
TECHNOLOGY’S HIGH RISK
We are seeing an increasing contribution of technology to companies’ overall operational and reputational risk profile, due to technology’s indispensability in day-to-day operations.
Single point of reliance: Most businesses would cease to operate normally if the underlying technology system ceases to function. The overwhelming reliance of business on technology, planned redundancy and disaster recovery provisions notwithstanding, translates to significant potential risks posed by technology directly to business operations.
High cost of technology: Headline-grabbing news of ballooning global IT spend is a constant feature of the debate on the impact of technology on business and a constant reminder of the need for more effective cost control.
Gartner predicts worldwide IT spend to total $5.61 trillion in 2025, an increase of 9.8% from 2024. Technology spend continues to outpace other budget lines in most cases. High-spending industries invest up to 11% of revenue in technology, while the global average is 4% to 7%.
Whichever way one looks at it, technology spend constitutes one of the highest expenditure items of the organisation’s budget. Rising global technology spend has direct implications on technology’s perceived risk.
Information as a critical resource: Another major source of high risk associated with technology stems from the fact that information is a key resource of an organization our digitalalised world and the IT organisation is the primary custodian of nearly all the entire information assets.
IT’s longstanding responsibility for information security has evolved into the specialised domain of cybersecurity, thanks largely to digitalization. Cybersecurity has evolved into the governance vehicle for information security generally, providing a structured framework for managing information security risk within the organisation.
As cyber threats continue to grow alongside the increasing digitalization, cybersecurity has become an important aspect that offers a structured and rigorous approach to effectively strategise and manage information security risk.
THE NEED FOR ALIGNMENT
The justification for the need for IT governance and corporate governance alignment is influenced by technology’s strategic relevance in a fast-paced digitalizing business environment and the dictates of the board’s mandated responsibilities.
Technology’s strategic place in business: The combined effect of the high dependency of business on IT, the inherent cybersecurity risk and the size of the resources consumed by IT makes IT an important strategic function which requires commensurate attention in its management. With technology having such high strategic importance, the linkage between IT governance and corporate governance becomes self-explanatory.
IT governance’s overall focus is to align technology-related activities to the strategic objectives of the organization to deliver value from IT investments, manage IT-related risks effectively and to ensure the efficient use of IT resources.
In this regard, IT governance should be seen as an integral part of corporate governance which aims to ensure the most optimum pursuit of the organisation’s objectives, while preserving the balanced interest of all stakeholders.
Responsibilities of the board: Beyond the conceptual arguments, the need for alignment is rooted in the very nature of a set of four key tasks expected to be performed by the board. A careful analysis of these tasks highlights the embedded technology-related dimensions, which calls for a technology-focused consideration by the board.
Task 1: Setting strategy and structure: The board is expected to oversee the process of evaluating strategic options to determine a viable strategy and the means and plans to implement the strategy. Technology, being a key enabler to strategy must be given the appropriate focus and consideration to ensure effective alignment between technology and business strategy.
The board is also expected to ensure the appropriateness and capability of the company’s organisational structure for the attainment of the strategic goals.
This oversight responsibility for appropriate structure must cascade specifically down to the technology function, as a way of ensuring the effective contribution of technology in the pursuit of the organisation’s goals.
The demands of today’s digital and innovation-driven business environment require a level of agility in the way technology is managed, which has a dependency on the design of the IT organisational structure. Cross-functional teams are becoming the new norm for agile delivery methodologies.
The board must have an oversight duty to ensure that the right conditions are in place for the development of a technology-business aligned strategy and an able innovation-centred organisational structure for execution.
Task 2: Delegating to management: Executive and senior management derive their authority from the board, therefore the board retains the responsibility to maintain an effective oversight mechanism for probing, monitoring, and directing.
The form of this probing, monitoring, and directing is typically achieved through open communication with executive and senior management and through various forms of management reports to the board on agreed directives, policies as well as operational performance parameters.
For the board to maintain a focus on technology, the oversight mechanism, specifically for technology, must be a key undertaking of the board.
The board, as part of its oversight responsibilities, must be interested in having an insight in the effectiveness of Information Technology management in terms of strategic alignment, control and risk management effectiveness, as well as operational efficiency.
After all, principal-agent relationship of Agency Theory is at play and the theory teaches us that loss drops when the principal has insight into the level of service they are receiving from the agent.
Task 3: Exercising accountability and responsibility to shareholders and stakeholders: The need for accountability to shareholders and responsibility to relevant stakeholders have a direct bearing on why technology governance needs to be projected and asserted more prominently within the corporate governance domain.
Accountability to shareholders is involves the need to balance competing short term versus long term interest as well as directly conflicting interests of different shareholders.
The acquisition and use of technology which often involves substantial capital expenditure squarely falls within the typical business decision tussle between today’s investment versus tomorrow’s gain.
Therefore, the board must be equipped with a decent appreciation of the nuances around technology investment and deployment and the real effect on business outcomes, in order to be effective in technology related decision-making to protect shareholder interests appropriately.
By bringing adequate and the requisite domain understanding to technology related issues and decision-making at the board level, the board will be better placed to demonstrate sufficient knowledge-based accountability and responsibility to shareholders and stakeholders.
Task 4: Risk Management: The board has a responsibility to ensure management determines risks of all kinds and how best to control them.
Technology related risk is a major component of operational risk and with the rising threats from cybersecurity, due to the increasing digitalisation of the business environment, information security or cybersecurity has made the need for technology governance a priority and the board has a responsibility to provide the requisite oversight of the organisation’s information security activities and outcomes.
The importance and the complex requirements of managing information security risk makes a compelling case for aligning information technology governance with corporate governance to enhance the board’s oversight.
BRIDGING THE GAP-THE ROLE OF THE BOARD
Four important actions are necessary. First, the board must acknowledge the deficiency from the misalignment.
Secondly, it must build the relevant capacity to facilitate the alignment, and thirdly, bring technology firmly within board stewardship by establishing relevant oversight structures and channels, and lastly, the stakes of IT governance must be raised to bring alignment between technology and corporate governance.
Acknowledging the need for alignment: The first step towards achieving alignment is the acknowledgement by the board that there is a need to bring technology within its oversight realm more effectively.
Acknowledgement comes from an innate interest within the board to gain a better handle over technology-related matters or the outcome of board self-appraisal, which is an attribute of an effective board. Underlying such acknowledgement is the board’s sense of responsibility to ensure balanced stakeholder interests and efficient use of resources in the pursuit of the organisation’s goals.
As technology continues to permeate the business strategy, it is evident that a sharper and more incisive focus on the affairs of technology and its impact on the organisational goals is needed.
Capacity building: The board, like all functional entities, needs to have the requisite capacity to function effectively. Capacity building usually starts with the collective professional and technical backgrounds of the members who constitute the board.
In general, technology remains significantly underrepresented in boardrooms, a situation which weakens the connection between technology and corporate governance. To address the disconnect, it is essential for boards to make a deliberate effort to enhance their capabilities in relation to technology.
This can be accomplished by ensuring adequate representation of technology-based expertise at the board level to enhance board oversight over the effectiveness of technology’s role.
Establishing oversight structures for firm technology stewardship: An important element of the board’s function, in the pursuit of its oversight responsibility, is the devolution of responsibility to designated board committees for selected domains.
It is therefore imperative for the board to facilitate the creation of an effective governance structure for technology such as a sub-committee on technology to provide the needed specialised technology domain knowledge to connect technology more effectively to corporate governance.
Raising the stakes for IT governance: In addition to the above interventions, the board must also take steps to ensure that IT governance is effective. Oversight focus must be directed to the following specific areas and goals:
- Technology and business strategy alignment for business objective realisation
- Technology service delivery effectiveness and integration with customer experience strategy
- Prudent Technology spending and cost-benefit impact tracking
- Project management and delivery efficiency
- IT organisational structure’s resource and productivity efficacy
- IT Operational resilience and security
- Effective IT audit for governance, risk and compliance assurance
CONCLUSION
The case for aligning corporate governance with IT governance is implied in the defined role of the board and the demands imposed by the changing realities of our time with respect to the dynamic interplay between technology and business.
Its unique position makes a strong case for it to be given prominent treatment by the board. The fiduciary responsibility of the board towards the stakeholders of the organization is implicitly extended to IT governance, which has at its core, the need to align technology and business strategy and the control of efficient and reliable use of technology’s vast resources.
Thus, close coupling of IT governance with corporate governance has become a necessity in the current business environment.
Regrettably, reality is out of step with the need for focus at the board level, considering the general dearth of technology domain knowledge representation on boards.
The board, amongst others, is mandated to have requisite knowledge about the workings of the company, maintain an appropriate balance between short and long-term considerations in decision-making to drive the business forward, and maintain prudent control.
These overarching mandates together with the dictates of specific tasks expected of the board all point to a need for elevated attention to technology.
Boards have a role to play to enable the needed alignment of IT governance and corporate governance, by first acknowledging the gap and the need for better alignment, taking steps to enhance the capacity of the board with respect to technology domain knowledge and finally, creating the relevant structures for exercising an active oversight of the board on information technology governance.
WRITER’S BIO
Joseph is an Information Technology Strategist with extensive experience in both technology advisory and management capacities, helping organisations to derive maximum value from their technology investments, through effective technology transformation strategies and quality assured execution.
Email: yawasumang@gmail.com
Linkedin: https://www.linkedin.com/in/JYA-02082015
Telephone: 233 552570751
The post Aligning information technology governance with corporate governance in a digitalizing world: The role of the board appeared first on The Business & Financial Times.
Read Full Story
Facebook
Twitter
Pinterest
Instagram
Google+
YouTube
LinkedIn
RSS