IT Infrastructure is key to CIOs leading enterprises in their management processes
CIOs and other members of the IT management team could be the reason their companies’ management processes may not be working. There are many recent changes in the business and operating environments that need to be addressed on an on-going basis:
- Expectations for governance oversight
- Globalization of markets and operations
- Changes and greater complexities of business
- Demands and complexities in laws, rules, regulations, and standards
- Expectations for competencies and accountabilities
- Use of, and reliance on, evolving technologies
- Expectations relating to preventing and detecting fraud
If the managers, the CIO and IT management team have good demonstrative behavior, everybody down the line will copy that. People need to operate by example, if the CIO does not follow the rules or address issues like those above then that is viewed as acceptable behavior.
An effective management process needs to be the right tone from the IT leadership team. Though the effectiveness of management process is difficult to quantify, it can mean the difference between successful companies and struggling ones. Firms that sell products overseas, for example, are at a “competitive disadvantage,” if they don’t have good management process control outcomes. It’s like fire prevention. You don’t know how many fires that you’ve stopped.
A lack of good management processes leads to poor internal controls. This in turn presents opportunities for fraud, even among some of the most trustworthy employees.
For example, having good internal controls means segregating the bookkeeping and accounts-receivables duties. That means not having one person in charge of authorizing, posting and having final custody of live checks. Bad controls, for example, would be if the accounts-receivables clerk is responsible for all those things, which can be the case in small businesses.
Companies need to be particularly mindful of former employees in business units as well as within the company as a whole. When employees move departments, their access to sensitive data can increase. Equally important is an employee who changes positions in the company. Simply by keeping old passwords active, CIOs are enabling a good person to do bad things.