Does IT governance get enough attention in company boardrooms?: The growing need for IT Governance in African Boardrooms

By Ethel COFIE

In today’s digital-first world, technology is no longer just an enabler—it is a core driver of business strategy. Despite its importance, IT governance remains overlooked in many African boardrooms, including those in Ghana.

This oversight carries significant financial, operational, and reputational risks, which organizations cannot afford in an increasingly competitive and digitally driven market.

This article highlights the state of IT governance in Africa, examines the challenges boards face, and proposes actionable steps for improvement.

Does IT governance get enough attention?

The evidence suggests not. A 2022 report by the African Corporate Governance Network (ACGN) revealed that only 28% of boards in Africa include IT governance in their strategic discussions. In Ghana, the numbers are even lower, with fewer than 15% of listed companies establishing IT-specific committees on their boards (NITA, 2023).

Without a focus on IT governance, organizations struggle to leverage technology effectively, leaving them vulnerable to risks and missing opportunities for growth and innovation.

Why Do Boards Neglect IT Governance?

Several factors explain the limited focus on IT governance in African boardrooms:

1. Lack of Digital Fluency: Many board members are unfamiliar with emerging technologies. A 2023 PwC Ghana survey found that 61% of board members admitted a lack of confidence in their understanding of digital tools and frameworks.
2. Perceived Complexity: IT governance is often seen as too technical and disconnected from immediate business objectives, discouraging engagement.
3. Reactive Mindset: Boards tend to address IT issues only after problems arise, such as data breaches or regulatory fines.
4. Operational Perception: IT is still viewed as a support function rather than a strategic driver of growth, further reducing its priority in governance discussions.

The Consequences of Neglect

Failure to prioritize IT governance has significant implications for organizations in Ghana:

1. Financial Losses: Cyber incidents cost Ghanaian businesses approximately $105 million in 2022, according to the Cyber Security Authority.
2. Operational Disruptions: Poor IT governance contributed to delays in critical national initiatives, such as the rollout of Ghana’s National Identification System in 2021.
3. Regulatory Penalties: Non-compliance with the Data Protection Act (2012) has resulted in increasing penalties, which rose by 35% in the last two years.
4. Reputational Damage: A Bank of Ghana study found that 47% of customers cited unreliable digital platforms as a reason for switching service providers.

How IT Costs Can Be Hidden

Boards often miss hidden IT expenses or overspending due to the following tactics:

• Misclassification of Expenses: IT costs are categorized under unrelated budget lines like marketing, obscuring their true impact.
• Shadow IT: Departments use unauthorized systems, creating untracked expenses and security risks.
• Complex Vendor Contracts: Hidden fees are embedded in lengthy service agreements.
• Delayed Reporting: Cost disclosures are postponed until after budgets are approved, hindering oversight.
• Underestimated Project Costs: Initial budgets omit crucial expenses like maintenance and training, leading to repeated funding requests.
• Bundling Costs: High project costs are spread across multiple initiatives, masking overspending.
• Excessive Contingency Fund Use: Frequent, unjustified use of contingency budgets erodes financial discipline.

What Should Boards Focus On?

To ensure effective IT governance, boards must prioritize the following areas:

1. Cybersecurity: With only 30% of organizations in Ghana having formalized cybersecurity frameworks, boards must take proactive steps to safeguard against threats.
2. IT Strategy Alignment: IT initiatives should be closely aligned with business goals like customer-centric solutions and digital transformation.
3. Performance Metrics: Boards should monitor system uptime (target 99.9% reliability) and the return on investment (ROI) of IT projects.
4. Risk Management: Boards must address IT risks proactively to avoid disruptions and regulatory fines.

The Benefits of IT Governance

Organizations with robust IT governance frameworks experience measurable benefits, including:

• Higher ROI on IT Investments: A Deloitte Africa report from 2023 noted that companies with strong IT governance achieved 20% higher ROI.
• Enhanced Risk Management: IT governance minimizes cyber breaches, which affect 76% of African firms annually.
• Operational Efficiency: Reduced downtime and accelerated project delivery boost overall agility.
• Regulatory Compliance: Organizations avoid penalties and maintain customer trust by adhering to regulations.

Bringing IT Governance into the Boardroom

To elevate IT governance, boards must adopt these practical steps:

1. Appoint IT Experts: Include IT specialists on the board or form dedicated IT subcommittees.
2. Training Programs: Regularly educate board members on emerging technologies and their implications.
3. Adopt Proven Frameworks: Use established frameworks like COBIT 5 or ISO 27001 to guide IT governance.
4. Integrate IT into Strategy: Make IT governance a recurring agenda item in board meetings.
5. Monitor Key Metrics: Use dashboards to track real-time updates on IT performance and risks.

Conclusion

IT governance is no longer optional; it is a necessity for organizations aiming to thrive in today’s digital economy. For Ghanaian and African companies, prioritizing IT governance is crucial to mitigate risks, enhance operational efficiency, and drive sustainable growth. Boards must act now to bridge the gap between IT capabilities and strategic business objectives.

What steps is your board taking to strengthen IT governance? The time for action is now.