As Risks Grow in Complexity, Forum Speakers Urge Savvy

June 5th, 2014 | By

Last week in Washington, D.C., directors convened at the National Association of Corporate Directors’ Spring Forum to hear experts discuss how boards can prepare for the future of American business. Panel topics ranged from oversight of emerging risks to talent development and even advertising. The common thread was clear: directors will continue to be confronted with nontraditional challenges.

Case in point: The aftermath of the cyber attack at Target has made the challenge of effectively overseeing cybersecurity risk a priority. ISS recently recommended voting against seven of Target’s ten board members, alleging that those directors inadequately prepared for data risks. Many are looking to the retailer’s tribulations as a sign of things to come: Directors may face additional scrutiny when efforts to oversee quickly evolving, highly technical risks fall short.

Instead of leaving directors anxious, panel discussions throughout the forum honed in on the following actions directors can take to prepare their companies to capitalize rather than capitulate to disruptors:

  • Leverage Big Data. With massive data collection becoming common practice, former White House CIO Theresa Payton and other speakers suggested using data from your company’s regular web traffic in order to cull anomalous and potentially malicious network activity from baseline data traffic.
  • Find a Cyber Risk Tolerance. Futurist Edie Weiner said that we can only exist in a state of “cyber insecurity.” Pragmatically speaking, companies cannot fend off every attack, but they can identify their most important assets and ensure they are safeguarded. Insecurity, to some degree, has to be accepted.
  • Look for Long-Term Trends. Focusing on quarter-to-quarter changes might obscure the large sea-change entire industries may be facing. Erwann Michel-Kerjan, executive director at the Wharton Risk Management and Decision Processes Center, challenged attendees to do their homework before pursuing a strategy, saying that the term “black swan” is too frequently used to describe predictable catastrophes. When given appropriate thought, he said risks can be teased out, analyzed, and planned for.
  • Secure the Necessary Talent. A powerhouse panel — Tucker Baily, partner at McKinsey & Co.; Earl Crane, former White House director for Federal Cybersecurity Policy; Linda Medler, former director for the capabilities and resource integration at the U.S. Cyber Command; and Krishnan Rajagopalan,  managing partner at the global technology and services practice at Heidrick & Struggles—agreed on at least one point: the gravity of having not only those talented in understanding the cyber and IT worlds within the company, but also that those employees are able to discuss these topics with the board in simple and actionable terms.
  • Transparency is Here to Stay. Jeff Rosenblum, co-founder of Questus, looked through the lens of advertising to show how the connectivity of the social media age is making the machinations of every company more visible. For him, companies in the future ought to be more transparent, disclosing their thinking, actions, and the effects of those actions.

Undoubtedly, the best responses to these rising changes are evolving, becoming more efficient and effective. NACD, through its Directorship 2020 initiative and other programs, remains committed to sharing insights from thought leaders while providing a framework in which directors can better understand a world permeated with risk.

No Comments »

How Boards Can Proactively Oversee Strategy and Risk

May 15th, 2014 | By

The 2013-2014 NACD Public Company Governance Survey found that strategic planning and oversight ranked as the number one issue for directors. While risk oversight came in at number 3, Paula Cholmondeley—who serves on the boards of Terex and Dentsply International Inc.—finds it curious that risk doesn’t follow strategy as the number 2 priority because these issues are part and parcel of each other.

During a May 6 panel discussion at the C-Suite to Board Seat program at the Four Seasons Hotel in Washington, D.C., Cholmondeley and fellow panelist Greg Pratt offered their perspectives on the board’s role in overseeing strategy and risk. Cholmondeley emphasized that strategic thinking is where directors add the most value to a company. Furthermore, boardroom discussions surrounding strategy should be viewed on an ongoing basis—not as a single event. Chairman of Carpenter Technology Group and director of Tredegar Corp., Pratt went on to  compare strategy to a GPS system:  A tool that tells you where you are, where you want to go, and the possible ways to reach that destination. According to Pratt, directors have a responsibility to use strategic discussions and planning to decide which route is best for the business.

THREE KEY TAKEAWAYS FOR OVERSEEING STRATEGY

1. Educate yourself—and others. This is especially important for directors serving on boards in industries in which they do not have prior experience. Reading industry publications, attending relevant conferences, and getting exposure to as many sources of industry information possible can help directors enrich board discussions. Similarly, directors should ensure that the strategic goals are well-known throughout the company. This could include requesting that the CEO meet with staff so that goals are communicated to the lower levels of the company.

2. Set reasonable benchmarks. Directors should consider the critical assumptions underpinning the strategic plan. For example, how much progress is the company expected to make in the course of a month? Evaluate whether those benchmarks are reasonable for your company by consulting regional or national industry sources as well as third-party sources.

3. Monitor the course and evolve the strategy. The board should consistently review corporate performance with respect to the strategy, and alter course when necessary. Boardroom culture should support open discussions with the c-suite—and management should feel free to report to the board areas where the strategy may or may not be working. As a company reacts to different economic environments, the board needs to be able to evaluate which initiatives worked, which initiative work over a period of time because they are key to your business.

THREE KEY TAKEAWAYS FOR MANAGING RISK

As stated in the 2009 Report on the NACD Blue Ribbon Commission on Risk Governance: Balancing Risk and Reward, “Every business model, business strategy, and business decision involves risk.” Risk may bring doubt, but it is the board’s role to work with management to find a balance between the costs and benefits of a strategic plan.

1. Get the committees involved. While ultimate responsibility for governing risk lies at the board level, the board can look to committees for support. In publically-traded companies, the audit committee has traditionally assumed the responsibility of risk oversight.  A growing trend, however, is to delegate specific risks to various standing committees. The board can also create new committees that manage the emerging facets of risk, such as keeping the board abreast of new sources of competition.

2. Work with management to assess risk. Open communication between management and the board is critical, especially because the C-suite is likely to be the first to see that a strategy is not working. Directors should learn how risk discussions take place within the various departments and business lines, and establish multiple avenues through which directors can work with management.

3. Be aware of the risks around the corner. The board should constantly review potential non-traditional sources of competition, for example, Amazon’s move to enter the dental distribution market.  Likewise, a company should work to make itself obsolete—best itself at its own game before the competition—and then create a strategy that will again put the company on the cutting edge of its industry.

NACD will continue to discuss these issues throughout 2014. Our Directorship 2020 events explore the disruptive forces that create new challenges in the boardroom and our forthcoming 2014 Blue Ribbon Commission Report will address the board’s role in recalibrating strategy. The topic will also be discussed at the next C-Suite to Board Seat in Beverly Hills, CA.

1 Comment »

Leveraging the Risks and Rewards of Information Technology

May 8th, 2014 | By

As information technology (IT) continues to evolve, so do the oversight responsibilities of corporate directors. From big data analytics to social media to cybersecurity, technology creates opportunities for companies to innovate, to create operational efficiencies, and to develop a competitive advantage.

These potential rewards can bring significant risks, however. Directors have the task of ensuring technology is integrated into both company strategy and enterprise risk management—and to do so they must first gain a deeper understanding of how technology is impacting their businesses.

To help directors ensure they are prepared to leverage both the risks and rewards of IT, NACD developed an eight-part video series—The Intersection of Technology, Strategy, and Risk in partnership with KPMG and ISACA.

The series includes insights from leading technology experts and top executives from AT&T, Citigroup, Dunkin’ Brands, Kaiser Permanente, and  Oracle, among others, and focuses on critical IT areas for directors, such as:

  • how emerging technologies are altering the business landscape;
  • critical questions boards should be asking about technology;
  • the role of the CIO;
  • disruptive technologies;
  • fostering innovation;
  • balancing IT risks and opportunities;
  • cybersecurity; and
  • social media.

To complement the video series, NACD has additional resources, including white papers, articles, webinars, full transcripts of each video, and a discussion guide for directors who would like to take a deeper dive and bring these topics into their own boardrooms.

To watch The Intersection of Technology, Strategy, and Risk video series and access the supplemental resources, visit NACDonline.org/IT.

1 Comment »