ThinkTWENTY20

Harvard Business Review recently ran an article on questions Board should ask about digital transformation. They ran it because boards are usually hampered by their limited knowledge of technology. They need help with this, not to make technology experts out of them, which isn’t likely to happen, but to change their perception of the role of technology in the company. Often, there is still the perception that technology is a side issue that needs to be dealt with by the technical people. Some awareness training has yielded results by making them realize that it is a responsibility of the CEO, not just the CFO, and needs to have a central role in the company. 

To take it a step further, the board needs to understand how tech fits into their business strategy. Often they have a short term outlook in assessing this, but they need a long term strategy. They also need to know how to measure the results. And while boards have made progress in understanding cybersecurity, digital transformation has the effect of expanding the range of risks encountered.

The five questions HBR identified are:

1) Does the board understand the implications of digital and technology well enough to provide valuable guidance? 

2) Is the digital transformation fundamentally changing how the business (and sector) creates value? 

3) How does the board know if the digital transformation is working? 

4) Does the board have a sufficiently expansive view of talent? 

5) Does the board have a clear view of emerging threats?

See the article here. 

Data Sprawl is a growing phenomenon, especially with the remote and hybrid work models being adopted post-pandemic by many organizations. Broadly speaking, data sprawl is the spread of vast amounts of data being collected by organizations that often creep outside of traditional boundaries. For example, they might be stored in a remote location such as an employee’s private databank or completely outside the organization on the cloud perhaps on a piece of the cloud outside the purvue of the organization.

This gives rise to numerous issues.

Some of the data become invisible. In other words, they exist but cannot be readily found. Control over such data can easily be lost. Also, the data might be misconfigured and access controls might be compromised or configured incorrectly.

Data sprawl can also facilitate the leakage of sensitive data, violations of privacy, violations of data processing agreements with other organizations and compromised or stolen credentials for accessing and handling data. And some countries have laws around the residency of data, which might possibly be compromised with data sprawl.

Finally, data sprawl can lead to the unauthorised creation of derivative data sets, and what is known as data drift, where data can be altered and expanded to result in something quite different.

All of this is covered quite nicely in an e-book titled The Top 10 Threats of Data Sprawl and How to Mitigate Them by Dasera at https://resources.dasera.com/top-10-threats-of-data-sprawl.

Yet another development in the ongoing saga of change in the field of ESG Reporting is the  public consultation paper on ‘Due Process Procedures for EU Sustainability Reporting Standard-S​etting,’released by the European Financial Reporting Advisory Group (EFRAG). The group is seeking input by 15 September 2021.

As the paper states, “a robust yet agile and adaptable due process is necessary to meet urgent standard-setting needs within a rapidly moving landscape.” The proposals cover principles, oversight and agenda setting, as well as substantial detail on the process of standards setting itself. They affirm that it will be digital from the outset, noting that companies will need to tag reported data according to a “digital categorisation system” to be developed together with the sustainability reporting standards. Likely, this will be based on XBRL. Promisingly, it specifies that the digital implications are to be considered when developing and drafting new or amended standards.

The adoption of shared European sustainability reporting standards is part of the EU’s proposed Corporate Sustainability Reporting Directive (CSRD), and as such EFRAG has been invited to start interim work on drafting these standards, even prior to the relevant legislation being finalised. See also www.xbrl.org for further details.