Digital Governance

Is your business up-to-speed with digital governance? It might not sound like the most exciting of questions. But it is an important one.

Digital governance involves the processes and guidelines, overseen by an organisation’s Board, that define the ways that the opportunities and risks associated with digital technologies are managed.

It is a lot wider than “best practice” in e-commerce, content management and digital asset management. It’s about responding to, and managing the use of, digital technologies across the whole of an organisation: finance, HR, marketing, sales, IT and operations.

Digital governance is important as a separate and defined part of wider corporate governance principally because digital technology is increasingly becoming a vital part of the lives of consumers and because more and more business involves digital technology. These days, make a bad call about digital and the chances are you are causing real damage to your organisation.

But digital governance is also important because the way regulations apply to digital technology is not always well understood and this leaves organisations open to risks of compliance failures. (Never mind that the regulators themselves are sometimes not up to speed and can fail to make things clear!)

While digital governance is complex, most organisations can conveniently consider it within a number of different topic areas:

  • Business strategy
  • Cyber risks
  • Social media risks
  • Regulatory compliance
  • Talent acquisition and management
  • Investments and returns

Let’s briefly take these one by one.

Business strategy

How does digital technology affect business strategy? Senior executives need to ask themselves whether they understand consumer trends; for instance, are they keeping up with the way that many consumers are moving away from fixed internet access to smart mobile devices?

And there is a need to look wider than consumers. How are your competitors reacting to digital technology? Can you work with suppliers in a different way, cutting costs and timescales, through the use of digital? And how does digital technology affect the PESTLE (political, economic, social, technical, legal, environmental) landscape?

Finally, while no one can predict the future, it’s as well to be aware of potentially disruptive technologies on the horizon. Don’t spend too much time on this as it is easy to get wrong. For instance the jury is still very much out on whether wearables (at least as currently developed) will have popular applications wider than health and fitness. So spending a lot of time and effort in this space may be wasted (sometimes there is a lot to be said for “second mover advantage” as Google, Apple and Facebook have all discovered).

Cyber risk

It’s easy to give up on cyber risk and say “Well, if it happens, it happens. I leave that to the geeks in the IT department”. But Boards have a statutory obligation to oversee risk management and report on it and that includes cyber risk. It’s important because cyber risk can cause damage to operational efficiency, reputation and share price. So Boards really do need to get a handle on this and equip themselves with the knowledge to be able to quiz IT specialists.

For instance, good IT people will know that cyber risk is not just about defending networks. It involves defending information, wherever it is. And it’s often driven by phishing rather than brute hacking. Are you equipped to question your IT team about this?

In addition there is a need to monitor identity theft and fraud sites and this may not even be part of your IT team’s remit.

Social media risk

Part of cyber risk is social media risk. This is little understood but can have massive impact as New York Stock Exchange investors found when $130 billion was wiped off stock values as a result of a single tweet from a Twitter account that had been hacked.

Social media risk can cause reputational damage but the risks go wider and can affect business strategies, recruitment, compliance and legal risks such as libel and discrimination. In order to defend against these risks companies need to manage employee use of social media as well as listening to and managing public social media comments.


Digital technology can cause many compliance issues. For instance inappropriate social media use can result in fines for breaching advertising regulations or Fair Trading rules. And careless data protection can result in considerable fines (and reputational damage). Potentially there are also dangers around accessibility and disability discrimination: for instance if you offer a service online and are not taking reasonable steps to provide access to the disabled (such as the visually impaired) you are breaking the law.

In addition many industries have their own regulations that are impacted by digital technologies. For instance financial services and pharmaceutical companies have particular requirements about recording interactions with consumers that are increasingly difficult to meet in the light of social media technology.

Human resources

Digital can also affect how organisations attract and retain talent, an issue of major concern to many Boards. Issues to consider include:

  • How to use social media profiles during the recruitment process without risking accusations of discrimination
  • How to manage employee use of social media at work without de-motivating people and without being accused of invasion of privacy
  • How to ensure that employee’s use of social media does not leave an organisation open to vicarious liability
  • How to manage any damage to the “organisation-as-an-employer” brand that happens via social media
  • How to ensure that irresponsible or disaffected employees cannot damage the organisation’s brand by unmonitored access to social media accounts


Finally, Boards need to ensure that digital investments are appropriate, and deliver appropriate returns. Questions to ask here include:

  • Do web and mobile assets deliver value from a user perspective, ratger than simply from an organisational viewpoint?
  • Is any spending on digital advertising appropriate and are returns being reported accurately?
  • Do digital investments, for instance in websites and apps, assist or hinder a consistent and positive brand experience across all channels?
  • Is there an appropriate strategy for developing digital assets across the organisation so that redundant investment is avoided and ownership is managed?

Managing digital governance

Managing digital technology is now key to almost any organisation. A structured process is required. This should involve auditing technology touchpoints, listening to social media activity, controlling how employees use social media, preparing for difficult situations, and archiving any conversations with consumers in case of future legal requirements. In addition it is important to develop a culture that is prepared to learn from events rather than simply blaming people when unexpected things go wrong. More on this in a subsequent post.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s