What are the Best Ways to Align IT and Business Objectives during Digital Transformation

Apac CIO Outlook | Thursday, March 25, 2021

IT is often perceived as a cost center rather than a sales enabler, and this attitude can be detrimental to risk management across the board. Documenting organizational and leadership goals that the IT company will specifically affect is one way to tackle this.

Fremont, CA: In the age of digital transformation programs, it's easy to dismiss the plethora of jobs that computers perform in a plethora of industries as magical. Many workers are unable to look at a program or other digital resources to understand how it works or how complicated it can be to get it to function properly. When an employee encounters a problem, they usually go to information technology (IT) and explain their situation. IT will look into the issue and, once again, repair it with a minute of typing and a snap of their fingers, as if by magic.

Of course, this is not the case in fact. Cybersecurity and IT experts have years of experience with the systems and issues that allow them to quickly solve many of the day-to-day challenges that employees face. However, as industries in all sectors embrace bold digital transformation efforts, the new challenges that companies and IT professionals face are becoming more diverse, and the risks of working in these spaces are becoming exacerbated by insufficient risk assessment. This is because aligning IT with business goals can be difficult, particularly when the challenges are 'invisible' or not easily quantifiable.

It is difficult to calculate the return on security investment in cybersecurity, integrated risk management, or risk assessment. These aren't the kinds of issues that would appear on several higher-level executives' desks several times a day, demanding attention. Instead, if the job is performed properly, it will never appear. When it comes to budgets and business processes, the 'invisibility' of risks becomes a problem, and C-level executives can wonder why there has been so much investment in these areas when there is little to 'show' for it. However, as these budgets are cut, cybersecurity specialists are faced with even more areas to oversee but inadequate bandwidth to handle it all. When there is a large data breach, it can be disastrous and affect any aspect of the company. Then it's a game of catch-up and a PR nightmare as organizations attempt to handle the danger and the exposed confidential information retroactively, particularly if it affects consumer experiences.

Risk management departments should begin by developing a value narrative to help C-level executives and the rest of the organization understand the significance of the process. IT is often perceived as a cost center rather than a sales enabler, and this attitude can be detrimental to risk management across the board. Documenting organizational and leadership goals that the IT company will specifically affect is one way to tackle this. To have a significant effect, value stories must keep the intended audience in mind, particularly when there is a lack of supporting data.