Website crash provides some lessons in IT governance

 A website malfunction can result in a trail of angry customers, red-faced executives and damaging comments on social media platforms. But how can the average director stave off such an experience?

Melbourne-based adviser on IT governance, Mark Toomey, stresses the importance of proper testing, but adds: “We can’t expect directors to be out there testing systems and we can’t expect them to have the in-depth technical knowledge to directly assess the testing arrangements.”

In fact, he says directors don’t need to have any of that detailed knowledge. “There are many probing questions that directors who have no specific technology skills can ask to discover whether management is on the ball and to gain comfort in the systems on which the business relies.”

For example, Toomey says that directors can ask: “What is the proven sustained peak workload at which our system can operate before customers experience an unacceptable reduction in service?

“The only way that management can truthfully answer this question is to have conducted stress tests that give a clear answer. It’s the one question beyond any other that gives confidence, but only if it is answered in a way that confirms a robust method of determination,” he says.

Toomey warns that because there are many potential points which could cripple web-enabled online shopping systems, its vital to ensure that management has a clear, workable and preferably well-rehearsed plan for dealing with any fallout. The issues that warrant consideration in such a plan are how to:

  • Promptly and efficiently field complaints and other messages from customers, which may arrive by email or be detected on several social media systems.
  • Keep customers, the media and others updated on the situation and the action that is being taken, with pragmatic estimates for resumption of service when possible. The plans for informing customers should include a wide array of channels, such as an opt-in email, a text message or messages dispatched via social media.
  • Provide customer service via alternative channels.
  • Protect your market share in the face of an attack – for example, if competitors seize the opportunity to acquire business/customers while your systems are not working.

Toomey adds: “No matter how much testing is carried out, the ultimate measure of performance in a 21st century online shopping system is what each customer experiences. It’s not enough to simply wait for customer complaints to reach a crescendo. Processes should be in place to understand exactly what customers are experiencing and to detect problems before a crisis develops.

“Directors should ask management to explain how the customer experience is monitored and managed, and management should provide ongoing reporting of the customer experience as part of a comprehensive approach to the oversight of online channels. And from time to time, it wouldn’t hurt for directors to take on the role of customer and actually use the online channel themselves, rather than making an in-store visit.”

New standard

Meanwhile, Standards Australia has published a new standard designed to help boards and executives effectively discharge their governance responsibilities when it comes to the oversight of major IT projects.

“The standard has been prepared to set out how significant IT projects can benefit through the use of appropriate governance frameworks and principles,” says Dr Bronwyn Evans, CEO of Standards Australia.

She says guiding successful projects, driving change within organisations and achieving desired business outcomes requires clear engagement between governing bodies and their senior executives.

“Organisations undertaking significant IT projects will find this is the ‘go-to’ document when it comes to linking governance and management.”

Max Shanahan, project editor and member of Standards Australia technical committee, IT-030, says the standard is also designed to assist members of governing bodies, who are required to evaluate business cases for major IT-related investment decisions, without having the benefit of a technology background.

Toomey endorses the new standard in December, saying: “Shanahan and his helpers have now compiled a very useful resource that will help organisations to be more successful when they invest in IT-enabled change.  The timing could not be better.  Digital Transformation is the new name for IT-enabled change and it’s a topic that is front of mind for many commentators on business today.”

Sponsor_Issue 24