Nov Candor - Future Fit Corporate Governance

Future Fit Corporate Governance
November 2018
Carolynn Chalmers
Technology is connecting the world
like never before
2 © Candor Governance Pty (Ltd)

Vast data is generated and tremendous amounts
of computing power is required
Moore’s Law:
The speed of technology doubles every year

Keeping pace with Demand
- Digital computers use bits 1s and 0s
- Consider options separately

Today, Digital Computers are just too slow
- Digital computers use bits 1s and 0s
- Consider options separately
Quantum Mechanics
- Consider all options simultaneously
- Quantum computers use Qubits
Qubits can exist as 1 and 0 at the same time
10 Qubits = 1000 calculations at once
30 Qubits = 1 billion calculations at once

Quantum Computers are fast!
March 2018, Google unveiled Bristlecone
– 72 Qubits…

DNA Computers are faster!

DNA Computing is set to disrupt
computing power
“ DNA computing is a form of computing which uses DNA and
molecular biology, instead of the traditional silicon-based
computer technologies”
-Wikipedia.com
• Greater storage capacity

16 zettabytes of data were produced in 1 year (1 billion terabytes)
• Massive parallelism
DNA -based computers can work on two answers at the same time
• Lightweight:
500g = more computing power than all the computers ever made

June 2017
University of Manchester, Prof Ross King

Turned strands of DNA into the basis of a computing and data
storage system
“Imagine a computer is searching a maze and comes to a choice

point, one path leading left, the other right,” explained Professor
King, from Manchester’s School of Computer Science. “Electronic
computers need to choose which path to follow first. But our
new computer doesn’t need to choose, for it can replicate itself
and follow both paths at the same time, thus finding the answer
faster.”

June 2017
University of Manchester, Prof Ross King

Turned strands of DNA into the basis of a computing and data
storage system
“Imagine a computer is searching a maze and comes to a choice

point, one path leading left, the other right,” explained Professor
King, from Manchester’s School of Computer Science. “Electronic
computers need to choose which path to follow first. But our
new computer doesn’t need to choose, for it can replicate itself
and follow both paths at the same time, thus finding the answer
faster.”

Tech-driven Change
• Augmented Reality
– Heads Up Displays (HUD), HD virtual objects
• Chatbots
– Natural language bots, automated customer service agents, wearable device advisory
• 3D Printing
– Disruption of the manufacturing one-size-fits-all industry
• Pressure to automate
– Increasing cost of human survival outstripping Reducing cost of technology – pressure to automate
• Pressure for “answers” - Artificial Intelligence and Machine Learning

– Data proliferation, analysis, algorithm-based data manipulation, data-driven process execution
• Pressure for connectivity

– Networks: 4G -> 5G mobile | 802.11ac -> HaLow, WhiteFi wireless | copper-> optic wired | LiFi

Machine Intelligence Research Institute
The Ethics of Artificial Intelligence - 2011
Bostrom & Yudkowsky
“Current AI offers us few ethical issues that are not already present”
But in the future:

• Social roles - transparency and predictability
• Unpredictable contexts - safety assurance & engineering design
• Mental states - moral status and “persons”
• Superhuman intelligence and abilities – super-ethical behaviour
“These challenges may seem visionary, but it seems predictable that we will
encounter them; and they are not devoid of suggestions for present-day
research directions.”

World Economic Forum
2016
9 Ethical Issues in
Artificial Intelligence

Ethical Issues
in Artificial Intelligence
1. Unemployment. What happens after the end of jobs?

2. Inequality. How do we distribute the wealth created by machines?
3. Humanity. How do machines affect our behaviour and interaction?
4. Artificial stupidity. How can we guard against mistakes?
5. Racist robots. How do we eliminate AI bias?
6. Security. How do we keep AI safe from adversaries?
7. Evil genies. How do we protect against unintended consequences?
8. Singularity. How do we stay in control of a complex intelligent system?
9. Robot rights. How do we define the humane treatment of AI?

Increasing Demand
Feb 2018, Deloitte Netherlands
• Disease diagnosis and illness treatment

• Fashion design and customer interaction
• Cyber crime and fraud detection
• Personalized advertising and support
• Logistics and on-time delivery
IT Governance Failures across the World

It’s not just the ill-informed…
• Uber
• Facebook & Instagram
• Twitter
• Youtube

NZ organizations are not immune

Multiplicative and Incentivized Change

Population
Growth
LEADERSHIP
Corporate
Power
4th Industrial
Revolution
Tomorrow will look different
Our Natural World will look different
Our Urban World will look different
Our Work World will look different

Leaders must be equipped for Uncertainty
Usually, business leaders have little difficulty articulating what needs to be done
when resolving problems when there is certainty. But in uncertain times, business
problems are complex and often intractable (hard to control).
Martin Webster
What do we need in times of uncertainty?

Role Clarity Decision Transparency
Facts Structure
Assurance
Authority
Purpose Capacity
Guidance Rules of the game
Risk Clarity
Oversight

#GRC
Effective leadership in times of uncertainty

Governance V Management
Leadership /
Corporate Governance
Doing the right things
Management / Doing those things

Operational Governance in the right way

Tomorrow’s leaders use Governance…
• To articulate what needs to be done and why
• To guide when problems need to be solved
• To provide authority and role clarity
• To resource and nurture
• To communicate effectively and transparently
To provide certainty.

How to “use” governance?
Constitution
Laws and
Regulations
Codes and Standards
© Candor Governance (Pty) Ltd 27

South Africa’s King IV™
The King IV Report on Corporate Governance for South Africa 2016, The
Institute of Directors in Southern Africa
http://www.iodsa.co.za/page/KingIVReport

Guidance for Governance
• International Standards Organisation
• Technical Committee TC309 - Governance of
Organizations
• British Standards Institute - November 2016
• 4 Projects:
– ISO 37000 - Guidance for the Governance of
Organizations
– ISO 37001 - Anti-Bribery Management Systems
– ISO 37002 - Whistleblowing Management Systems
– ISO 19600 / 37301 - Compliance Management Systems

ISO 37000

Application
• Mindful • Size and turnover

• Purposeful • Resources
• Responsible • Complexity
• Contextual • Industry

Ethical and Effective Leadership
Apply the Principles as practices
Explain how you are applying the principles in practice
Recommended Practices not Required Practices

Leadership by the Governing Body
a. Steering the organisation and setting its strategic direction;

b. Approving policy and planning that give effect to the direction provided;
c. Overseeing and monitoring of implementation and execution by management; and
d. Ensuring accountability for organisational performance by means of,
among others, reporting and disclosure.

Policy – same word, different meanings
• Governance Policies
Principles which should be applied as management Practices
• Management Policies
Lower-level Principles which are executed as Procedures
• Employee Policies
Rules to be complied with, for example Employee Handbook

Governance Policies Management Policies
doing the right things in the right way
Governing Body
Executive
Operations

• Principles • Practices
• Delegation • Procedures
• Oversight • Management
Continuously
Quarterly / Weekly
/ Annually / Monthly

Direction Alignment
Outcomes Efficiency

Direction Alignment
Outcomes Efficiency
© Candor Governance (Pty) Ltd IT Governance is a System 38

Evidencing governance activities

Evidencing governance activities
Goals Addressing
Cascading Governance
“Therefore…” Risk
Principles Terms of
& Reference,
Authorities Responsibilities
Quantitative Qualitative and

and Factual Descriptive
Continual
Improvement
IT Governance - What does this entail?
Scope
Transition /
Information Technology
Transformation

IT Governance - ISO 38500
Transition /
Transformation
• Responsibility
• Strategy
• Acquisition
• Performance
• Conformance
• Human Behaviour

43 © Business Relationship Management
© Candor Institute
Governance Pty (Ltd)
IT Leadership Maturity

Effective IT – Business Engagement
Value
Business Level 3 Business Needs Level 3 IT Focus
Transformation • Business growth and Innovation
• Continuous strategy and planning
Strategic
• Rapid reconfiguration capability
Demand
Innovate
• Market information • Converge business and IT

• Business integration orientation • Expand and extend infrastructure
• Enable flexibility and agility
• Embrace ‘Consumerization of IT’
Business Level 2 Business Needs
Effectiveness • Business network/process redesign
Level 2 IT Focus
• Enable business and partnerships • Establish common IT infrastructure
• Management information • Build IT credibility
Improve
• Process orientation • Improve solution delivery

• Establish Enterprise Architecture
• Respond to ‘Consumerization of IT’
Level 1 Business Needs
Tactical
Business • Foundation systems
Efficiency • Cost savings Level 1 IT Focus
• Operational information
• Provide basic systems and services
• Functional orientation
Support
• Stabilize operations and support

• Improve service delivery
• IT management fundamentals
Time
45 Source: Business Relationship Management

© Candor Institute
Governance Pty (Ltd)
Aligning Investments
Improved information to manage, Gain competitive advantage through

control, account, communicate, positioning the firm in the marketplace,
analyze and make decisions usually with the aim of gaining sales
Reduce cost of doing business,

automating transactions,
substituting capital for labour
Shared IT services & utilities
Source: P. Weill & M. Broadbent “Leveraging the New Infrastructure: How market
leaders capitalize on IT,” Harvard Business School Press, June 1998.
Portfolio Balancing
Retireable Transactional Informational Strategic Discovery
Spending
& Staffing
Applications
Infrastructure
Today’s Portfolio

Portfolio Balancing
Retireable Transactional Informational Strategic Discovery
Spending
& Staffing
Applications
Applications
Infrastructure
Infrastructure
Tomorrow’s Portfolio

Boston Square
Management Style Management Style
Gaining Developer Innovator
Advantage - High Risk - Very High Risk
- High Benefit - Uncertain Benefit
STRATEGIC HIGH POTENTIAL
Critical to sustain May be important

Primary Purpose
future in achieving
business strategy future success
Useful but not

Currently depended
critical to future
on for success
or current success
FACTORY SUPPORT
Management Style Management Style

Avoiding Controller Caretaker
Disadvantage - Known Risk - Low Risk
- Known Benefit - Low Benefit
49 © Candor Governance
Source: BP and Cranfield School of Business, based on McFarlan/McKenney Pty Grid”
“Strategic (Ltd)
IT Value
Warranty Utility
Value “Fit for Use”
“Fit for
Purpose”
 Fitness for Use is • The Service should

defined by the be suitable for the
customer intended purpose
Sources: http://wiki.answers.com/Q/What_is_service_value
http://en.wikipedia.org/wiki/Utility

IT Governance - Information
Transition /
Transformation
Confidentiality Integrity Availability

Privacy Records Management Security

Dealing with this Devil
10 V’s of Big Data, George Firican February 2017
1. Volume: >90% of today’s data was created in the last couple of years
2. Velocity: Facebook claims 600 terabytes of incoming data per day
3. Variety: e.g. audio, image, video, social media updates, click data, sensors
4. Variability: multiple disparate data types and sources
5. Veracity: trust, reliability, meaningfulness
6. Validity: Forbes: 60% of data scientist time is cleaning data
7. Vulnerability: Increasing need for and cost of securing data
8. Volatility: data currency, availability, retrieval, archiving, destruction
9. Visualization: technology limitations
10. Value: Utility + Warrantee

2017: Harvard Business Review
May – June 2017 Issue
Elements of a Data Strategy

Defence Offense
Ensure data security, privacy,
Improve competitive position
Key Objectives integrity, quality, regulatory
and profitability
compliance and governance
Optimize data analytics,
Optimize data extraction,
modelling, visualization,
Core Activities standardization, storage and
transformation and
access
enrichment
Data-management
Control Flexibility
orientation
Enabling Architecture SSOT (single source) MVOT (multiple versions)

IT Governance - Data / Information Guidance

ISO/IEC 27000 family - Information security management systems

• This family of standards includes:
– ISO/IEC 27000:2016: Overview and vocabulary
– ISO/IEC 27001:2013: Information security management systems requirements
– ISO/IEC 27002:2013: Code of practice for information security controls
– ISO/IEC 27005:2011: Information security risk management
– ISO/IEC 27018:2014: Code of practice for protection of personally identifiable
information (PII) in public clouds acting as PII processors




Information Privacy Management Standards

• ISO/IEC 29100 and related standards
– ƒA privacy framework (ISO/IEC 29100)
– ƒA privacy reference architecture (ISO/IEC 29101)
– A framework for identity management (ISO/IEC 24760)
– ƒBiometric template protection (ISO/IEC 24745)
– ƒAuthentication context for biometrics (ISO/IEC 24761)
– ƒAuthentication Assurance (ISO/IEC 29115)

GDPR has been effective since 25 May 2018
General Data Protection Regulation
Regulation (EU) 2016/679


ISO 15489-1:2016 Records management -- Part 1: Concepts and principles
ISO/IEC 30300 family - Management systems for records:

This family of standards includes:
– ISO 30300:2011: Fundamentals and vocabulary
– ISO 30301:2011: Requirements
– ISO 30302:2015: Guidelines for implementation

Associated Information Integrity Guidance
Integrity
ISO 15489-1:2016 Records management -- Part 1: Concepts and principles
ISO/IEC 30300 family - Management systems for records:

This family of standards includes:
– ISO 30300:2011: Fundamentals and vocabulary
– ISO 30301:2011: Requirements
– ISO 30302:2015: Guidelines for implementation

IT Governance - Transformation
Transition /
Transformation
Projects Requests Continuity

Planned Planned and Unplanned
Initiatives Unplanned incidents & events

Change / Transition / Transformation
• The term “transition” refers to all the activities that

are carried out when a new or changed service is
moved to or from a “live” environment.
ISO/IEC 20000-1
• The term “business transformation” refers to making

changes in how business is conducted in order to
help cope with a shift in market environment.
John Kotter, Harvard Business Review, 2007

Sources of Change
• Globalization Impacts
Unplanned
Environmental • Technology Advances
Incidents and Events
• Stakeholder Pressure
• Strategy
Planned Initiatives
Organisational • Operational Plans
and Projects
• Compliance
• Incidents
Planned and Unplanned
Operational • Improvements
Service Requests
• Maintenance

Highlights
• Board oversight of “change”
• Strategy enablement – portfolio management
• Increased potential for convergence
• Increased focus on (IT) value realization
• Business Resilience not just Disaster Recovery

IT Governance ->
Governance of organizational enablement
Transition /
Transformation

Is YOUR Corporate Governance Future Fit?

Sneak Peek
Governing Body Tool Set
for Governing Transformation Activities

Strategic and Operational Change
Values Mission
Principles Vision
Strategy
Align
Policies Objectives
Charters Outcomes
Plans
Deliver
Operating Model
Monitoring Services
Procedures
Operate
Management Metrics
Performance
68 Source: Business Relationship Management Institute © Candor Governance Pty (Ltd)
Business Planning
Planned
Capacity
Employed
Capacity

Planning Transformation Capacity

Budgeting for Transformation
Transformation
ASSETS

Budgeting Capacity for Transformation

Monitoring Transformation
RAG Forecast
(Red, Amber, Green)
H “No-go” Add resources

Additional Management Focus
D
Required
B
C
A
L Seek Alternatives On Track
L Success to date H
Strategic Risks
Impact of
strategy
changes

Business Value Leakage
What we get done
Implementation
What IT must do Barrier
Specification
What we want to do Barrier
Expression
Barrier
Suboptimal
Suboptimal Measurement,
Accountability &
Deployment &
Organizational Capability
Operation
Suboptimal
Design
Missed
Opportunities
Misaligned Value System
Contextual Barrier
What drives our behaviours

Source: Business Relationship Management Institute
Carolynn Chalmers
“Applying King IV” Group Candor Governance
@Candor_GovN CandorGovernance.co.za
Carolynn@GovN.co.za WhatsApp +27 83 300 1309

Nov Candor - Future Fit Corporate Governance

Uploaded by

Copyright:

Available Formats

You might also like

Nov Candor - Future Fit Corporate Governance

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Nov Candor - Future Fit Corporate Governance

Uploaded by

Copyright:

Available Formats

Future Fit Corporate Governance

2 © Candor Governance Pty (Ltd)

3 © Candor Governance Pty (Ltd)

4 © Candor Governance Pty (Ltd)

5 © Candor Governance Pty (Ltd)

6 © Candor Governance Pty (Ltd)

7 © Candor Governance Pty (Ltd)

• Greater storage capacity

8 © Candor Governance Pty (Ltd)

University of Manchester, Prof Ross King

“Imagine a computer is searching a maze and comes to a choice

9 © Candor Governance Pty (Ltd)

University of Manchester, Prof Ross King

“Imagine a computer is searching a maze and comes to a choice

10 © Candor Governance Pty (Ltd)

• Pressure for “answers” - Artificial Intelligence and Machine Learning

• Pressure for connectivity

12 © Candor Governance Pty (Ltd)

But in the future:

13 © Candor Governance Pty (Ltd)

14 © Candor Governance Pty (Ltd)

1. Unemployment. What happens after the end of jobs?

15 © Candor Governance Pty (Ltd)

• Disease diagnosis and illness treatment

17 © Candor Governance Pty (Ltd)

18 © Candor Governance Pty (Ltd)

19 © Candor Governance Pty (Ltd)

20 © Candor Governance Pty (Ltd)

Our Natural World will look different

Our Urban World will look different

Our Work World will look different

What do we need in times of uncertainty?

23 © Candor Governance Pty (Ltd)

24 © Candor Governance Pty (Ltd)

Management / Doing those things

25 © Candor Governance Pty (Ltd)

• To guide when problems need to be solved

• To provide authority and role clarity

• To resource and nurture

• To communicate effectively and transparently

26 © Candor Governance Pty (Ltd)

Codes and Standards

© Candor Governance (Pty) Ltd 27

28 © Candor Governance Pty (Ltd)

© Candor Governance (Pty) Ltd 29

© Candor Governance (Pty) Ltd 30

• Mindful • Size and turnover

© Candor Governance (Pty) Ltd 31

Apply the Principles as practices

Explain how you are applying the principles in practice

Recommended Practices not Required Practices

© Candor Governance (Pty) Ltd 32

a. Steering the organisation and setting its strategic direction;

© Candor Governance (Pty) Ltd 33

© Candor Governance (Pty) Ltd 34

© Candor Governance (Pty) Ltd 35

© Candor Governance (Pty) Ltd 36

© Candor Governance (Pty) Ltd 37