Failure to adopt emerging tech a key governance risk

Read time 3min 30sec
Tichaona Zororo, director, EGIT | Enterprise Governance of IT.
Tichaona Zororo, director, EGIT | Enterprise Governance of IT.

While emerging technologies present new governance, risk and compliance challenges, a failure to embrace new technologies could also be a significant business risk, says Tichaona Zororo, director: Digital Transformation & Innovation Advisory at EGIT | Enterprise Governance of IT, and immediate past president of ISACA South Africa.

ITWeb Governance, Risk & Compliance 2020

25  February | the Forum | the Campus, Bryanston
Enhance your knowledge and skills regarding the most critical issues surrounding GRC. Click here to register your seat today!

Speaking ahead of the ITWeb Governance, Risk & Compliance 2020 conference where he will be a keynote speaker, Zororo notes that not adopting new technologies could prove riskier than adopting them.

“A plethora of new technologies are entering the enterprise – artificial intelligence (AI), robotics, machine learning, internet of things (IOT), DevOps and blockchain, for example. At the same time, mobility and cloud have become the de facto way of doing things. In this environment, stringent IT governance policies and procedures have to be in place to guard against threats like cyber risk and significant loss of market share.

But more importantly, governance is needed to guard against the very real risk of the enterprise failing to adopt emerging technologies, or failing to realise its business objectives through the deployment of emerging technologies,” he says.

Zororo points to major traditional banks losing market share to disruptors, and multinational enterprises that faltered because they could not adapt fast enough to new business models enabled by new technologies. Many organisations have also invested heavily in emerging technologies, but failed to use them effectively to the realisation of all stakeholders’ needs.

“Governance frameworks such as King IV and COBIT make it very clear that the board of directors is responsible for the governance of digital transformation and innovation – they should evaluate and monitor these technologies, and set the direction for how the enterprise should use technologies to deliver value for the enterprise and its shareholders,” Zororo says.

“Failure to provide governance over the use of emerging technologies could result in companies losing market share, and being unable to compete today and in the future.”

It is crucial to not just adopt the latest technologies, but also to have the right governance in place to align it to stakeholder needs and company strategic and performance direction, he adds.

“Those who fail to govern effectively the use of information and technology, including emerging technologies, could be held accountable, and we see stakeholders and stock holders putting more pressure on the board and executive management to provide the right leadership in terms of use of emerging technology.”

Zororo is a renowned speaker and member of, and advisor to, a number of boards, audit and risk committees, a board member and the Immediate past president of ISACA South Africa Chapter. He is credited for being the first COBIT Certified Assessor in Southern Africa, the first person from Africa to sit on the ISACA board of directors and to chair its Audit and Risk Committee.

He will deliver the keynote address, entitled "Why effective IT governance processes are critical for emerging technologies", at the ITWeb Governance, Risk & Compliance conference, to be held at The Forum in Bryanston from 25 – 26 February; he will also present a workshop on ‘Auditing the IT processes in the digital age’.

Zororo notes that many companies are going through digital transformation, which means it cannot be business as usual when it comes to the IT audit process.

“Traditional IT audit approaches are no longer providing the expected and needed value. Enterprises must change the focus areas of IT auditing to provide the requisite value expected by stakeholders, the board and the audit committee. IT auditors will have to expand their scope to audit emerging areas such as social media, cloud, DevOps, IOT, AI and cyber security. At the same time, they must bring in new technologies such as robotic process automation and predictive analytics to modernise the audit function, deliver real-time reviews, added insights, and to align audit with the enterprise’s strategic direction,” he says.

See also