CFOs’ and finance executives’ self-confessed lack of understanding of IT issues, and their view of IT as a cost centre and not an asset, poses a significant challenge to the relationship.
That’s one of the key findings of an EY global survey of 652 CFOs and a series of in-depth interviews with CFOs, CIOs and EY professionals.
On a more positive note, the need for better quality data and improved analytics capabilities is driving deeper collaboration between finance executives and their IT-focused counterparts.
The results also indicate that CFOs are increasingly involved in managing cybersecurity, creating information management strategies and processes, transitioning to a digital IT function and creating an analytics-driven organisation.
Julie Teigland, EY’s EMEIA CFO programme leader, said: “In today’s digital economy, the financial well-being of an enterprise is dependent on the health of the CFO/CIO relationship. In order to succeed, organisations must make bold technology investment decisions that are driven by corporate strategy, while managing a range of severe risks, such as cybersecurity and data privacy concerns.
“This mission-critical convergence of technology, investment strategy and risk has elevated the CFO-CIO relationship to new levels of importance.”
Two-thirds of the CFOs surveyed (66%) say managing cybersecurity is a high or very high priority. They are aware of the growing sophistication of attacks, and in many cases have already been victims.
The survey found that while most CFOs understood the scale of the threat, they believe that poor understanding of IT issues prevents them from recognising what a mature cybersecurity capability looks like, so they can invest in the right initiatives.
The tendency for CIOs to discuss cybersecurity issues in technical jargon, rather than business language, can also block fast decision-making and action, respondents said.
Cybersecurity management requires organisations to treat it as an enterprise risk management issue, rather than an IT one. EY said the CFO should lead the board-level discussion to prioritise which assets are business-critical to protect, while the CIO should decide on how to protect them.
EY says the forward-thinking CFO should shift the digital IT investment mindset from one of capital expenditure (Capex) to operational expenditure (Opex).
An Opex-focused approach that includes software as a service (SaaS) and the cloud allows businesses to only pay for immediate capacity needs and scale up or down as necessary. The Big Four firm also warns against allowing IT to drive strategy, insisting that strategy should drive IT.
David Ryerkerk, EY’s global IT advisory leader, says: “What most firms are still lacking is a good digital strategy. The firms that are struggling with this most are those who see it as predominantly an IT issue, as opposed to a larger, business one.”
What can you do to ensure your employees know the company policy and stick to it? Hear from other CFOs and experts in our free-to-view video
What are the next big technologies which can help keep cyber criminals at bay?
The application of robotics in finance functions is moving faster than predicted. Although, companies are cautious in how they are applying artificial intelligence to ensure results first, many are stepping up their investigations
Boards are failing to protect their companies and customers against cyber attack, despite more companies taking out cyber insurance, according to new research