Top Board Priorities for 2016

Ruby Sharma is a principal and Ann Yerger is an executive director at the EY Center for Board Matters at Ernst & Young LLP. The following post is based on a report from the EY Center for Board Matters, available here.

Organizations are faced with many critical challenges—including rapidly changing technology, environmental risks, regulatory and legal requirements, major shifts in markets, ethical breaches, and big data and cybersecurity issues—that threaten their long-term success and sustainability. Directors have a unique opportunity to step forward and proactively oversee the development and implementation of effective, long-term strategies responsive to these challenges.

As a result, the trend of expanding board agendas will continue in 2016. As boards balance multiple priorities, most will heighten their focus on the following:

  • Board effectiveness, composition and refreshment
  • Investor and stakeholder engagement
  • Cybersecurity preparedness
  • Oversight of Enterprise Risk Management (ERM)
  • Oversight of talent risk management

Board effectiveness, composition and refreshment

It is a recurring question for directors and their organizations—how do good boards become great? Improving board effectiveness, making sure boards maintain the right combination of skills and experience, and enhancing transparency and accountability will characterize exceptional boards in 2016. Performing robust and thoughtful board self-assessments, with consideration of peer and individual director evaluations, will be critical for board effectiveness.

Effective boards will balance the viewpoints of tenured directors with the fresh perspectives of new members. These boards will make certain that the appropriate breadth of industry expertise is represented in the boardroom and that the composition of the board reflects the increasing convergence of sectors. Boards will seek directors with a greater diversity of knowledge and experience in order to match boardroom talents with evolving business strategies reflective of the interconnected global economic environment and technological and demographic changes.

We recently found that among Fortune 100 companies with retirement-age policies, 19% of directorships are held by individuals within five years of reaching the board’s designated retirement age. [1] Since a significant number of directors are currently approaching retirement, boards will have an opportunity to review their oversight needs and engage in strategic director succession planning in the coming year.

Investor and stakeholder engagement

The day of the passive investor is behind us. Investors around the globe are increasingly asking tough questions on the issues that matter most to them. They want to understand the board’s role in the oversight of enterprise risk, including emerging risks, strategy and execution. They want to know if boards are robustly evaluating their own performance and confirming that the right portfolio of skill sets aligned with company strategies are represented in the boardroom.

Investors will continue to seek meaningful communications and engagement with board leadership and committee chairs on issues such as company strategy, board composition (including diversity), director tenure, succession planning and executive compensation.

As a result, effective communication is emerging as a growing responsibility of corporate directors. Boards will focus on shareholder communication plans to ensure first, that required filings are not merely “compliance” documents but effective communication tools, and second, that designated directors are fully prepared to engage directly with investors on appropriate governance matters such as oversight of strategy, disclosure effectiveness and board refreshment processes.

Cybersecurity

The advent of new technologies and an ecosystem of digital interconnectedness significantly increase an organization’s exposure to theft of its most valuable assets, which include confidential customer data and vital information such as intellectual property and strategic blueprints. Preparedness is the first line of defense. Yet only 7% of organizations claim to have a robust incident response program that includes third parties and law enforcement and is integrated with their broader threat and vulnerability management function. [2]

The emphasis for boards will be to make sure that companies are shoring up critical infrastructure, enhancing crisis response and mapping a strategy that emphasizes a good balance of preventive and responsive tactics. This means being able to efficiently guide an organization through the layers of risks and threats, and boards should appropriately set the risk appetite and be prepared to swing into decisive action to handle any incidents.

Boards accept that the risk of a cyber breach needs to be continually managed, and adequate preparation that enables an organization to get back up and running quickly following an attack will be a key consideration for boards.

Knowing where the vulnerabilities lie is vital. Boards will continue to confirm that companies have a system and backup plan that facilitates data migration in a crisis. They will also need to make sure that their organizations firm up relationships with federal investigating authorities, who can move swiftly in response to attacks and minimize exposure and damage.

Oversight of ERM

As boards continue to focus on their roles in long-term value creation, effective oversight of ERM will be high on their agendas. Oversight of ERM will comprise operational, financial, strategic, compliance and reputational risks.

Board oversight will entail setting the “tone at the top” by promoting, assessing and monitoring risk culture and appetite.

Oversight of talent risk management

Boards recognize the crucial role they play in human capital matters as they relate to overseeing the management of three key risks: culture, talent and strategy. The business reason is compelling since talent and culture are arguably the biggest drivers of innovation, growth and the ability to outperform the competition. In recent conversations we have had with board directors, three out of four said that human capital strategy will be one of the top emerging risks that boards will face in 2016.

Boards will play an important role in ensuring that leadership stays focused on building the right talent strategy. Boards will focus on how to prepare for generational transitions in their organizations and anticipate the changing dynamics at the boardroom and management levels. As new and complex opportunities and risks emerge with evolving strategies and growth markets, having the right people to execute on strategies is an important imperative for success.

For many boards, talent management remains a big challenge. Failure to understand and mitigate human capital risks and complexities will impact strategy and value creation.

Endnotes:

[1] “Five-year outlook: nearly 20% of directors poised for board exit,” Ernst & Young LLP, August 2015, (discussed on the Forum here).
(go back)

[2] “Creating trust in the digital world: EY’s Global Information Security Survey 2015,” Ernst & Young Global Limited, November 2015.
(go back)

Both comments and trackbacks are currently closed.

One Comment

  1. Steve Schick
    Posted Tuesday, December 29, 2015 at 7:07 pm | Permalink

    The article focuses on preparedness/incident response–a grim acceptance that attackers will get into your network, and you have to be ready with damage control. Why not also try to curtail an active attack before theft or damage occur? Companies have a 20 year history of total focus on prevention. Clearly that doesn’t work (all the time). Time to start looking at the new strategies, practices and tools for detecting the post-intrusion activities of an active attacker.