“Not the Tech Experts..”- Why That No Longer Cuts It in the Boardroom

Across boardrooms, there’s a common refrain when conversations turn to cybersecurity, IT infrastructure or digital transformation:

“We’re not the tech experts.”

It sounds reasonable. After all, directors aren’t expected to write code or configure networks. But using that line to disengage from critical technology decisions is no longer acceptable. If you don’t understand the tools your business relies on, you’re not governing them – you’re just approving them.

Every organisation today is powered by technology – from financial systems to customer platforms to internal communications. These systems affect risk, value creation, compliance, and reputation.

Without oversight, boards risk:

  • Approving major IT investments without understanding their impact
  • Overlooking cybersecurity gaps
  • Missing the long-term risks of poor integration or vendor lock-in
  • Being blindsided by project failures that should’ve been questioned earlier

Saying “that’s IT’s job” is like saying finance is only the CFO’s problem. Directors have a duty to question, probe and challenge – even in unfamiliar territory.

You Don’t Need to Be a Technologist – But You Do Need to Engage

Here’s how to approach technology oversight without being a tech expert.

1. Focus on Business Value

Every technology project should clearly link back to business outcomes.

  • What business problem are we solving?
  • What does success look like, and how will it be measured?
  • Is this future-proof, or just a short-term patch?
  • How will this integrate with what we already use?

2. Treat Cybersecurity as a Board Issue

Cyber risk is enterprise risk. If you don’t understand how your most sensitive data is stored and accessed, you’re exposed.

Key questions to ask:

  • Where is our data? Who has access?
  • How are board documents shared? (Hopefully not via email.)
  • Do we have an incident response plan? Has it been tested?

3. Interrogate Project Delivery

Technology overruns and underperformance are common – but they shouldn’t be accepted as the norm.

  • What’s the implementation timeline and budget?
  • What are the risks of delay or failure?
  • Are there controls in place to keep the project on track?

4. Look Past the Buzzwords

Terms like “AI-powered” or “cloud-native” often distract from real scrutiny.

Instead, ask:

  • What does this actually do?
  • How does it support our strategy?
  • What happens if it doesn’t work as expected?

The Governance Role in Technology

Boards should not rubber-stamp tech projects. They should:

  • Integrate technology and cyber risk into regular agendas
  • Use secure, purpose-built platforms (like Athena Board)
  • Get independent advice when needed
  • Encourage digital literacy as part of director development

Questions Every Director Should Be Asking

  • How does this investment support our long-term goals?
  • What are the risks if this system fails or underperforms?
  • What is the total cost – including training, support and maintenance?
  • Are we managing data securely and in compliance with regulations?

Final Thought: Governance Requires Digital Curiosity

You don’t need to be a tech expert – but you can’t afford to be passive. Good directors ask clear, grounded questions, challenge assumptions, and ensure the board is equipped to govern technology with confidence.

Now more than ever, boards must lean in – not opt out – of digital oversight.