How often (annually, semi annually or quarterly or as needed) should the CIO brief the Board (BOD) on state of technology in the organization?

Question

Answer

Quarterly, if not more frequently.  In today's world the board needs to be apprised of the organization's technology position as often as financials, HR and operations performance are communicated.   Information security, effective support of remote employees, and competitive application of e-commerce technologies are just a few of the disciplines that every company board should be monitoring.

Answer

Like the answer to all information security questions, it is ‘it depends’. Depends on issues such as: how tech savvy is the board?  How connected are they to IT? How much do they want to know? Once questions like that are quantified, then you can know how often they should be briefed. With that, I think semiannual works for most organizations as annual is just not frequent enough.

Answer

annually is probably enough

Answer

At least quarterly would a good benchmark to follow. Less frequently than that would result in a disconnect between technology operations and business oversight folks.

Answer

It depends on how engaged the board is, but I recommend quarterly to keep them up to date on major issues or status updates that significantly move the w on risk for the business. This can be a good way to get support for activities outside of the normal c-suite.