This often requires you to stand in front of the Board of Directors and explain just why you need new software, new devices, new frameworks, new workstations, and above all, why cybersecurity should be more detailed than just having firewalls. Most of the time, however, the board might not be aware of just how detrimental it can be to push these needs aside, and that it can put the future of the company at stake, especially if there’s a data breach.
Your IT proposal idea – investing in a new encryption system for example – might seem like a logical choice, but never forget that staff, time, and money are limited, so the board will be very selective with their approval.
Most IT proposal ideas come to you from observing daily work and seeing how it can be improved. For your proposal to be successful, you will need to define a problem that exists and then propose your solution. For example, you find that you don’t have a good overview of how data is shared within your company and who has access to it, so you’re looking for a security solution that will categorise data, restructure access, and give you a central hub from which you can monitor everything.
To get approval, you will always need to include a detailed project description, as well as the benefits, costs, plan and time scale, risk assessment, and resources needed for it.
Before you even approach the board, learn a thing or two about the members:
You then need to consider the board’s point of view when it comes to your proposal and where the company is right now. If the company is looking at growth, innovative proposals will probably be better received. On the other hand, if the company is struggling, on the essentials will be considered. You’re likely to get something like the following three questions no matter the perspective:
One of the biggest mistakes you can do is present an IT project that will require a complete overhaul of all processes and operations. These overhauls are disruptive to regular operations and are most often disapproved because business could very likely suffer in all areas.
Rather than present a complete reorganisation of the business, unless it’s absolutely essential, break it down into smaller projects and propose different, less-impactful stages with a long-term goal in mind.
Your next step should be finding a way to present your solution so that it’s in line with company goals. The crucial elements of the project that you have to include are as follows:
Without a detailed breakdown of such information, the board will have a hard time determining whether the project is actually worth it. To put it in perspective, explain how high the risk of NOT implementing the solution really is. Having your solution implemented means a data breach can be completely avoided. Without a solution that classifies and protects data, the costs will be huge and can ruin the company.
ROI and risk assessment are the deciding factors, so your IT proposal should emphasise current costs, new project costs, savings, profits, and how your solution lowers future business risks. If you have that, you will get approved easily.