The Five Questions Every Board Member Should Ask About Technology (But Most Don't)

A practical framework for non-technical executives to provide meaningful technology oversight in an AI-driven world.

Technology can be intimidating. Your iPhone is thousands of times more powerful than the computer you used in high school or university. Your company likely has dozens, if not hundreds, of applications and databases seemingly running your business by magic. The world has changed rapidly, and it’s increasingly complex.

Late last year, AI became the number one topic in earnings calls. We hear about it everywhere, every day. AI is important. AI is valuable. It will need your data and your people to harness its power and transform with it.

In your role as a director, you don’t need to be a technologist, but in the modern world, you do need to ask the right questions and know which answers should concern you. This framework gives you five essential questions to cut through the jargon and get to business.

THE FIVE QUESTIONS FRAMEWORK

Our interim leadership and advisory work is grounded in three unwavering principles that have proven effective across industries and organizational scales:

1

"How Critical is Technology to Our Business Operations—and How Would We Know?"

2

"Do We Have the Right Technology Talent—and How Do We Know We're Not Losing Them?"

3

"Are We Spending the Right Amount on Technology—and Are We Getting Value?"

4

"What Technology Policies Govern Our Biggest Risks—and Are They Actually Working?"

5

"How is Technology Enabling Our Strategy—and What Would We Need to Change It?"

QUESTION #1

"How Critical is Technology to Our Business Operations—and How Would We Know?"

Most board members understand technology is “important” for their business but cannot explain how critical it is or how vulnerable the company may be. You need to understand the technology landscape to properly assess the risk and investment levels needed.

How do you explore this effectively?

  • What happens if a critical system goes down for an hour, day, or week?
  • Is there a set maximum downtime for each critical system?
  • Are there single points of failure? (e.g., integrated ERP)
  • What percent of revenue flows through each critical system?
  • Does the company have manual workarounds defined?
  • Are Recovery Time and Recovery Point objectives maintained and tested?


What to watch for: Management can’t explain what’s critical. No evidence of system tests. Not everything is critical—good management knows what they can live without.

The Language Barrier

  • “We’re on track” → “What could derail us?”
  • “It’s complex” → “Break it down”
  • “Best practice” → “Is it right for us?”
  • “Technical debt” → “What’s it costing?”

QUESTION #2

"Do We Have the Right Technology Talent—and How Do We Know We're Not Losing Them?"

This question is at the core of why Technology Done Well was created. Many employers face technology talent shortages. These employees often identify with technology rather than their employer.

Ask this from several angles:

  • Do we have a skills inventory? Are critical capabilities missing?
  • If Cyber Security, AI/ML, Cloud, or Data engineering aren’t listed, explore further
  • What’s our attrition rate? What do exit interviews tell us?
  • How does our compensation compare to market?
  • Who backs up the head of technology? How deep is our leadership bench?


What to watch for: No skill gaps mentioned, no training program, leaders lack bench depth, no tech-specific compensation benchmarking.

Warning Signs

  • Tech only discussed at budget time
  • 100+ slide board decks
  • No business language
  • “Everything is fine” until it’s not

QUESTION #3

"Are We Spending the Right Amount on Technology—and Are We Getting Value?"

Many organizations struggle with technology spending—often high and wasteful, but sometimes lean and limiting. Getting it right takes time and judgment.

Key questions:

  • What’s total tech spend as percent of revenue? How does it compare to peers?
  • What’s spend per employee year over year?
  • Where’s money spent? Running, improving, or transforming the business?
  • Cloud vs on-premise? Capital vs operating? Staff vs consulting?
  • Are we getting value? What’s our project success rate?


What to watch for: Can’t explain spending as percent of revenue. Don’t know run vs grow vs transform split. No project metrics.

Questions That Should Concern You

  • “What’s our biggest tech risk?”
  • “What keeps the CTO up at night?”
  • “$1M more – where would it go?”
  • “Cut $1M – what suffers?”

QUESTION #4

"What Technology Policies Govern Our Biggest Risks—and Are They Actually Working?"

Risk is everywhere. Trade wars intensifying. Geopolitical risks rising. You likely understand your top enterprise risks, but is technology on the list?

Key areas:

  • Does management have an AI use policy? How is it overseen?
  • Does Cyber governance exist? Does it follow frameworks like NIST?
  • Is your data classified? Does the company comply with regulations?
  • How does technology fit in Enterprise Risk Management?


What to watch for: No cyber oversight, no incident response plan, no clear answers on critical data protection.

Governance Maturity

  • Level 1: Not on board agenda
  • Level 2: Informed after problems
  • Level 3: Policies exist
  • Level 4: Board shapes direction

QUESTION #5

"How is Technology Enabling Our Strategy—and What Would We Need to Change It?"

Ensuring technology aligns with business is difficult to assess. Many CEOs cite technology as a primary enabler, saying Digitization or AI is a game changer—but few test these statements.

Questions to ask:

  • How does your technology plan support business strategy?
  • Is there a 3-year roadmap with business-aligned initiatives?
  • What are your legacy systems? Is there a migration roadmap?
  • Is there a structured innovation process?
  • How do we compare to competitors?


What to watch for: Jargon-heavy responses, everything is ‘strategic,’ no roadmap.

BRINGING IT ALL TOGETHER

Most boards receive too much detail or too little. Here’s what you should see quarterly:

The One-Page Technology Dashboard

1. CRITICALITY & RESILIENCE

  • Uptime for critical systems
  • Business continuity test results
  • Open high-severity incidents

2. TALENT HEALTH

  • Headcount vs plan
  • Attrition rate
  • Critical skill gaps

3. FINANCIAL PERFORMANCE

  • Tech spend as % of revenue
  • Run/Grow/Transform breakdown
  • Top 3 investments

4. RISK & COMPLIANCE

  • Cybersecurity maturity
  • Open vulnerabilities
  • Policy compliance

5. STRATEGIC PROGRESS

  • Roadmap status
  • Top 3 initiatives
  • Innovation pipeline

CONCLUSION

Your Role:

  • You don’t need to understand Kubernetes
  • You DO need to understand if technology enables or constrains strategy
  • You DO need to ask tough questions


Remember: Your job isn’t to manage technology; it’s to ensure technology is managed.

The Bottom Line: In 2026, every company is a technology company. The question is whether you’re providing EFFECTIVE oversight.

For Board Members:

Invest in your development: “Technology Governance for Non-Technical Directors” 

Does your management need coaching or advisory services? Reach out to book a free 30-minute consultation.

About Technology Done Well: We are purpose-driven. Our services are designed to help your company succeed with planning, implementing, and operating technology. Our goal is to foster learning and development to strengthen Canadian businesses’ application of technology and grow the skill base at all levels required to do so.

Contact Us