The real test is not whether the organisation has digital projects underway. It is whether it has the capability to execute, govern and sustain them well.
Digital capability is no longer a technology issue that can be left to management alone. It is now central to strategy, resilience, competitiveness and trust, which makes it a board-level governance issue.
Too often, boards talk about digital transformation, AI, cybersecurity and data without first asking a more basic question: do we actually have the digital capability to deliver what we want?
That question matters because capability is what turns strategy into execution. A digital strategy can set direction, but it is digital capability that determines whether the organisation can move with confidence, adapt to change and realise value over time.
Here are 10 questions I would love to see boards and executive leadership teams discuss.
Have we defined what digital capability means for us?
Digital capability is a broad phrase, so boards need to be clear about what it covers in their organisation.
For some, it will mean customer experience, digital channels and automation; for others, it will also include data governance, cloud operations, cyber resilience, AI readiness and workforce capability.
If the board has not defined the term, there is a risk that management will fill the gap with its own assumptions. Clear definition of the organisation’s digital future is the starting point for meaningful governance.
Do we know which capabilities are most material?
Not every digital capability is equally important.
Boards should focus on the capabilities that most affect organisational performance, service delivery, risk and long-term sustainability.
That usually includes enterprise data management, cyber security, digital architecture, operational resilience, and the ability to deploy and govern new technologies responsibly.
The point is not to chase every trend, but to identify the capabilities that matter most to the organisation’s purpose and risk profile.
Also in today’s edition:
- NSW budget to deliver record $14bn health spend, say Minns and Park
- Secret NDIS taskforce limited stakeholder consultation, FOI reveals
- Medical indemnifier calls foul on pharmacy prescribing
- Expanding the chronic condition management plans to support effective obesity care
- NDIS watchdog ramps up enforcement as provider sanctions surge
Is digital capability connected to strategy?
A digital capability agenda should never sit outside strategy. It should support the organisation’s purpose, strategic priorities, appetite for innovation and investment decisions, not operate as a separate technology conversation.
This is where many organisations struggle. They may have good intentions, but without a clear link between strategy, capability and investment, digital becomes a collection of projects rather than a coherent and strategic program of change.
Do we have the leadership to drive digital transformation?
Digital capability depends on leadership as much as infrastructure.
Boards should ask whether the executive team has clear accountability for digital performance, whether the right skills and experience are in the room, and whether digital leadership is truly shared across the organisation.
This is not just about the CIO or CDO. Digital governance is a collective responsibility that requires board attention, executive ownership, clear decision-making structures and clear accountabilities for business outcomes.
Are we building capability or just buying technology?
Many organisations mistake procurement for progress. Buying systems is easy; integrating them, securing them, building the capability to use them well, govern them properly and realise value from them is much harder.
Boards should ask whether investments are being matched by process change, skills development, data readiness and interoperability and ongoing adoption support.
Without those ingredients, even well-funded technology programs can underperform.
Do we have the data foundations?
Data is one of the clearest indicators of digital maturity.
If data quality, ownership, architecture and governance are weak, then digital capability will be fragile no matter how modern the tools appear.
Boards should expect management to know what data the organisation holds, where it resides, who is responsible for it and how it is governed.
In the age of AI, advanced analytics and automation, weak data foundations are not just an operational issue; they are a strategic one.
Is our workforce ready for digital transformation?
Digital capability is also a people issue.
Boards should ask whether staff have the digital literacy, confidence and adaptability needed to work effectively in a constantly changing digital environment. That includes skills and competencies appropriate to using technologies including the use of AI.
Beyond technical skills, the digital age also requires change capability, collaboration, critical thinking and judgement. If people do not understand the changes or do not feel supported through them, even the best digital strategy will struggle to deliver outcomes.
Are cyber and privacy built in from the start?
Digital capability cannot be separated from cybersecurity and information privacy.
As my previous articles have discussed, cybersecurity and information privacy are board-level responsibilities because they directly affect trust, compliance and organisational continuity.
Boards should ask whether digital initiatives are designed with information security and privacy from the outset, whether risk assessments are being done early, and whether the organisation can respond credibly when something goes wrong.
Capability that ignores data privacy and protection is not real capability; it is exposure.
Are we governing AI responsibly?
AI has made this question unavoidable.
Boards now need to know where AI is being used, what risks it introduces, what controls are in place, and how the organisation is ensuring responsible use.
Digital capability in an AI-enabled environment is not just about adoption. It is about whether the organisation can govern the technology, classify risk appropriately, and align use with its risk appetite, obligations and trust commitments.
Related
How will we know if capability is improving?
If digital capability cannot be measured, it cannot be governed well.
Boards should ask for a small number of meaningful indicators that show whether the organisation is becoming more digitally capable over time. That might include technology adoption, status of related risks, data quality, resilience, incident response, project delivery, workforce readiness and competencies, continuous improvement and realised benefits.
The key is to measure progress in ways that reveal whether the organisation is actually becoming more capable, not just more active.
Final thought
Boards do not need to be technologists, but they do need to be stewards of digital capability.
That means asking better questions, insisting on clarity, and ensuring the organisation can translate digital ambition into durable performance.
The real test is not whether the organisation has digital projects underway. It is whether it has the capability to execute, govern and sustain them well.
The question for every board is simple: are we building digital capability, or just accumulating digital complexity?
Dr Malcolm Thatcher is a digital executive, author and advisor. He is the former chief technology officer of the Australian Digital Health Agency. He is the founder of the Strategance Group.
This article was first published on Dr Thatcher’s LinkedIn profile. Read the original here.