Board or Committee?

Today I was asked when does a committee become a board? I answered that usually when an unincorporated body, perhaps a partnership or a club, decides to become a company or an incorporated nonprofit organisation then the committee is now a board of directors. No matter what they are called, directors, commissioners, trustees - however a trustee relationship is another thing again with even more onerous obligations - the group of people who manage or appoint the management to an organisation that is formed under the state Associations Incorporation Act or federal Corporations Act are its directors.

It is always a good idea for a prospective director to do proper due diligence on the organisation, its other directors and management. The new appointee should expect a letter of appointment setting out their duties, responsibilities and obligations as well as rights as a director and member of the board, in addition to undertaking an adequate form of induction as to how to carry out their new function as a board member. Remember that the organisation has systems and process, delegations to the general manager or a chief executive, retained board rights, perhaps subcommittees and be bound by relevant laws in addition to those relevant for all boards. The acts concerning occupation health and safety, the Trade Practices Act and the Corporations Act are relevant to directors in virtually any sphere. How about directors of nonprofit organisations?

There is in fact very little difference insofar as directors are bound to act in good faith and with due diligence, for a proper purpose and in the interests of the members, without personal gain from inside information and while avoiding real, and declaring perceived, conflicts of interest. That seems a lot of responsibilities; how about rights? Directors have the right to view minutes of board meetings for which they were directors, whether present or not; and each director is entitled to seek independent legal advice. The scale and access to such rights should usually be clearly set out in the letter of appointment. Directors usually cannot be dismissed except by a general meeting; they can of course resign. What about when the directors are acting in a volunteer capacity as appointees of other member organisations?

As before, nothing really changes. Directors are bound to act in the best interest of all members and not just the organisations that appointed them to the board. Usually the only directors that can be dismissed other than by an AGM are executive directors who are usually dismissed from the board when they contract if employment is terminated. For appointees from member organisations the appointment and replacement of directors should be clearly spelled out. What if an individual director chooses to act in the best interests of the organisation that appointed him instead of in the best interests of all of the member organisations?

The entity that appointed the person as director can be taken to be a shadow director that is directing the organisation of which it is a member. The director can personally be liable to civil sanctions for not acting in good faith for all the members. The appointed director and the shadow director, being the organisation that appointed him, may be liable for obligations entered into by the organisation for which they are acting as directors. For example, if the organisation becomes insolvent at a time when it can no longer reasonably meet its debt obligations because one or other of the members withdrew guarantees to meet those debts then the shadow directors can find themselves obligated if their actions, seeking to benefit the organisation that appointed them rather than the members as a whole, brought about this situation.

The question of who is the party to take the action against the directors is generally answered as the company itself being the proper plaintiff. The sands continue to drift towards more traditional civil action as if a tort against the responsible directors for failing in their duty of care, essentially being negligent as opposed to being diligent, rather than the gnashing of teeth needed to direct the company to take, in practice to fund, action against its own directors.

Software Engineering Course Design

The media and other commentators are finally coming to grips with the fact that secondary science and mathematics education in Australian middle schools is failing to adequately prepare students for senior high school let alone university. Teachers and curriculum designers have watched dumbfounded as the system they participate in has continued to decline in quality under the combined pressures from adventurous educational administrators influenced by progressive reformers without much respect for the history of science and mathematics, the community they claim to serve, and little common sense.

An article in The Australian points out that middle school education in Queensland is pre-Newtonian insofar as middle school science is taught almost in an almost purely descriptive fashion absent the analytical approach founded by Newton, lacking the modern scientific approach of Bacon. Let alone Einstein's physics of the twentieth century with the generalisation of Maxwell's work unifying electromagnetism to the invariance of electromechanics in inertial and non-inertial frames. Advances in chemistry since Mendeleev codified the periodic table of the elements, the development of quantum mechanics being the foundational theory for chemistry and influencing every area of modern science.

From an engineering perspective many of the most important developments in control and communication systems, mathematics, information theory and computing occurred in the pre and post first and second world war periods. Developments in Bertrand Russell's codification of mathematics and Godel's counter theory on incompleteness, Shannon's information theory, the practical developments in mechanics and radio theory as a result of military advances in radar, ballistics, coding and code-breaking, Turing's work on computability and von Neumann giving us the essentials of our modern computer architectures.

The accreditation of university degrees is predicated on meeting a number of requirements including adequate coverage and rigour in course content. The measure in software engineering accreditation, the metric against which the technical content of such degrees are assessed is comparison against standardised bodies of knowledge, for instance, the Software Engineering Body of Knowledge (SWEBOK) - assessed against the SWEBOK Guide. Many professional areas of practice are assessed against standardised knowledge including accounting, law, medicine and we may even consider aviation pilot training and building trades like plumbing, carpentry and electrical trades.

The distinguishing feature for university degrees in science and engineering is the necessary emphasis on the foundational bases in mathematics and the sciences. The tension between these foundations and the practical knowledge bases is not replicated in any of the other fields. Competent engineering practitioners need to be educated in mathematics and relevant sciences in addition to being well versed in the necessary methods and practices associated with the body of knowledge for the profession.

Each area of engineering practice has its own knowledge base, customs and traditions. Clearly mechanical, civil and electrical engineering are significantly different in usual practice even if we recognise that each shares foundations in maths and physics, statics, dynamics, mechanics, thermodynamics, and so on. For instance, civil and structural engineers are interested in loadings on structures with some interest in mechanical elements that are of greater interest to mechanical engineers who utilise electrical instrumentation and power systems that may be of primary concern to electrical engineers - all related but distinct fields.

There is a close relationship between software and systems engineering. Both are involved with complexity of requirements, analytical rigour as far as is necessary, significant design and associated documentation. When one speaks of external interfaces as a facet of requirements alongside user interface, functional and nonfunctional requirements software and systems become interchangeable. Most nontrivial systems employ software components and most nontrivial software systems interact with non-software components. Where does one discipline begin and the other one end?

Ethics and IT Governance

The concept of IT governance is foreign to most software developers and IT practitioners. The situation has to be altered because officers inside IT and IS departments have the same governance and compliance obligations as their brethren, the corporate and administrative officers.

That you may retain your self-respect, it is better to displease the people by doing what you know is right, than to temporarily please them by doing what you know is wrong.
- William JH Boetcker

I was looking for a hook to start this article when the above quote showed up in and it tickled my ethical bone. Boetcker phrased the sentiment in terms of self respect that I understand to include intellectual and professional integrity, being the ethical responsibility to carry out our roles in an effective fashion and by definition to operate within our areas of knowledge and ability.

Company directors and executives in Australia know this responsibility well from the Corporations Act that imbues them with the obligation to act in good faith, without conflict of interest, with due diligence and for a proper purpose. The due diligence condition has been repeated tested and in practice is similar to negligence. As an issue of compliance, it is arguable that officers of a company must be sufficiently well informed and to have processes in place, training and sanctions to enact such policies. The usual business outcomes and operations give meaning to proper purpose. Conflict of interest resonates with our common sense. What does in good faith mean? To whom does this obligation fall?

Good faith is difficult to ascertain but may include behaving in the fashion that a reasonable person would have in factually similar circumstances, nominally an objective test. In another article I explore in a feather-weight fashion the ethical obligations of forming an opinion and acting in an ethical fashion - in this article I wish to address the same issue a little more seriously and with particular attention to IT governance and the obligations of officers and practitioners in an area that is often a technical minefield. As a result, it is even more important that the technical practitioners in IT and IS make every attempt to properly inform their superiors in their organisations so that the decision makers can make properly informed decisions.

In areas of general management, marketing and human resources it is far more likely that the responsible executives are reasonably versed in the applicable knowledge space so the obligation for their staff to keep them informed, while it exists, nevertheless exerts less pressure. However in IT and IS it is incumbent on the technical practitioners to make their knowledge available in an appropriately summarised form to the responsible officers because those executives cannot access the information they need without this kind of assistance.

The responsibility to put into place the processes to support such a system of communication and reporting is, of course, the responsibility of the directors and officers, the executives that managed the enterprise. Departmental general managers cannot shirk their obligation to remain accountable for their departments performance and their responsibility to put in place compliance systems to support these functions.

Certainly these are well understood in finance and accounting, where the Chief Financial Officer (CFO) may oversee internal and external audit programmes that report to the Risk, Audit and Compliance committees of the Board of Directors. The equivalent functions for the IT and IS departments have similar outcomes but the internal audit function will be the semantically equivalent series of reviews that are held of documents, designs, code and test as part of the software development life cycle.

The conclusion we must reach is that document reviews, peer reviews of designs and code are an obligatory part of the governance and compliance obligations that need to be met by organisations that depends on these functions. Part of assessing and managing financial, reputation and business risk is clearly within the sphere of IT and IS and should be deemed to the relevant department. The software development processes of design and code reviews, document reviews and testing and a natural part of the risk and compliance culture of enterprises where the relevant officers and their subordinates need to be educated of this fact.

The Chief Information Officer (CIO) has this obligation and the people who report to him are required to provide sufficient information for him to adequately perform this function. To do so is to act in an ethical fashion and to retain ones self respect.