Consistent and repeatable practices are underrated. They seldom earn their way onto board agendas, and if you ask the CEO, he or she might likely (and rightly) refer you to a vice president or director of quality control. But consistency matters–and if it runs amok, it can bring serious consequences to CEOs, boards, regulators, investors, and customers.

For the best and worst examples of consistency, we can look at enterprises that have franchise stores. Those franchises are run by independent operators who help to offset investments in new facilities, but who also must be trained in company products and operations. In many cases, franchisees are investors who don’t want to be bothered by hands on details. This is why companies that run franchise operations invest considerable time into developing best practices in product quality, service and operations for both company outlets and franchise stores.

McDonald’s is a great example of a fast food chain that has learned the value of consistent business practices.

When the McDonald brothers started the original restaurant in 1940, in San Bernardino, California, they offered a simple fare of hamburgers, french fries, and drinks that the public could rely on for reliable taste and quality every day. Shortly after the two brothers were bought out, the new McDonald’s transformed into a chain of restaurants and began to experiment with a variety of different menu options that varied from restaurant to restaurant.

One of the first lessons learned from this practice was that it was difficult to oversee product quality when stores were geographically distant from each other and also offered varying menu options. Although the chain still does food pilots and makes adjustments to local menus in a worldwide market, the company learned the value of predictability and consistency in food, service, and operations.

This is a consistency model that has also been steadfastly followed by other fast food chains. But, there still are some variable areas in operations that can create problems, and that quality control personnel who monitor food and service are likely to miss. These are also operational glitches that need to be on the radar of CIOs and CEOs.

For instance, in January of this year, Wendy’s uncovered a credit card breach that affected thousands of its North American customers, primarily at stores in the Midwest and Northeast. Wendy’s has more than 6,500 stores worldwide, with 85 percent of them franchise-owned. The company hired a team of cybersecurity experts to assess the damage, and joined Jimmy John’s, Rainforest Cafe, Morton’s, P.F. Chang’s, and Dairy Queen, as yet another restaurant victim of credit card fraud that originated at point of sales (POS) registers at the counters. Landry’s, which owns Morton’s, Rainforest Cafe, and several other restaurant chain properties, also began notifying customers this year whose credit cards were breached at restaurants.

“What the perpetrators of the fraud had been doing is targeting individual stores in restaurant chains and identifying the weak links,” said Christopher Roach, a national cybersecurity expert and managing director and National IT Practice Leader for CBIZ Risk & Advisory Services.

“From a PCI (payment card industry) compliance standpoint, the corporate parent companies have a good sense of what is required and they do their due diligence at the store level on a regular basis, but for the individual franchisee, purchasing the appropriate equipment to conform to standards can be expensive, and not everyone has upgraded for the new chip cards.”

Roach said that it is important for organizations that operate with a franchise business model to ensure that security practices are consistent and that they meet standards. The point is well taken because credit card compromises can damage your brand, and it will certainly become a boardroom agenda topic that CIOs and CEOs would like to avoid.

How can CEOs and CIOs improve performance in franchise operations where they have less visibility and control?

They should try to anticipate where consistency could become an issue, even if it is not on the consistency checklist today. No company is immune to credit card fraud anymore–but proactive training, compliance certification, and (if needed) investments and/or low-cost financing from corporate for equipment upgrades can go a long way in keeping these types of issues out of the boardroom.