What do the chief digital officer, chief technology officer, chief information security officer, chief transformation officer, chief data officer, and so on, have in common?
All their responsibilities were previously owned by one person: the CIO.
The CIO role today is increasingly being cloned and divided up into multiple mini-CIO roles. It’s to the point where you can hardly define what each of these high-powered executives is responsible for and where their clear lines of ownership are. In fact, some of these divisions strike me as frankly a bit artificial.
Is this phenomenon a failure of the CIO or that the expectations of the role have grown exponentially? I believe both are true.
Rise of the CIO clones
In my view, the CIO should be under the microscope as their role is being split into more and more silos. At the same time, there is an outcry to have more of these roles report directly to the CEO.
This makes sense because technology, data, AI, cyber, and so on, are all strategically important to the business. But the truth is, the CEO does not have the bandwidth — or in many cases, the experience — to effectively manage all these domains.
Currently we are seeing this phenomenon with the new chief AI officer role being established in some enterprises. This is the same splitting of responsibilities that occurred some 10 to 12 years ago with the advent of chief digital officers being added to many organizations.
Similarly,data is another domain that has been very siloed and often kept separate from the CIO. In many organizations, the CIO has not driven this agenda very hard; as a result, we have all hired chief data officers to lead this charge.
There has also been the establishment of the chief transformation officer, as some enterprises have chosen to give the keys to making change happen to another C-suite executive.
Most enterprises would argue they need all these roles to operate and drive their change agendas. And yet this approach has not always delivered perfect results. So what’s the way forward?
IT and cyber resilience
IT resilience and cybersecurity are worth looking at as examples of where specialization may need to devolve. These are often separate domains in the enterprise, with CISOs arguing that cybersecurity is their accountability, and tech resilience should be owned by a peer.
But as we have seen with the CrowdStrike incident of July 2024, IT and cyber resilience are closely coupled, and that is likely to continue for the foreseeable future. The fact is that within enterprises, existing architecture is overly complex, often including new digital systems interconnected with legacy systems.
This ‘hybrid’ architecture is a combination of best and bad practice. When there is an outage, the new digital platforms can invariably be restored to recover business process support. But because they do not operate in isolation, instead connecting with legacy technologies, business operations themselves may not fully recover if the legacy systems continue to be impacted by the outage.
For most enterprises stuck in this hybrid state, the way forward is to be more discipline around architecture. As a CIO, I’ve experienced that many enterprises have strong architecture disciplines with great governance practices and a roadmap that closely aligns various IT strategies. Strong alignment of IT and cyber strategy, however, is often an exception rather than a rule.
Keep IT simple
Simplifying architecture at an enterprise level is something the CIO and CISO should work together concurrently as a shared goal. The benefits of doing so will accrue over time rather than immediately, hence there can be some reluctance to prioritize.
But if you measure the amount of widgets used within your enterprise, you’ll quickly agree that simplification is necessary. “Less is more” is a saying that is hard to achieve in IT, as we are all tempted by shiny new things. Our business partners are also as guilty as we are, envying what our competitors have implemented and desiring digital change at high velocity.
This impatience can lead to “business” projects that are really technology projects, staffed by vendors or systems integrators. No CIO can control 100% of all technology spend, but they must mandate that any changes or additions are aligned with IT’s architecture roadmap, as keeping the enterprise moving toward greater integration and simplicity is key. Measuring inventory and agreeing on a target to reduce, year on year, is the way to address the complexity.
The CIO and board should agree on these targets and commit to facilitating this shift and simplification. Unfortunately, this is more the exception than the rule.
Shift to integrated solutions
We all love top-quardrant, “best of breed” tech solutions, but pursuing point solutinos means increasing not reducing the complexity of our architecture.
Together the CIO and CISO must lead this charge toward reduced complexity and integrated solutions. They are also the leaders most likely to receive budget cut targets.
But a budget cut provides a great opportunity to explore one’s spend across run and change operations. The reality is that IT budgets are large and financial management is not always a strength of technology teams.
What I mean by that is financial planning and management at a strategic level. Here is where partnering with the CFO, who is usually very concerned about spend being out of control and not being managed, is essential.
So, let’s wind back
What does all this have to do with my opening discussion about the CIO and complementary IT executive roles? Splitting the CIO role into smaller and smaller pieces would be okay if doing so led to better outcomes. But I would argue that examples like the ones above show that the multiple-exec approach is not a success story we should be bragging about.
What is an alternative path? Splitting the CIO role not into several tech exec roles, but just two, for example, along these lines:
- CIO #1: Technology transformation, digital program, cybersecurity
- CIO #2: Data and information, AI and models, technology operations, enterprise and applications support
In this structure, the two CIOs would share ownership of the IT strategy. Accountabilities would roughly balance the workload, but with a clear “Run” versus “Change” focus that naturally comes from this design.
Which role would you want to put your hand up for? Some would likely have a natural preference for one or the other CIO role, and the experience requirements would be somewhat different. I’d argue that there is a “stretch” opportunity for any CIO taking on either of these positions, as they will clearly own domains they are currently less familiar with.
What ideas do you have around structuring the IT leadership suite to address this issue?
Read More from This Article: Why the CIO role should be split in two
Source: News