Chief information officer (CIO), chief digital information officer (CDIO) or information technology (IT) director, is a job title commonly given to the most senior executive in an enterprise who works with information technology and computer systems, in order to support enterprise goals.
Normally, the CIO reports directly to the chief executive officer, but may also report to the chief operating officer or chief financial officer. In military organizations, the CIO reports to the commanding officer. The role of chief information officer was first defined[1] in 1981 by William R. Synnott, former senior vice president of the Bank of Boston, and William H. Gruber, a former professor at the Massachusetts Institute of Technology Sloan School of Management.[2] A CIO will sometimes serve as a member of the board of directors.
The need for CIOs
CIOs and CDIOs play an important role in businesses that use technology and data because they provide a critical interface between the business needs, user needs, and the information and communication technology (ICT) used in the work.[3] In recent years it has become increasingly understood that knowledge limited to just business or just IT is not sufficient for success in this role.[4] Instead, CIOs need both kinds of knowledge to manage IT resources and to manage and plan "ICT, including policy and practice development, planning, budgeting, resourcing and training."[3] Also, CIOs are playing an increasingly important role in helping to control costs and increase profits via the use of ICT, and to limit potential organizational damage by setting up appropriate IT controls and planning for IT recovery from possible disasters.[5]
These objectives also demand a combination of personal skills. Computer Weekly magazine highlights that "53% of IT leaders report a shortage of [IT managers] with a high-level of personal skills, such as communication and leadership" in the workplace.[6] Because information technologies and digital tools evolve so quickly, organizations are sometimes challenged to find staff with the necessary combination of skills in the marketplace, and may look to train existing staff to mitigate skill shortages.[7] CIOs are needed to bridge the gap between IT and non-IT professional roles to support effective working relationships.
Roles and responsibilities
The chief information officer of an organization is responsible for several business functions. First and most importantly, the CIO must fulfill the role of a business leader.[8] The CIO makes executive decisions regarding matters such as the purchase of IT equipment from suppliers or the creation of new IT systems. Also as a business leader, the CIO is responsible for leading and directing the workforce of their specific organization. A CIO is typically "required to have strong organizational skills."[9] This is particularly relevant for the chief information officer of an organization who must balance roles and responsibilities in order to gain a competitive advantage, whilst keeping the best interests of the organization's employees in mind. CIOs also have the responsibility of recruiting, so it is important that they work proactively to source and nurture the best employees possible.
CIOs are required to map out both the ICT strategy and ICT policy of an organization. The ICT strategy covers future-proofing, procurement, and the external and internal standards laid out by an organization. Similarly, the CIO must develop the ICT policy, which details how ICT is utilized and applied. Both are needed for the protection of the organization in the short and long term and the process of strategizing for the future. Paul Burfitt, former CIO of AstraZeneca, also outlines the role of the CIO in IT governance, which he refers to as the "clarifying [of] accountability and the role of committees".[10]
In recent years, CIOs have become more closely involved in customer-facing products. With the rising awareness in organizations that their customers are expecting digital services as part of their relationship with an organization, CIOs have been tasked with more product-oriented responsibilities.
Risks involved
The CIO faces a rather high risk of error and failures, as a result of the challenging nature of the role, along with a large number of responsibilities – such as the provision of finance, recruitment of professionals, establishing data protection and development of policy and strategy. The CIO of U.S company Target was forced into resignation in 2014 after the theft of 40 million credit card details and 70 million customer details by hackers.[11] CIOs that are knowledgeable about their industry are able to adapt and thereby reduce their chances of error.
With the introduction of legislation such as the General Data Protection Regulation (GDPR), CIOs have now become increasingly focused on how their role is regulated and can lead to financial and reputational damage to a business. However, regulations such as GDPR have also been advantageous to CIOs, enabling them to have the budget and authority in the organization to make significant changes to the way information is managed. Sabah Khan-Carter of Rupert Murdoch's News Corp described GDPR as "a really big opportunity for most organizations".[12]
Educational background and technology skills
Many candidates have a Master of Business Administration degree or a Master of Science in Management degree.[13] More recently, CIOs' leadership capabilities, business acumen, and strategic perspectives have taken precedence over technical skills. It is now quite common for CIOs to be appointed from the business side of the organization, especially if they have project management skills.
Despite the strategic nature of the role, a 2017 survey, conducted by Logicalis, of 890 CIOs across 23 countries found that 62% of CIOs spend 60% or more of their time on day to day IT activities.[14]
CIO magazine's "State of the CIO 2008" survey asked 558 IT leaders whom they report to, and the results were: CEO (41%), CFO (23%), COO (16%), corporate CIO (7%) and other (13%).[16]
Typically, the CIO is involved with driving the analysis and re-engineering of existing business processes, identifying and developing the capability to use new tools, reshaping the enterprise's physical infrastructure and network access, and identifying and exploiting the enterprise's knowledge resources. Many CIOs head the enterprise's efforts to integrate the Internet into both its long-term strategy and its immediate business plans. CIOs are often tasked with either driving or heading up crucial IT projects that are essential to the strategic and operational objectives of an organization. A good example of this would be the implementation of an enterprise resource planning (ERP) system, which typically has wide-ranging implications for most organizations.
Another way that the CIO role has changed is an increasing focus on service management.[17] As SaaS, IaaS, BPO and other flexible delivery techniques are brought into organizations the CIO usually manages these 3rd party services. In essence, a CIO in the modern organization needs business skills and the ability to relate to the organization as a whole, as opposed to being a technological expert with limited functional business expertise. The CIO position is as much about anticipating technology and usage trends in the market place as it is about ensuring that the business navigates these trends with expert guidance and strategic planning aligned to the corporate strategy.
Distinction between CIO, CDO, and CTO
The roles of chief information officer, chief digital officer and chief technology officer are often mixed up. It has been stated that CTOs are concerned with technology itself, often customer-facing, whereas CIOs are much more concerned with its applications within the business and how they can be managed.[18]
More specifically, CIOs oversee a business's IT systems and functions, create and deliver strategies and policies, and focus on internal customers. In contrast to this, CTOs focus on the external customers to the organization and how technology can make the company more profitable.[19]
The traditional definition of CTOs focused on using technology as an external competitive advantage now includes CDOs who use the power of modern technologies, online design and big data to digitize a business.
CIO Councils
CIO Councils bring together a number of CIOs from different organizations which aim to work together, for example across healthcare or across government. Examples include the UK public sector's CIO Council,[20] the London CIO Council for the healthcare sector,[21] and the Chief Information Officers Council in the USA.[22]
Awards and recognition
It is not uncommon for CIOs to be recognized and awarded annually, particularly in the technology space. These awards are commonly dictated by the significance of their contribution to the industry and generally occur in local markets only. Awards are generally judged by industry peers, or senior qualified executives such as the chief executive officer, chief operating officer or chief financial officer. Generally, awards recognize substantial impact to the local technology market.
^Peppard, Joe (August 2010). "Unlocking the Performance of the Chief Information Officer (CIO)". California Management Review. 52 (4): 5. doi:10.1525/cmr.2010.52.4.73. S2CID154762904.