The DNA of a High-Performing CIO

DNA is inherited from our parents, and impaired genes may limit our potential regardless of effort. In much the same way, a Chief Information Officer’s (CIO) performance is influenced by organizational factors beyond their control.

Reporting structures, governance practices, and leadership ethics act as the corporate DNA of an organization. When these elements are healthy and aligned, CIOs can thrive. When they are flawed, even the most capable CIO may struggle to succeed.

There is much discussion about a CIO’s qualifications, experience, and track record, but far less about the conditions that influence job performance. Is there a myth behind why a hand-picked CIO, selected through an extensive search, fails to meet expectations?

Dismissing a CIO for reasons ranging from insufficient business and strategic insight to perceived technical or operational shortcomings may not be justified until there has been a close examination of the reporting hierarchy, corporate governance, and professional ethics—the organizational DNA that shapes CIO performance.

Misaligned Reporting
A CIO is doomed to fail when reporting into a siloed function with no mandate over business units. It is like a race car being given no fuel to power the engine.

Resistance to change is pervasive in many workplaces. Common causes include labor constraints, a lack of urgency, fear of failure, and, more often than not, the risk of opening a can of worms. Business units acknowledge that untangling and migrating a heavily customized Enterprise Resource Planning system to a new software suite can be as delicate as a heart transplant. Such initiatives may uncover years-old payment errors, misinterpreted HR policies, orphaned privileged accesses, and other irregular practices ­­— potentially exposing the leadership responsible. Consequently, maintaining the status quo is often preferred, creating the impression that the CIO is making little progress.

Corporate politics frequently come into play. Mandatory business justifications for technology projects are portrayed as bureaucratic hurdles. Clunky interfaces, disconnected workflows, excessive approvals, and inconsistent reports are often disguised as technology problems. Important digital initiatives such as shared IT services, enterprise architecture, and the rationalization of shadow IT may be diluted or blocked by business units seeking to protect their own interests. Some business leaders choose to procrastinate, make excuses, and preserve the status quo, leaving legacy problems and technical debt in anticipation of leadership changes.

CIOs cannot operate solely by consensus because every stakeholder has blind spots. Decisions reached through consensus are not always in the best interests of the enterprise, particularly in non-profit organizations. A CIO without executive authority over business change is effectively handicapped. Without a mandate to drive process improvements, establish digital priorities, and enforce accountability, the foundations of business efficiency and growth are very much weakened.

Disengaged Governance
A CIO is reduced to a support role when IT is treated merely as a utility, where system uptime becomes the dominant key performance indicator. When coupled with the absence of a CIO’s voice in the boardroom, their strategic relevance is further diminished.

Operating largely in a defensive posture, CIOs are summoned to Board whenever necessary to defend cyber breaches, project failures and service disruptions. Over time, the discussion becomes dominated by bad news, creating bias and prompting questions about whether the right person is leading the technology function.

An increasing number of progressive organizations are establishing dedicated Board Technology Committees (BTCs). These committees function much like Audit Committees by providing independent oversight of governance, compliance, and technology risk matters.

A BTC provides the CIO with a politically safe forum to present emerging strategies, policies, and technology initiatives for candid discussion. It is not intended to bypass the CEO or CFO. Rather, it serves as an executive platform connecting independent directors and the CIO, helping to identify issues that warrant the full Board’s attention.

Unethical Leadership
Whether we succeed professionally often depends on our managers or reporting officers (ROs). Beyond conducting performance appraisals, exemplary ROs empower, support, and mentor their teams.

For CIOs, however, these qualities are less critical. As experienced senior executives, CIOs operate independently with minimal supervision or coaching. They are results-oriented and guided by Board-endorsed strategies. They engage their ROs at the appropriate moments to ensure alignment without burdening them with operational details.

“The biggest risk is not taking any risk,” famously said by Mark Zuckerberg. Technology, by its very nature, involves risk. Failing to embrace it may ultimately become the greatest threat to an organization’s survival. Significant risks include technology investments that generate poor returns, failures of mission-critical systems, and the accumulation of technical debt. CIOs should therefore be evaluated on the opportunities they identify, the risks they mitigate, and the digital advancements they deliver.

An RO who is evasive, ambiguous, and unwilling to address sensitive issues can be highly disruptive to a CIO, who depends on clarity and certainty to perform effectively. Misunderstandings can easily arise when critical decisions are communicated verbally rather than documented through email or meeting minutes.

Performance DNA
High-performing CIOs are forged through years of experience and practice. Nevertheless, some may succeed in one organization and struggle in another due to differences in culture and operating models.

An enabling environment is created through a clear business mandate, an engaged Board Technology Committee, authentic and risk-savvy RO. Together, these elements form the corporate DNA that enables sustainable CIO performance across industries.


Copyedit: ChatGPT

Just Too Many Digital Chiefs

Like a medical specialist providing in-depth and expert care in a specific area, the tech industry has seen a similar shake-up in recent times, resulting in a plethora of high-sounding titles such as Chief Analytics Officer (CAO), Chief Artificial Intelligence Officer (CAIO), Chief Data Officer (CDO), Chief Digital Transformation Officer (CDTO), Chief Information Officer (CIO), Chief Information Security Officer (CISO), Chief Knowledge Officer (CKO), Chief Machine Learning Officer (CMLO), and Chief Technology Officer (CTO). This trend is ongoing, as evidenced by the myriad of executive programs offered by Ivy League colleges and training schools for those keen to qualify.

The rapid tech advancement has caught many enterprises off guard. The surge of chief titles like CAIO and CMLO appears to be a knee-jerk reaction to the phenomenal growth of generative AI. In the past few years, many CISO appointments were fast-tracked to comply with regulatory mandates in some parts of the world, requiring a dedicated chief for cybersecurity amidst escalating cyber breaches and privacy invasions. On the other hand, the once in-demand CKO hiring of the late 1990s is fast-fading, likely ousted by the CDO and CAO amid a shifting focus to big data and analytics. Lastly, the de facto tech chief, the CIO, has seen its technology portfolio mostly taken over by the CTO, often to spare focus on technology.

Obviously, we do not need a management professor to tell us that too many chiefs without a chief of the chiefs would be a grave mistake in corporate governance. For instance, should the CISO be accountable for the security of an AI system? Intuitively, yes, provided the CISO has veto power over the AI because accountability requires control. From frivolous data to business insights and invaluable knowledge, should the CKO be rejuvenated and made responsible for all these seemingly discrete domains, thus offloading responsibilities from and right-sizing the CIO and CDO? Ironically, does the CDTO really fit the bill of a digital chief with goals to transform business? Realistically, must all the chiefs bear the same titles and compensations if their job sizes differ?

Nobody would argue if the Chief Executive Officer (CEO) were to be the overall digital chief, given how tech has been transforming industries and businesses. A level closer to the head of the organization allows for more direct communication, level brainstorming, and faster decision-making. However, this is impractical given the day-to-day management chores. For non-tech, non-profit, and end-user enterprises, IT is mostly a tool, not a strategy, and an expense rather than an investment that hardly creeps into the KPIs (Key Performance Indicators) of the CEO. Also, it takes more than a tech-savvy CEO to oversee the work among the digital chiefs, dealing with operational issues and personnel conflicts.

It is an opportune time to rehash the chiefs’ departments if you have close to a double numeric of digital chiefs, especially when some have no direct reports. The CIO debuted in 1980, and the CTO in 1990, when the first batch of CIOs had already been functioning well for a decade before relinquishing their tech function to the CTO. The CIO nomenclature has suffered from a birth defect with a missing specific – Technology – despite it being a substantial part of their roles. Given the continuous advancement and escalating reliance on technology, it makes perfect sense for a new chief function, the Chief Information Technology Officer (CITO), to take on both portfolios. In fact, the CITO role has emerged in recent years as a response to the increasing importance of technology in organizations, likely evolving from the CIO and CTO roles.

There are CISOs reporting to an independent entity, such as the Board, CEO, or a corporate chief on risk management, citing autonomy without being undermined by the CIO or any other chief. Unlike audits, the CISO is not an inspect-and-control function; it is the inherent cybersecurity knowledge and skills that are most valued. The CISO should be an integral part of the CIO department, incorporating security design and operating requirements into any tech development. The CISO should also be the party to endorse tech implementation and operational changes. Checks and balances can be achieved through independent audits, external consultancy, and certifications like ISO 27001 Information Security Management System.

Data does not lie but stops short of saying anything if it is not clean. Like clean water to humans, pristine data is the lifeline to AI, and the CAIO, CDO, CAO, and CMLO, despite each taking a different spin on it. The CDO should define relevant policies for data ownership, cleansing, protection, sharing, and retention, govern and coordinate efforts among the business units to ensure compliance and resolve disputes. Separately, the CAO focuses on data analytics, using tools like Excel, Python, SQL, and SPSS to justify business actions and decisions and subsequently measure performance. Raw data is akin to unrefined ore; it’s abundant and contains potential value, but in its unprocessed state, it lacks clarity and insights. Combining the CDO and CAO functions into a Chief Data and Analytics Officer (CDAO) provides oversight and management controls for transforming raw data into valuable insights.

The CMLO, equipped with strong mathematics, statistics, and coding knowledge, builds algorithmic models for applications such as generative AI, behavior analysis, and pattern recognition. The CAIO, with a similar background, spearheads AI direction, strategies, ethical use, and staff training across the entire enterprise. It is an ecosystem where the chiefs interact and work to embed AI seamlessly in all business functions.

In the context of the CDTO, the latest kid on the block, Tech and Digital are not interchangeable. As the name implies, digital transformation aims to modernize the business by leveraging progressive tech advancements. Transformation is disruptive, often requiring mindset changes, new learning, and critical thinking to debureaucratize the organization. Besides possessing necessary business acumen, having a clear mandate and authority to make decisions is crucial for effectively addressing and overcoming objections. The emergence of the CDTO is timely, fueled by attainable technologies such as Cloud, RPA (Robotic Process Automation), next-generation ERP (Enterprise Resource Planning), and the prevalence of BPO (Business Process Outsourcing) that enable businesses to own their transformation.

Except for the CDTO, all tech chiefs have either a share of operational duties or a high stake in them. In a unified approach, tech-related activities such as strategic planning, manpower forecasting, and budgeting should be integrated and coordinated across the enterprise, rather than being siloed among separate digital chiefs. This collaborative approach ensures alignment, efficiency, and effective resource allocation, enabling the organization to achieve its goals and business priorities cohesively and strategically. As the saying goes, “A house divided against itself cannot stand.” By working together, we can build a strong and resilient organization that thrives in today’s fast-paced and competitive landscape.

Merging the CIO and CTO functions into CITO and combining the CDO and CAO into CDAO are pivotal steps prior to integrating the CAIO, CMLO, and CISO functions into the same CITO office. Partnership hinges on individuals, but an integrated system, once built, will be long-lasting regardless of personnel changes and how technology evolves. Transformation is not a transient function, and the CDTO, primarily a business function, should stay abreast of technological changes and continue to lead the effort.

With the optimized hierarchy, the CITO, with combined functions of CIO, CTO, CAIO, CMLO, and CISO, will report to the CEO or their deputy, as will the CDTO and CDAO with combined functions of CDO and CAO. Knowledge will become on-the-fly with proper safeguards when generative AI becomes more intelligent and widespread, thus diminishing the CKO’s role further.

Organizational changes are risky. Dealing with potentially inflated titles, re-designation, and job resizing may unsettle many incumbents. It reminds one of those heated debates between centralizing and decentralizing tech functions in a large enterprise. Ultimately, organizations persevering through these changes will benefit from agility to cost savings, clarity of ownership, accountability, less politicking, a healthier workplace, and, finally, emerging as leaders in their industry.



*Copyedited by ChatGPT, https://chat.openai.com/chat