Recently, I was surprised to learn about LinkedIn’s lack of a CIO or a CISO. I am even more puzzled when I hear organizations suggest that other executives such as a VP of Engineering or a VP of Operations can perform these roles just as well.
Certainly, in terms of personal qualifications, these execs may have the skills to perform the CIO role. However, there is more leadership involved in the job of the CIO than there is at the level of a top single-function manager. In addition, CIOs must perform a series of seven key functions:
- Strategic Planning
- Building and Maintaining Relationships
- Reliability and Quality
- Projects and Services
- Promotion of the Organization
- Team Building
Three years ago, I developed the simple graphical model below to illustrate these functions, to facilitate discussions, and to explain my role as a CIO to others.
Copyright: Mansur Hasib. May be used freely for academic and non-commercial purposes with proper citation. Written author permission required for commercial use.
I’ve presented this graphic at several conferences to audiences of international business executives, current and aspiring CIOs, as well as people working around CIOs. During a highly interactive session at Educause, before I presented the model, the audience identified more than 20 functions for a CIO. Afterwards, they agreed that we could neatly fit all functions into the seven identified above. It was also clear to everyone that other IT roles, such as VP of engineering, VP of operations, or even a director of IT, usually do not encompass all seven functions.
In my opinion, while many functions can be successfully delegated, a CIO should personally focus on team building, relationships, and promoting the organization.
Team building is now central to the role of the CIO. Success can quickly become elusive if this critical function is delegated or abdicated. Though all CIOs are responsible for the seven functions, most need to share responsibility with key deputies and other leaders who make up the CIO’s core leadership team.
For example, due to the increasing complexity and need for strategic focus on cybersecurity, today most organizations need separate information security and/or information privacy officers. In some cases, these designated positions are required by law. However, due to differing skill requirements, it is important to carefully select the right leader for each area. It is equally important to ensure that all leaders are functioning as a cohesive team and are collaboratively working for each other’s success and the overall success of the organization.
Building and managing relationships, both within and outside the organization, also is critical for a CIO in order to recognize priorities, trends, emerging problems, and opportunities. Discussions and engagement with industry peers help to validate and fine-tune strategies and ensure continuous learning. Relationships are also essential to promoting the organization.
Promoting the organization through continuous analysis and discussion of the economic impact of IT on the rest of the organization connects the IT function to its stakeholders in a meaningful way. It ties the success of programs and initiatives to the success of IT. It promotes effective use of IT services and ensures an understanding of how IT strategy fulfills the mission of the organization.
For these three areas, skillful communications and strong interpersonal skills are critical assets for a CIO. While a strong technical and/or security background is important, success is usually determined by a CIO’s ability to listen, communicate, collaborate, build relations, and collaboratively develop a shared vision.
Most of a CIO’s strategic communications must be in plain business language. For example, an information security strategy is usually best explained in terms of the value of business risks mitigated, financial loss avoided, or additional revenue generated rather than in terms such as “advance persistent threats” or “phishing.”
To underscore an essential point: The CIO role is best performed at the highest executive levels of the organization -- above the engineering or operations level.
— Mansur Hasib has served in CIO/CISO and other leadership roles in the public, private, and education sectors.