Who Needs a CIO?

By Alan S. Kay

First there was the glass house. Then came distributed systems with business units in charge. Where does the IS leader belong today?


Want to bring a little levity into the professional existence of your corporate chief information officer (CIO)? Just tell him or her that with so much downsizing going around, some folks are wondering whether the CIO's position is needed any longer. It's a line that's guaranteed to draw a laugh. For the moment.

"Every organization needs a CIO," says Mark LaRow, a partner at Ernst & Young LLP's center for technology enablement in Fairfax, VA, "but that role is evolving. It has to: The primary thing the CIO manages--technology and technological solutions--is changing." Once upon a time, the person who performed that role was the data processing director. More recently, he (women have come late to technology management) was the MIS director. In some companies, the position is chief technical officer or chief technology officer. But whatever the title, says Jerry Luftman, a professor of information management at Stevens Institute of Technology in Hoboken, NJ, "The CIO is not dead."

Obviously, these denials indicate a trend toward examining the necessity of this position, if not actually doing away with it. For example, when James R. Kinney's predecessor left his post as CIO at Kraft Foods North America, based in Northfield, IL, the company's executive management decided to examine whether it needed a CIO. "With the help of a consultant, we concluded that we did need a CIO," says Kinney, who is also president of the Society for Information Management. "We concluded we needed a functional head for our IT function."

But why? The glass house is less and less the center of a company's strategic information management operations. Outsourcing--of IS resources and more importantly of the responsibility for shaping business processes--is widespread, in various configurations. The most extreme form of deconstruction and decentralization--the business process reengineering that has generated so many books, lectures, seminars and consultants' fees--is about wiping the org chart clean and rebuilding it, from the profit centers inward. Nonetheless, the position of CIO at Kraft survived, with changes.

Some IS functions, once centralized, now are distributed among the company's business units. "We dispersed system development responsibilities to our functional and business unit organizations, taking it away from the CIO's responsibility as head of the corporate IS organization," says Kinney. In explaining that shift, he echoes the anthem of corporate decentralization that has been a hallmark of the 1990s. "We had the notion that we needed accountability for the IT investment to rest within the business units and their functions. We needed senior management of those units to take accountability and ownership for IT investments. We had the notion that perhaps the CIO position encouraged that senior management to abdicate that responsibility."

But after that divestment, Kinney isn't lacking for work. There were, he notes dryly, "a couple of things" that could not be addressed without a functional head of IT. One is the need for enterprise-wide standards to give "some sense of order about what we were doing." Another is the need for someone outside of any given business unit and with a company-wide portfolio to ensure that its IT strategy is closely integrated with its business objectives. And a third is to pay attention to the human resources issues within IS: assuring that training, education, and career development goals and procedures are in place and that the right people are being selected for new opportunities.

As vice president of information services and CIO, Kinney is a peer of the vice presidents who head Kraft's business units. He regularly provides them with advice and counsel on IT uses and investments. He reports to the CEO, to whom he is responsible for an overall enterprise strategy for the deployment of IT resources.

But the core of Kinney's management role can be found in the IS management council he created. It consists of the heads of the IS groups within each of the business units. "We act as a board of directors with accountability for the IS function," he explains. "We do not have approval power for projects and acquisitions--that goes through the standard business investment process--but we do for programs that have objectives meaningful for the IS function." One of the council's key moves was to underscore project management as a core competency within the IS function. "As a council, we've agreed to reemphasize that competency. We've established a new training curriculum and closely integrated that with the system development process."

The Swinging Pendulum

There is unanimity among those who study and advise corporations on IS management issues that the trend in recent years as been to decentralize--and that the pendulum is now beginning to swing back. "We have seen the continuation of a fundamental power shift to distributed business units," says William Rosser, vice president and research director for the management of IT for the Gartner Group in Stamford, CT. "But at same time we're seeing the fairly strong beginnings of a desire to recentralize shared services for the sake of economies of scale and consistency: to enable shared data, better interfaces with the outside world, and a better, more consistent guide for employees, suppliers and partners needing to access information."

"Companies are decentralizing their applications work," Luftman says, "putting people who know how to use and leverage computers out with the business people. But centralized IT is still important. The CIO's role is managing the technical infrastructure: making sure the networks are all consistent, that information can be shared across lines of business, that the applications that are used within each of the parts of the business can be leveraged. The CIO's role is to make sure everyone isn't going off in different directions."

Jack Groban watches the enterprise IT world from his Los Angeles vantage point as managing director, North America, for A. T. Kearney Executive Search, a company recently acquired by Electronic Data Systems (EDS). "There are cycles, because there are inherent advantages and disadvantages to both models," he says. "In a decentralized organization, the purpose of having a corporate CIO is to promote consistency, which means economies, and in so doing perhaps maintain a technical framework that more easily accommodates acquisitions and possible downstream recentralization."

There is increasing emphasis on lines of business having direct access to customers, according to Natasha Krol, vice president for advanced information strategies at the Meta Group in Stamford, CT. But she offers a caveat. "On the one hand, all this 'closer to the customer' is fine and needed; on the other hand, we're beginning to observe a backlash against that completely decentralized model. There are certain processes within companies whose consistency needs to be enforced on an enterprise-wide basis. If you're a global company, there are also a lot of global processes that need to be enforced on an international basis."

Contrary Pressures

A CIO from a decade ago might not recognize the job today's CIO does. Jim Stikeleather, a former CIO who is now a partner with Technical Resource Connection in Tampa, FL, recalls that the CIO of the 1980s often was a chief technical, rather than information, officer. In that form, he says, the position is indeed disappearing.

The CIO of a major New York institution agrees. "Anybody who tells you they oversee operations, with [systems] analysts and such, probably shouldn't be a CIO today. The CIO role combines technical knowledge of current and on-the-horizon technologies and the knowledge and ability to leverage those technologies within the organization. The ancillary stuff--keeping the machines going--I associate with the Maytag man [who doesn't have enough to do]."

Who is this new CIO who faces the challenge of being both strategic leader and effective manager, of being grounded in IT yet understanding in detail the company's business? Here's how one CIO, who asked not to be identified, views the profile: "It is essentially a person who thinks in terms of knowledge as much as in terms of bits and bytes. It's a combination of chief knowledge officer and a creative problem-solver, someone steeped in business but in touch with the technology. You need to be pragmatic, use common sense, be realistic, demonstrate value and have people respect you. You need to understand a bit of finance as well, to understand ROI from a CFO's point of view. And there's also an issue that's intangible but important: You can't talk to a business unit unless they believe you understand their organization and care about it more than about yourself and your own agenda."

That's a tall order. It's also one with which Kinney of Kraft Foods largely concurs. The CIO should be acknowledged as the functional head of IT and so must be able to show those skills, that background and experience. But, he says, "Clearly the individual should have and can come from a function other than IT."

Ernst & Young's LaRow says a CIO today also ought to be something of a politician. "The CIO has to be a technologist to sell competency to the business units, doesn't have to be a superb businessman, and has to be less competent at project management but more competent at the political skills of building consensus and constituency."

Arthur Tisi, CIO at the Metropolitan Museum of Art in New York, sees the effective CIO as one who offers a rare but important combination of business sense and technical talent. Look for a degree in business or marketing and a degree in computer science, a general business sense and demonstrated good judgment, he suggests. Then make sure the candidate offers what he describes as "sort of a Jimmy Stewart approach--common sense."

Redrawing the Org Chart

Even if the CIO's perception of himself or herself as a strategist for business change is not entirely mirrored in the executive suite, there is broad agreement that in a finely honed, determinedly competitive business, the CIO deserves a seat at the table where executive management decisions are made. Gene Raphaelian, Gartner Group's San Jose, CA-based vice president of management strategies and directions, says, "This modern view of the CIO implies an elevation in the organizational chart, since it says he or she has to address both tactical and strategic issues. I'm not sure the CIO has to report to the CEO, though many should. But when it comes to making decisions about major project opportunities, you want to have that person in the room to offer an opinion or an assessment before the investment."

"Look at other professions," says Stikeleather. "HR has become elevated to an executive-level position. The CFO is at the executive level. Logically it seems to follow that the CIO truly has something to contribute at the executive level now, because that person is holding onto the standards for information."

Gartner Group's Rosser agrees, but he cautions that that standing may be temporary. "In practical terms, the CIO currently is growing in relative importance as we push toward partnerships with the business units, because the leverageability of IT to facilitate partnerships is growing. Right now the business units don't understand what can be done, so this communication process will go on for three or four or five years. We are heading for some sort of peak where the CIO is the source of leverageability, but end-user management will continue to gain sophistication, and the tools available to them will become more sophisticated. At some point, then, the CIO will be left with more of a coordinating or brokerage role with respect to the knowledge architecture and with a role as purchasing agent."

This view suggests that the CIO's relationship to the business units is key to his or her strategic identity within the enterprise--and thus to his or her indispensability. Where once the IS head could make decisions about business tools and the pacing and prioritization of application development projects, he or she now must be effective at some combination of partnering and mentoring.

Even with a line-of-business background, the CIO faces the challenge of internalizing the business units' entrepreneurial concerns sufficiently to be an effective partner. This has to be done both informally and formally, notes Groban of A. T. Kearney. The informal work is the politics of the CIO's job, ensuring that there is personal communication with line executives and involvement with their plans and goals.

Formally, today's CIOs rely on a number of approaches to maintain the relationship between IS and the business units. Among them are an IS-led steering committee; application teams created within IS that are dedicated to the needs of the business units; and business unit CIOs or technical officers who consult with or are budgeted out of the CIO's operations.

One way to view the task facing the CIO is to understand each business unit as an internal client rather than as a user--that is, as someone who can go elsewhere if not satisfied. As a result, says Fred Magee, research director for business management of technology at the Gartner Group in Stamford, many CIOs have created the role of relationships manager: a senior manager reporting to the CIO who is responsible for managing the relationship with one or more internal clients.

The relationships manager brings back business intelligence to IS so it can be aware not only of business requirements but of the language in which they're described by the business unit. "Where IS is seen as an out-of-touch entity, relationship managers often serve the purpose of being interpreters," says Magee.

The Hybrid Model

The most common model in the distributed enterprise that now is reaching back toward some centralized IT services has the CIO responsible for centralized telecommunications and networking and perhaps centralized operations, with applications development decentralized. But the variations on this model are endless. What is common to all of them is that an enterprise CIO is a key player.

One of the big chips the CIO has to play in bridging the gap between technology and business is outsourcing and its strategic management. "We do not believe it will be realistic to continuously reeducate internal IT staff who are jumping from relational databases to client/server to object-oriented programming to Internet computing," says Krol of Meta Group. "Companies with development-conscious strategies to bridge the gap between technology and business will downsize their IT staff with respect to application development dramatically, using instead contractors who will be brought in on an as-needed basis.

"In that environment, the role of the CIO is not necessarily to coach and advocate for the staff; his or her role is first of all to understand the core processes that generate added value for the stakeholders and then to make sure those processes are supported by the CIO's in-house and extended staff. So he or she is no longer in charge of massive troops but has a role more of a general contractor."

How CIOs Succeed

Even if nothing within the enterprise or the marketplace mandated that there be a CIO, the breakneck pace of technological change alone might require one. In particular, given the strategic importance of enterprise data, the danger that it will proliferate in inaccessible places and heterogeneous forms requires that someone be in charge of this key resource. And the trend toward Internet-mediated access to data elevates security to the top of the list of enterprise concerns. Every business unit can address these concerns, following directives from executive management and getting tactical advice from IS. And there is no shortage of vendors who would be happy to sell tools that they say are the basis of standard architectures.

This complexity is one of the reasons corporate CIOs are important, according to Gartner Group's Raphaelian. "With IT decentralization, there has been a tremendous amount of IT architectural pollution," he says. "Lots of organizations are finding they need to integrate dissimilar architectures. Savvy CIOs recognize they don't own a lot of IT resources any longer, but they do have a role to coordinate and integrate various IT groups and help to standardize architectures--which incidentally drives costs out of the IT support stream--and act as more of a proactive leader."

Without a CIO, he warns, executive management will find itself with a lot of fiefdoms where petty warlords run their own shadow IS operations, replicating work and spending IS dollars unnecessarily. "And they'll never get the integration needed to manage the business," Raphaelian says.

Not Fade Away

There seem to be plenty of good reasons to have a CIO today, depending on how you define the job. LaRow summarizes the situation. "Business units are taking over more and more of the systems--that's undeniable. They want to control the applications--right now that seems appropriate," he says. "With those applications, though, they're gaining more control of data as well--that's a little less appropriate; data ought to be an enterprise-wide resource. They've also gained control of the technology infrastructure--that absolutely ought to be an enterprise resource."

LaRow suggests a useful analogy is to think of the CIO's relationship to the business units as more and more like the relationship of the federal and state governments, particularly in the early days of the United States. "Local control at the state level is highly important, but the federal role is important for all those agencies that set standards, where the states gain the benefit of uniformity. That's precisely the role the CIO needs to play in the next five years."

There's another role as well, if the company's management style allows it: chief change-management officer. Says Neal Goldsmith, a futurist who is the principal of Tribeca Research in New York, "There is a change-management function within the IS position in a corporation. It may not be a formal role, and in fact the CIO may not be the person in whom change management is formally invested. But for the CIO to go around without a change-management agenda is a recipe for failure."

The need for a CIO, however, does not guarantee the continued existence of the position. Gartner Group's Magee notes that in the typical business the central IS budget is growing slowly, while the business unit budget for IS is growing by 20 percent a year. "Part of enterprise CIOs' challenge is to reverse the flow of the dollars as a function of their own survival. Very often the dollars flow toward business units, because IS hasn't been able to change as rapidly as business has required. But to a large degree the flow of dollars is a reflection of the fact that business units have a more immediate need to be successful than IS does."

So who needs a CIO? The answer is simple, says Groban: "Every contemporary corporation."

Alan S. Kay covers business and technology from Washington, DC, and San Francisco. He can be reached at ask@well.com.