What is a CIO?
A chief information officer (CIO) is the corporate executive in charge of information technology (IT) strategy and implementation.
In addition to overseeing the hardware, software and data that help other members of the C-suite do their jobs effectively, the CIO must research new technologies, strategize how technology can provide business value and address the risks associated with digital information.
In many companies, the CIO reports directly to the chief executive officer (CEO), and at some companies the CIO sits on the executive board.
How has the CIO job evolved?
The role of the CIO traces its lineage to the late 1950s when businesses began to incorporate computing into business operations. As such, the CIO position was primarily a technical job throughout much of the second half of the 20th century. This was the mainframe era, an interval spanning roughly from the 1960s to the early 1980s and so named for the mainframe computers procured by enterprises to automate back-office processes.
First-generation CIOs were typically senior or middle managers in data processing or information systems (IS). During this time CIOs focused on delivering new IT systems on time and on budget and running existing systems with a high level of availability. They were rarely involved in determining the enterprise's IT strategy (let alone business strategy), preferring to let the dominant vendor (usually IBM) set the course.
The job of the CIO started to shift with the rise of the internet in the 1990s. Public access to the Internet during that time quickly extended the role of IT into business operations, which opened the door for the CIO to become involved in business strategy and help the company understand how to take advantage of the internet, which was radically changing how business was being done.
This article is part of
What does the CIO do?
As a result of CIOs increased strategic responsibilities, they started to delegate the oversight of day-to-day IT operations to deputies and staff and became increasingly reliant on specialists to manage specific areas of IT, such as storage or security.
That shifted the focus of the CIO's attention. Today, as companies head into the 2020s, most organizations expect their CIOs to be strategic partners to other C-suite executives. CIOs are expected to work with their executive colleagues to develop a strategic vision for the enterprise and articulate how IT can support and enable the organization's current and future state.
CIOs also must understand, articulate and plan how to use existing and emerging technologies to transform the organization into an increasingly digital one, where technology helps it compete in the evolving digital economy.
Korn Ferry's Craig Stephenson describes the growing demands of the CIO job.
Why is the CIO important?
At the start of the 21st century, technology became increasingly ingrained in how organizations operate, how entities transact and how individuals live their day-to-day lives, with the internet and powerful mobile computing devices making IT an indispensable part of most people's lives.
At the same time individuals became increasingly demanding of their technology and the organizations with which they interact, expecting both to provide easy-to-use and engaging experiences that help them do whatever task they want better, quicker and cheaper. This expectation has put pressure on organizations of all kinds -- from commercial entities to nonprofits, from government agencies to medical providers -- to leverage technology to meet those expectations. Industries that fail to do so risk being disrupted by newcomers, while organizations that fall short risk losing market share to their competitors and being put out of business altogether.
With stakes so high, the CIO position -- with its focus on how to use technology to be competitive -- has become essential to an organization's long-term success.
In its 2019 CIO survey, advisory firm Grant Thornton and the Technology Business Management Council declared: "This role is becoming more critical as technology becomes increasingly ingrained in all aspects of business and consumers' lives. CIOs who can successfully [become a trusted business partner] will have a seat at the table to drive innovation and business growth throughout digital disruption."
What are the responsibilities of the CIO?
The CIO has ownership of IT and as such has responsibility for the key delivery requirements that fall to the technology department. So, in addition to contributing to the organization's overall IT strategy, the CIO's responsibilities include:
- establishes, maintains and oversees at the highest level the technology architecture and technology choices that power the organization, ensuring that the systems are available and reliable;
- establishes and maintains the technology infrastructure in a way that aligns with the resources (i.e., budget) made available to IT for that task;
- evaluates, purchases and deploys technologies;
- sets parameters for when, where and how others within the organization can purchase, implement and deploy technology;
- optimizes technology resources -- software, hardware, staff and spending -- to deliver the best value and highest returns on investment to the organization;
- collaborates with the chief information security officer and the CISO's team to ensure systems meet the organization's established cybersecurity frameworks; and
- researches and evaluates existing and emerging technologies to understand where new systems can be used to achieve organizational objectives and plan for how the organization will utilize systems for its gain in the near- and far-term future.
What qualifications and skills does a CIO need?
Early CIOs needed to be highly skilled technicians. However, as the position evolved into a more strategic, business-oriented one, the skills required to do the job successfully evolved as well.
As a result, CIOs in the 21st century aren't just great technicians. They also need to have a high degree of business acumen, understand their organization's industry and possess knowledge of the various business functions within their organization, how the organization operates and how the organization defines success.
Arguably, the most effective CIOs not only have the ability to dramatically re-engineer business processes, they also have the leadership skills required to convince others that change is necessary.
To figure out how IT can generate business value, CIOs must grasp and quickly respond to a number of market forces, including innovations in technology, vendor product offerings, disruptive technology and, increasingly, a customer base that expects to do business across physical and virtual channels. Many experts believe the pressure on CIOs to adapt to these market forces is more acute today than it's been in the 30-year history of the role.
The increasingly rapid pace of technology change, coupled with widespread consumer use of digital technologies such as social media, mobile devices and cloud computing, have forced CIOs and their enterprises to rethink the role IT plays in nearly every aspect of the business, from operational efficiency to employee productivity to customer service to business goals and even business survival.
Current CIOs must also have a collection of leadership qualities and soft skills (also known as people skills) to help inspire their own staff, their fellow executives and workers throughout their organizations to accept the frequent changes brought on by technology innovation and to embrace working in different ways.
Who does the CIO report to?
As the importance of technology has increased, so has the prominence of the CIO position within most organizations' reporting structures.
Now about half of the CIOs in the United States report to the CEO, according to one study from the advisory firm Deloitte.
Deloitte found that 51% of U.S. CIOs surveyed report to the CEO, with 28% reporting to the chief financial officer, 17% reporting to the chief operating officer and 4% reporting to other positions.
Deloitte also noted that the percentage of CIOs reporting to the CEO is up year over year for the past several years.
Deloitte noted, however, that CIOs who don't report to CEOs can still play a strategic role, provided they're aligned to business objectives, are able to lead technology-driven business transformation and report or partner with business leaders who support such work.
The reporting structure within the IT department also varies, depending on the size and complexity of the IT function within any given enterprise. A large organization, for example, may have a global CIO who has a number of country or regional CIOs reporting to him or her and who then are responsible for directors and managers overseeing numerous technology functions such as infrastructure and software development.
The CIO's deputy may be called a chief operating officer of IT (COO of IT). When a CIO oversees IT strategy and implementation at more than one company, the position is called a fractional CIO.
Additionally, the IT reporting structure generally reflects trends in how technology is delivered. For example, many IT organizations have come to embrace Agile software development methodologies and more specifically DevOps, where development and operations as well as security functions work together in teams to develop new software capabilities in an iterative fashion. So some CIOs no longer divide IT into operations and development.
Another trend is bimodal IT. As such, some CIO may oversee an IT department with two distinct responsibilities, with one being operations and the other being innovation. Gartner, the technology research and advisory firm, named this structure "bimodal IT." However, it's important to note that many IT departments do not have a bright line dividing operations staff from innovation work.
How much money does a CIO make?
CIO compensation varies widely, depending on an individual's years of experience and, in particular, company revenue and size.
Managing a distributed workforce
With the adoption of personal computers in the enterprise by the early 1980s, IT systems were no longer concentrated in data processing departments staffed by IT professionals but were distributed throughout the enterprise. Business units outside the central IT organization began procuring their own IT systems from a new crop of IT vendors, including Microsoft and Intel. Employees became accustomed to having powerful desktop technology at their fingertips.
It became apparent to businesses that supporting autonomous pockets of IT, also called shadow IT, was inefficient and expensive, and many enterprises adopted a federated model in which some IT systems and services remained under IT's control and other technologies were under local control.
Figuring out how and from whom these systems should be procured, architected and networked end-to-end became an important part of the CIO role. This period also marked the emergence of the large enterprise resource planning software suites to collect and manage the data produced at different levels of the business. Implementation of these complex systems was costly and difficult, required significant business process re-engineering and sometimes resulted in failures for CIOs, prompting the now-old joke that CIO stood for Career Is Over.
In the early days of the CIO position, the professionals who held the job did not necessarily need to have a college degree or specialized training to be successful in the role. Rather, they had to possess strong technology skills and an engineering mindset.
However, as the job become more strategic and business focused, organizations increasingly sought CIOs with college degrees, preferably a master's degree. Organizations wanted CIOs to have degrees in either a technology field -- such as computer science or information systems -- or a business discipline -- such as business administration or an MBA.
CIOs now often also hold certifications in various technology and business disciplines, such as in Six Sigma and Lean business process improvement methodologies.
The future of the CIO
As businesses of all types become more and more digitized, the challenge remains the same for CIOs. Native-digital companies such as Google, Amazon and Facebook have ushered in a new set of competencies for the CIO. These include the need for cloud-based IT, mobile-first computing, big data analytics and social collaboration platforms.
Advances in computing power are paving the way for commercial application of artificial intelligence (AI) and the Internet of Things. Digital disruptors such as the ride-sharing service Uber and streaming media company Netflix are redefining business models and whole sectors of the economy. Meanwhile, the responsibility of safeguarding enterprise IT systems and data becomes a nearly impossible task in the face of relentless cyberattacks.
Some have observed that the ubiquity of computing has brought the role of the CIO to a point where it must change, with some CIOs eager to exploit technology to create business value. Other CIOs, according to executive search professionals, are concerned they have not been trained to carry out the initiatives they're expected to lead. As the flow of information becomes ever more central to business success or failure, the role of the CIO is filled with risk and primed for great reward.
Some experts believe that as companies strive to compete in the digital marketplace, CIOs are the best-positioned to become chief executive officers. Others argue that IT strategy-setting and the procurement of IT systems will be subsumed by business functions, and the CIO role, as traditionally defined, will be carried out by a team of specialists throughout the company.
Additional IT executive roles: CTO, CISO, CDO, CAO, CAIO
Already, many former CIO responsibilities are being transferred to other executive roles. In addition to a chief technology officer and chief information security officer, a host of new "information chiefs" are cropping up with titles that include chief data officer, chief digital officer and chief artificial intelligence officer.
Additional C-suite titles related to information technology include: chief analytics officer, responsible for data analysis within an organization and sometimes combined with the chief data officer role; chief privacy officer, responsible for developing and implementing policies that protect employee and customer data from unauthorized access; chief risk officer, responsible for assessing and mitigating competitive, regulatory and technological threats to an enterprise's capital and earnings; and chief trust officer, responsible for building confidence around the use of customer information.