For most CEOs that have come up through the CFO and COO ranks, IT can be viewed as an overly complex, hard to understand, cost only center. IT is incredibly complex to lead and technology continues to change at a dizzying pace. IT can sometimes be seen as an inhibitor and not a partner that drives innovation for top line results while improving processes that positively impact the bottom line.
We’ve noticed some common IT management problems that occur for CEOs that can be easily addressed through the use of CEO best practices. I can’t cover all the best practices in this article but I can highlight some key observations based upon my experience reporting to and collaborating with CEOs.
Hire the Right IT Leadership
No company expects to find the purple squirrel CIO. Although, it seems that companies will go far out of their way to do so. Use the 80/20 rule when selecting your next CIO candidate. The candidate should meet at least 80% of your needs including the most important ones. If you keep trying to find the perfect candidate then you can be easily losing opportunity in cost savings and new opportunities missed in launching new products or services.
Keep in mind that in most cases your CIO doesn’t have to know the ins and out of a specific ERP platform or industry. Although, having those in their background helps. I’ve seen numerous CIOs transition to an industry and technical environment that they’ve never worked it and be extremely successful. Most often the CIO candidates should be a cultural fit, a strong leader, have broad business acumen, be flexible, be adaptable, great at problem solving, capable of transforming and leading change, and a great communicator.
Soft skills are incredibly important. No doubt. I’ve had numerous executive teams tell me that their CIO is talking a completely different language. Be sure your CIO can talk corporate strategy in the board room with the executive team and walk down the hall to a technical group and translate strategy into technology services. If your CIO doesn’t have the right skills then strongly consider what it will take to get them there. This may involve executive training and/or performance coaching. I’ve seen borderline CIOs become great performers because they were given the chance and provided support in order to succeed.
Various business cycles will require various CIO skillsets. Don’t hire someone to solve only your current issues but someone who will be able to help take your organization to new heights. I’ve seen CIOs that were hired to solve a specific problem but do not have the capability to lead other functions within IT. Hire to solve important problems but make sure they have the ability to go well beyond your current issues.
Lastly, do not hire someone just because you like them. We all want someone that we like to work with but there has to be the right balance of capabilities and personality. I’ve seen numerous hires just because the executive team likes a particular individual’s personality even though they clearly did not have the right skillset to lead IT. When these situations occur, the new hire can be out the door in a short time frame because of their inability to take on new challenges. Likeability only goes so far. Your new CIO has to be a well-balanced, likeable, business savvy and a technically competent leader.
Have Business and IT Strategic Plans
Numerous organizations including multi-billion dollar companies that didn’t have an IT Strategy and mainly due to a complete lack of business strategy. It’s surprising that I should have to even bring this topic up but it’s an unfortunate fact of the corporate world and occurs much more often than you would think.
If you’re a CEO whose vision includes improving revenue, reducing costs, and increasing customer satisfaction without specific objectives for each one of those goals then you don’t have a business plan. The business strategy has to be clearly spelled out and specific objectives tied to each one of your corporate functions. You can’t expect your team to have solid plans if you don’t.
The general approach that your CIO will use to develop strategy will look similar to this with varying implementation times depending upon each companies circumstances. It’s an approach that I’ve used successfully on many occasions.
Ensure that your CIO participates in various executive business and technology peer groups. They’ll need support from numerous sources if they are going to be successful. Besides a performance coach, peer groups are a great place to get support without giving away secrets.
One of the biggest mistakes that a CEO can make is to not include your CIO in the direction and decision making for future corporate direction. It’s surprising how often this occurs and I’ve seen medium and large global businesses pay dearly for it. Keep IT involved in the strategic plans of the business. All too often CIOs get surprised by initiatives because they weren’t included in the planning. You may think that an effort may not need your CIOs involvement but you could be very mistaken. Businesses these days involve a tremendous amount of integration. One change to an area can unknowingly easily impact another. It’s better to be safe than sorry.
Keep Yourself Updated on Emerging Technologies
You and your CIO should evaluate where you and your executive team are in regards to information technology acumen. No one expects you to be a technology expert but you do need to put forth a concerted effort in at minimum understanding some cursory technology terminology.
You need to have a plan with specific targets on how to increase your Technical IQ (TIQ). You can do standalone 1on1 meetings with your CIO or incorporate as part of your IT Executive Steering Committee. Lunch and learns are fun ways to have meetings and make good use of our time for this subject. If you belong to executive or CEO peer groups such as Vistage or Renaissance Executive Forums then request that technology be a subject of discussion as part of your group interaction. I’ve spoken to many of these groups and just a short time spent with the right person can exponentially increase your technology acumen.
Ensure that your CIO has specific agenda for developing emerging technologies acumen and engages with:
- Venture Capital Firms and Incubators
- Analyst firms including Forrester, Gartner’s Hype Cycle and InfoTech.
- Vendor events and newsletters from IBM, Oracle, Microsoft, etc.
- Advisory firms newsletters and events including Deloitte, Accenture, PWC, McKinsey, etc.
Insure that your CIO infuses innovation as part of IT culture, strategy and roadmaps and hold them accountable for doing so.
Ensure that you Appoint a Technology Savvy Corporate Board
The corporate board oversight of IT will depend upon a company’s dependency on information technology. The higher the dependency should require a higher level of focus. Prioritization of many company boards regarding IT can be problematic. This can be due to lack of technology acumen, culture of the company, board members functional experience, structure of the board and numerous priorities of boards.
Most current Boardroom priorities include:
- CEO and leadership succession
- Corporate strategy
- CEO evaluation
- Board composition
- Risk management
- Financial management
- Executive compensation
- Legislative, legal, and regulatory matters
- International perspective
- Group dynamics within boardroom
You will notice that technology is at the bottom of the list of priorities for many companies. However, this is changing as boards better understand ITs role and realize that technology is a vital area of governance oversight.
Your corporate boards can be better engaged by:
- Becoming more technology savvy through training and experience
- Adding additional board members with strong technology backgrounds
- Specifying more time on the agenda for IT
- Changing the board structure depending upon the importance of IT
- Receiving information electronically and more often regarding IT initiatives and issues
- Having CIOs attend meeting for specific agenda items on technology including security, risk governance, investments, and asset management
- Setting specific benchmark goals to increase the technology maturity of the board
- Ensuring what technology regulations and best practices to comply with, ensuring that compliance has taken place and using independent assurance of compliance initiatives
Several organizations that provide insight into corporate governance and technology include:
The National Association for Corporate Directors
Association for Corporate Growth
Use IT Benchmarking
Probably the most often question that I’ve been asked by CEOs throughout the years is “What percentage of revenue should I be spending on IT”. The obvious answer is that it depends and on several factors. The best way to baseline your IT spending in many different areas is to allow your CIO to spend some money on benchmarking reports produced by Gartner, Forrester, and other research groups. I’ve found these to be invaluable throughout the years not only for benchmarking IT costs but finding detailed and up to date information on the latest insight and innovative research for information technology. These reports and the information that they provide will pay for themselves and you should find room in your CIOs budget for these services. CEOs will appreciate the peach of mind that this information will provide and the smart decisions that it allows the business to make.
One point on benchmarking that I’d like to make should be that you will notice in these reports and studies are that companies that smartly spend above average on IT tend to outperform those companies that spend average or less.
Appoint an IT Steering Committee
There are numerous IT Committees recommended and used by companies. These can include:
- IT Policies and Procedures Committee
- IT Innovation Committee
- IT Budget Committee
- IT Security and Risk
Deciding how many and what types of committees will be up to your business needs. At minimum you should have a general IT Steering Committee with key senior executives that focuses on how the business can make smart, strategic use of current and emerging technology throughout all business functions.
Mergers and Acquisitions
Don’t wait until the last minute, after the boards approved a deal or totally exclude your CIO from participating in M&A activity. I’ve seen on numerous occasions expensive pain by foregoing ITs participation early in the process. If your CIO hasn’t been through an M&A cycle then I suggest getting some expert advisory support in performing the technology diligence and integration. I’ve spent a large portion of time cleaning up M&A issues that could have easily been discovered and addressed had IT been involved early on in the process and been able to ask the right questions.
Use of Technology Standards and Best Practices
It’s been shown that the use of various technology standards and best practices can increase performance by 40%. These are established by consensus and approved by a recognized body that provides for common and repeated use for activities and their results. There are numerous IT standards and best practices that can be used but some of the most common and minimally recommended standards are:
ITIL – A a set of practices for IT Service Management (ITSM) that focuses on aligning IT services with the needs of business.
COBIT – Control Objectives for Information and Related Technology (COBIT) is a framework created by ISACA for information technology (IT) management and IT governance. It is a supporting toolset that allows managers to bridge the gap between control requirements, technical issues and business risks.
CMMI – Capability Maturity Model (CMM) is a development model created after study of data collected from organizations that contracted with the U.S. Department of Defense, who funded the research. The term “maturity” relates to the degree of formality and optimization of processes, from ad hoc practices, to formally defined steps, to managed result metrics, to active optimization of the processes.
ISO/IEC 27002-2005 – An information security standard published by the International Organization for Standardization (ISO) and by the International Electrotechnical Commission (IEC), titled Information technology – Security techniques – Code of practice for information security management.
Six Sigma – A set of techniques and tools for process improvement.
TOGAF – A framework for enterprise architecture that provides an approach for designing, planning, implementing, and governing an enterprise information technology architecture.[2
ISO – ISO 22301:2012 – “Societal security – Business continuity management systems – Requirements”, specifies a management system to manage an organization’s business continuity arrangements. It is formal in style in order to facilitate compliance auditing and certification. It is supported by ISO 22313:2012,
You’ve got to find the right balance of standards. Not enough effort put forth towards standards compliance can result in little value and missed opportunities. Too much compliance and the standards become unsupportable, unmanageable and cost prohibitive. You need the right balance of standards achievability and return on investment. If your CIO isn’t using at minimum ITIL and COBIT then ask why. These standards are quintessential and will provide lots of value to your organization.
Business Continuity and Disaster Recovery
All too often I’ve worked for companies or consulted to companies that have no Business Continuity or Disaster Recovery Plan (DRP) in place. Hire experts if you need help with this. Disasters can strike at any time. Having an executable plan will keep you in business. Pain can be one of the best teachers in life. I’d prefer for your business to avoid the pain and smartly put together plans to avoid and deal with incidents and disasters.
Additionally, your IT DRP your plan needs a Business Impact Analysis to be successful. I wrote more on the subject in the article below. Why would you want to put a business at risk that you’ve spent much of your life building only to have a catastrophe wipe it out? I’m very serious about this. I’ve had many sleepiness nights as an IT leader working to convince and ensure CEOs that the risks that they have are real and incidents do happen. Hurricanes, 9/11 terrorist events, poor data center facility planning. etc.
CIO Reporting Structure
This subject has been heavily debated or years and will continue to be debated for years to come. Should the CIO report to the CEO or CFO? Recent research indicates that the reporting structure should be dictated by importance of IT to the business. The research proposed that a firm’s strategic positioning (differentiation or cost leadership) should be a primary determinant of its CIO reporting structure. The researchers hypothesized that differentiators are more likely to have their CIO report to the CEO in order to pursue IT initiatives that help the firm’s differentiation strategy. The researchers also hypothesize that cost leaders are more likely to have their CIO report to the CFO to lead IT initiatives to facilitate the firm’s cost leadership strategy. Second, extending the alignment–fit view, the researchers proposed that firms that align their CIO reporting structure with their strategic positioning (specifically, differentiation with a CIO–CEO reporting structure and cost leadership with a CIO–CFO reporting structure) will have superior future performance. In my opinion, if in doubt, in many cases having the CIO report to the CEO is the right way to go.
When I’ve lead IT I’ve been able to be successful in both reporting structures. I have a natural tendency to flex and adapt my leadership style to whomever I report to and lead mostly by influence. I find ways to continue to be engaged and successful no matter who I report to. So should your CIO and 99% of them will.
I don’t expect all the points this article to apply in every situation and for every CEO. There are certainly exclusions for some CEOs in certain industries, with specific products, delivering select services, where you’re at in your business cycle and revenue size.
IT doesn’t have to be overly complex or just a cost center providing little value to the top line. The more effort a CEO puts into understanding technology and applying CEO best practices for IT, the better there company will be and the happier their investors and shareholders will be.
Feel free to connect with me regarding any questions that you may have regarding IT leadership advisory.
Bruce McCullough, MBA, SSBB, ITIL, DCF