Role of the CIO in a modern company

CIO — Chief Information Officer. As the name suggests, it has everything to do with information within the company. CIO is the umbrella for all IT who connects technology with the business, builds the bridges to get the best value out of IT to support business growth, to keep IT costs under control and to make sure that all the verticals work as one team to bring business value to the company!

The title comes from the 80’s where it was introduced to increase efficiency and productivity and to cut costs in IT. Back then, IT was a supporting function for the business, not seen as a value in itself. After the dot-com boom in 2000’s, it was an acronym for “Career Is Over”, but it didn’t stand that way for a long, since IT and information became value in itself for new-age companies, data started to play a bigger role and most of the money went “online”.

Today the definition is somewhere in the lines of “cross-functional role that oversees the computer systems required to support the organization’s unique objectives and goals”. It means working hand-in-hand with Product, Marketing, Finance and other key functions to bring the best out of IT (which is much-much more these days than just “computer systems”) and create business value out of it. This includes, but is not limited to attending Product Roadmap discussions, validating ideas with Marketing, proactively improving the financial reporting and discussing the IT budget on a monthly basis. Being part of stakeholders teams and actively engaging with them and being the bridge to all IT is the key element of succession in that position. Understanding that their primary team is their peers will give them competitive advantage and success to the company.

IT/Engineering for online businesses consists of some key parts/verticals.

• Technology — what are the core principles we follow to deliver functionality to our end users, what platforms we use, which software and databases we use, what are the best practices in there and how to keep the tech excellence in the best shape that we can. For example: “We use Azure Cloud and hosted databases, building our services based on asynchronous messaging and microservices architecture”, “We do trunk based development with code reviews and utilize devops mentality with the help of our Platform team and CI/CD pipelines”, “We cover 90% of our code with unit tests, implement contract testing and are 1 months of backward compatible with all of our APIs”.
• Data — how we distill the meaningful data out of production databases and create additional value based on aggregation, segregation, defining and cleaning it and then providing a singular “fact-based” interface on top of it that anyone can use. For example: “We provide Databricks for ad-hoc queries in a non-blocking way, giving our best that data is not delayed for more than 1 hours at any moment of time”, “Our BI platform will provide SQL-like interface and provide business users response time of <1s for medium complexity queries’’, “We have 80% of our production data standardized and documented in Data Warehouse for all business users to use in a unified way”
• Security — in the connected world and considering world situations, security becomes more and more important for all online businesses. We must have an understanding of what and when happens in our systems, who has the right to access what, are there any problems and how we are sure that there are not. Some segments of companies also need to be compliant with regulators, thus the need for mandatory certificates and established processes. For example “We know, that our systems are not compromised and data not leaked”, “We have playbook in place in case of security breach”, “We have processes to continuously monitor for known security issues’’, “We have all the answers to our auditors”, “Our people are trained to be security aware”.
• (Engineering) Operations — we need to know if we are efficient in solving business problems from an Engineering perspective and are these solutions bullet-proof. For example “Our onboarding flow efficient and new people productive as early as possible”, “We have full observability of our business metrics in real-time and dashboards set up”, “Our platform provides all functionality needed for our engineers to work smoothly”, “Our business side is aware how our engineering performs based on unified metrics”, “We know, that if something bad will happen, on-call will know about it in 15 minutes”.

There is more, but for a starter and describing the scene it should be enough.

Historically, the verticals have been taken care of by people in different positions. Technology is the responsibility of the Chief Technical Officer, Data goes with the Chief Data Officer or Head of Data. Security with Chief of Information Security Officer or Head of IT Security, Engineering Operations is quite a new discipline, taken by the Vice President of Engineering or Head of Engineering Operations. All these roles are independent and if reported to each other, will create conflict of interests. For example, it’s impossible to get ISO27k if the person accountable for security reports to the CTO. Data should be separated from Technology to avoid shortcuts in data handling (“make it to production” vs. “make data meaningful”). At the same time in a modern company, where you have lots of full-time C-level people (Product, Marketing, Finance, Risk, Human Relations, etc), it’s not a good practice to report all of these positions directly to the CEO — it’s just not a good use of their time. So, it makes perfect sense to have an additional layer that takes care of all aspects related to IT under the umbrella of CIO.