Topologe : Innovative Business Intelligence

‘CIOs for Hire’ Become a New Trend in Outsourcing
April 30, 2004 www.Masshightech.com
By Alejandro “Ali” Sarmiento

IT and management are increasingly at odds. These two worlds inevitably collide, with the IT staff complaining that management doesn’t understand the importance technology has on the bottom line while management complains that IT has little awareness of the bottom line.

Typically, the task of bridging this divide is left to the chief information officer, who is supposed to have one foot in each world: a manager on one hand, but a manager who understands and speaks the language of technology.

This dual-role CIO, however, is a myth. The typical CIO is first and foremost a manager, and whatever technical savvy that person possesses is secondary to pressing management issues. CIOs tend to be reactionary, dealing with problems rather than looking forward.

To make matters worse, many small and medium-size companies don’t have the luxury of bringing in a manager to specifically handle technology purchasing and operational management. They can’t justify the six-figure salary a good CIO demands, but at the same time they can’t afford not to have the business intelligence that CIOs are supposed to provide. Instead, smaller companies rely on tech-savvy employees, whose main job is putting out fires rather than providing IT leadership.

What is needed is the same kind of flexibility and expertise that outsourcing has brought to other management areas, most notably with CFOs and HR professionals. Leadership-strapped companies, small or large, need a CIO-for-hire.

There is a talent pool available to fill this need. Many CIOs, through corporate downsizings, have become independent in recent years. They’ve become freelancers and consultants, making it more feasible to bring in CIOs on an as-needed basis.

By leveraging the existing outsourcing model, companies of all sizes can contract with a CIO for as little as a few hours per week.

For this model to work, it should mirror some of the outsourcing models that have come before, most specifically the security-outsourcing model. With security outsourcing, the first step is typically an audit, which maps out a company’s basic IT security profile, pinpoints risks and problems, and suggests fixes and planning for future security needs.

This is the same path that outsourced CIO services should follow. Before bringing in a consultant to provide IT leadership, companies must understand the nature of the IT system — what they have, what they need, and how both relate to basic business goals.

The audit should uncover business processes, or the lack of, with an eye toward the future. When this audit is complete, risks are minimized, whether it’s bringing on more disaster-recovery equipment or plugging a gap in security monitoring.

Once risks are mitigated, companies can begin planning for the future, linking IT with the future goals of the business. They can turn to a CIO who can develop the processes and policies that enable future IT governance.

New regulations such as the Health Insurance Portability and Accountability Act and the Gramm-Leach-Bliley Act are making IT leadership more critical. Companies are struggling to meet basic security and privacy mandates.

Which brings us back to CIOs. Even if the business is too small to need a full-time CIO, or if it is a larger company that is having trouble finding the right candidate to fill that position full time, CIO duties cannot be put off. Companies can find themselves on the wrong side of the law if their IT processes and practices don’t comply with these new regulations.

Again, it’s about minimizing risk. Once the risks are understood, a basic strategy can be addressed for the future of IT operations. A CIO should be a prime mover in formulating a plan for IT operations and compliance, and with CIOs joining the outsourcing trend, even the smallest companies have CIOs at their fingertips.

Alejandro “Ali” Sarmiento is Principal of Topologe LLC, a CIO-for-hire services firm based in Burlington. He can be reached at asarmiento@topologe.com.