Talking about change in IT is nothing new, but it feels like less has been written about the changing role of IT in the C-suite and at the board level. Since I believe we are in the midst of a new shift, I want to address the topic.
For the most part, the makeup and composition of C-suites and boards defy generalization. Company size, business sector, stage and the wide breadth of talent and backgrounds, make them all unique.
But if I were to generalize, I would say the trait that cuts across most C-suites (and certainly most boards) is the aversion to risk. IT has delivered many successes over the years and certainly in the last decade, but it is still often seen though this lens.
If risk is the language, how can we leverage the opportunity?
Change, Change, Change
In the 1960s, the Management Information System (MIS) manager (remember that title?) was a stranger to the big rooms like the C-suite and the board. In fact, the common habitat of MIS was in an office in the basement near the IBM mainframe.
With PCs, networking and user interfaces in the late 1970s, the groundwork was laid for a fresh look at the governance role of IT as the number of computer users started to grow.
By the mid-to-late 1980s, the IT executive began to emerge, MIS started giving way to IT, and our first CIOs were anointed. But the real shift in C-suites, while not yet really inviting IT to the table, began when the change to centralize IT budgets emerged and gave large amounts of control to the IT head (MIS manager or CIO, depending on how trendy the company wanted to be back then).
In the 1990s, the big rooms still viewed the discussion of IT to be mainly approving the annual IT capital budget. For the most part, they did not really react much to the explosion onto the scene of little things like distributed computing, the World Wide Web or the mobile phone.
Then came Y2K. The big rooms now had to deal not just with risk from IT, but material risk. In many companies, this was among the first active involvements of IT in the business conversation. While not thought of at the time, it also laid the groundwork for the IT executive to begin not only solving operational issues but helpingto lead the conversation about what could be next.
As we passed through public financial scandals (Enron and others), government regulation came pouring in. IT was seen as the builder of key infrastructure to support the bevy of new mandates. Again, IT was back in the big room solving operational issues and laying the groundwork and credibility to help lead the business.
By the mid and late 2000s, IT became intensely preoccupied with the complex roles of shifting to the distributed computing era, solidifying its role of delivering function through ERPs and other key business applications, while managing the still-steady stream of regulatory requirements and coping with the rise of the Internet.
As the 2010s rolled around, IT risk conversations in the big rooms began to shift from asking “What will be the risk if something bad happens?” to “What is the risk if we don’t act”?
“The CIO must help our companies defend against the threat of digitization and enable and empower organizations to lead an impressive assault forward”
Today, the crazy mix of social media, Cloud, analytics, and mobile technology has everyone’s attention. IT firmly has shifted from the 1990s — when only 10 percent of the leading 4,000 companies in the United States even had a CIO — to greater than 50 percent of CIOs today who report to the CEO and have accountability to at least one board committee. IT is clearly in the room.
So Now What?
IT has never been in a better place.
The big rooms will still want to manage risk and ask how IT will provide stable, resilient, and dependable systems and infrastructure. But there is opportunity to exceed expectations when answering these questions and to use earned credibility to pitch new investments in digital innovations that can underpin growth and expansion. IT needs to present these ideas not in terms of technology, but frame them in terms of revenue (yes, revenue).
The Two Next Big Things
1) The digitization of EVERYTHING
2) The next cyberthreat
The C-suite and board will want to know how key leaders are managing the risks and disruptions created by new digital competitors and digital business models.
This creates an unprecedented opportunity for IT to not only be part of the next conversation but to lead it. As our friends in Silicon Valley have warned us, “Software will eat the world.” The CIO must help our companies defend against the threat of digitization and enable and empower organizations to lead an impressive assault forward.
Finally, cybersecurity has marched into a new era. The big rooms—primary the board—will not just ask but expect regular updates and leadership in this area. If boards are not satisfied, they will get answers from other sources. IT either must lead or we will see 80 percent of the CISOs who report into the CIO today shift directly to chief compliance or risk officers. Cybersecurity is not a concern, it is a fear.
IT is fully positioned to leverage these great opportunities. The big room is looking right at us and asking us to innovate, deliver and lead.
Courtney Fisher-Lewis, Associate CIO, Saint Luke’s Health System & Ex-Sr. Director, IS Program Management, Children’s Mercy Hospital David Chou, SVP & CIO, Harris Health System & Ex-Chief Information & Digital Officer, Children’s Mercy Hospital