Gadget

As data blurs the lines, CEO must not become CIO

The accelerated adoption of digital technologies has raised disruption in areas that have not been considered previously. Digital transformation skyrocketed upwards and onwards in a bid to safeguard customer and employee health and wellbeing, as well as data.

Consumer, business, government and non-profit organisations are all in the same boat – to help reduce safe physical distancing practices on all levels of our lives, from grocery and food delivery services to business-to-business e-commerce apps and videoconferencing solutions.

In other words, accelerated digital business disruption is the clear winner emerging from the disruption of the past year. And in some ways, this change stirred the proverbial teacup in many ways, often for the better. Organisations are now, well, (re)organising their internal frameworks and business models to stay competitive.

It has been a time when the Chief Information Officer (CIO) of medium to large organisations had quite an important seat to occupy, if not the driving seat.

Recent research by Gaertner shows that this trend will continue to pulse through the veins of organisations large and small. It is the single most disruptive shift in how businesses operate, and as a result, has broadened the scope that the CIO role should fulfil. 

Entering the age of legally protecting data

In tandem, growing sophistication of digitalisation has come alongside a broader march equally sophisticated – toward a growing demand from customers calling on their right to protect organisational data and their personal information.

Recently, in light of the Protection of Personal Information Act (POPIA) the Information Regulator, in the same vein as the Promotion of Access to Information Act (PAIA), requires that the head of the organisation, such as the Chief Executive Officer (CEO) or Managing Director (MD) designates any person holding an executive level position within the organisation to act as the Information Officer. If not formally delegated, the CEO or MD is interpreted as the Information Officer by default.

The Information Regulator further states that the CEO or MD retains the accountability and responsibility for any power or functions authorised to the Information Officer.

The duties behold by this role would need to be clearly described in the designated person’s job description – another requirement by the Information Regulator.

Blurred C-suite lines

And here is where the lines of duty within medium to large organisations might get distorted. The Regulator clearly places final responsibility in terms of POPIA and PAIA with the head of the organisation – the CEO/MD. This should not be confused with the day-to-day implementation of these acts. The information in question requiring protection is in most cases digital, or should be, in a modern and post-COVID thriving organisation.

In my experience, this responsibility naturally dovetails that of the CIO’s now amended (and leading) role with a decision-making seat at the boardroom table. The forward-thinking expertise and skills of the CIO is instrumental to entrench the business into a digital-first era.

Why not the CEO?

The heads of medium to large organisations have a very specific and all-embracing role to play. Peter Drucker, modern business futurist, said it best in 2004: “The CEO is the link between the Inside that is ‘the organisation,’ and the Outside of society, economy, technology, markets, and customers.”

It’s a wide-angle lens role that is bestowed on CEOs while everyone else in the organisation applies a much narrower focus in one direction, for the most part, according to the Harvard Business Review.

In a medium to large organisation, the CEO does not get involved with the day-to-day operations of the organisation. This is a responsibility shared (among others) by the Chief Operating Officer (COO), the Chief Financial Officer (CFO) the Chief Information Officer (CIO) and the Chief Technology Officer (CTO).

The CIO as a focused enabler of business growth

CIOs are facing unprecedented challenges to improve business outcomes, transform business models, modernise technology and enhance customer experience. In the era where privacy matters, the focus applied by today’s CIO is ideally placed to now zoom in on the protection of personal data.

In terms of the POPIA, the CIO’s job description in terms of legal responsibilities should include the following day-to-day responsibilities:

Practically, the following job descriptions are fundamental for an organisation to thrive in an age where privacy matters:

In a world where change – such as legislation affecting organisations on a systemic level – happens quickly, we need the vision of the CEO to remain uncluttered and allow him/her to the opportunity to make tough decisions. The CEO’s focus on the wider purpose will help organisations thrive, which is how I explain the final POPIA accountability role that has been placed on the heads of organisations.

The role of the CIO should be to strategically, operationally and practically transporting the organisation there via a digital highway – in my view the only road that will lead thriving organisations to where they need to be, ahead.

A visionary boardroom understands this difference.

Exit mobile version