Capabilities of CIO
An aspiring CIO should practice the above soft skills in order to perform the following capabilities. CIO should be able form a strong visionary leadership among the IT department personnel. He should be able to implement IT strategy for the organization. CIO should be able to form a stable technical architecture within the organization. He should be able to clearly communicate the business priorities and should be able to link the business plans to the technical architecture. The IT skills portfolio should be manageable to different projects under the observation of CIO. Above all, it is the responsibility of CIO to create a convenient place to work. The CIO need to ensure the Information security to provide information assurance in the organization, for which he/ she need to keep a tab on the data on project and risk events. According to John W. Von Stein, as cited in Gregory S Smith, the communication of CIO should be filled with “empathy’. And the authors suggest the CIO s to be aware of their communicative strengths and weaknesses and to be aware of different communication channel. John R.Sullivan as cited in Gregory S Smith further advises the CIO to fin the convenient places to practice the public speech. Another suggestion found in the book of Gregory is to observe the peers and colleagues, orators in the professional events an forums to learn and discern good and bad communication practices an to learn more than just technical jargon.
‘Rounding’ is another aspect suggested by Nelson as cited in Gregory that has to be practiced by CIO. Daily rounds on the office grounds to have an informal communication with staff and paying a visit or giving a call to customer to know their satisfaction, feedback on quality and concerns will make a difference in effective communication.
Why Capabilities are Important to CIO
Soft skills, like communication development, improving business knowledge, improving leadership and motivational skills, developing strong negotiation skills have become necessary for the CIOs. In any organization CEO think and talk in terms of Business goals. Where as a Technical person like CIO, if speaks in pure technical terms, it creates a wide gap of communication and hinders the execution of functional operations. Besides CXOs and company executives, a CIO needs to interact with outside vendors, contractors for HR sourcing, IT staff, suppliers and Customers. However, the CIO 2004 survey as cited in Gregory S smith, reports that CIO’s success depends on effective communication and personal skill mastery in dealing with the CXOs and company executives than any other above said role. The major responsibility of a CIO in any organization is ‘Proving the Value of IT’ within to both inside and outside parties. In order to make a successful position in an organization, a CIO needs to have an ability to communicate effectively far above than the ability of technical proficiency (Gregory S smith).
IRM Context
Information Resource Management (IRM) supports the organizational Enterprise approach for IT. IRM according to Lewis et al. (1995) consists of the following dimensions. Starting with Chief Information Officer (CIO), the components include, IT Planning, IT Security, Technology integration across the organization, Advisory committees on IT decisions, IT integration, Data administration, However in order to perform this IT governance, IRM needs to identify information sources, type and value of information the resources provide, and the ways of classification, valuation, processing, and storage of that information.
Governance in IRM
Information resource management in an organization includes Information governance and Information stewardship programs. Information governance, Information stewardship, backed by technology and standards, are essential factors for in Information resource management. A logical Information resource management is required to integrate the various sources of information together, from different functions and departments of organization to be presented for a concise and logical representation.
Information governance has to be defined before implemented in order toe maintain an effective IRM. Different types, forms and the utility of Information sources have to be identified under governance program. And then this information has to be further molded under a vision aided by policies and guidelines. Information governance is the execution of authority over the management of Information assets and performance of Information functions. Maintenance of information resources in organization like, Paper or computer files, file media (CD/DVD/Hard drive), Databases, Data warehouses, knowledge bases, Software applications, books, manuals, policies, networks and telecommunications, Web sites, firewall etc., will all come under governance. Creating Identity to information is the key aspect of governance in IRM.
Technology trends, Utility in Government and EA
Data warehousing, Business intelligence are some forms technology that observe Information governance. The E-government initiatives eliminates drawbacks associate with the paper work like prolonged decision making missing data, data dependencies for file authentications etc., Another form of IRM is implementation of Enterprise Architecture. Enterprise architecture and IRM plays a role in organization in maintaining compliance, data protection, discovery, privacy, and knowledge sharing. EA contributes the IT governance in the following ways: EA provides a holistic overview; It helps to track IT targets and IT responsibilities; EA manages standards and ways of working; EA helps to identify the IT risks; EA helps in maintaining IT stability
Information Assurance
When an organization observes Information Assurance, it is assumed that it has a defined security policy, approved security architecture and implemented security features. Such organization’s IT confidence is based on analysis involving theory, testing, software engineering, and validation and verification. An Organization is said to offer Information assurance, if the CIO is capable to ensure the following five attributes – Availability, integrity, authentication, confidentiality, and non-repudiation.
Information availability can be termed as access to right information in the right format in the right time. Integrated information should a avoid data replication, should cover entire enterprise and all access medium. Authentication ensures that Validated and verified users and devices should distribute information for effective interaction. Confidentiality can be maintained to maintain the trust of the users with regard to sensitive data in the integrated and authenticated system. Sometimes confidentiality should also involve the aspects of physical security. Non-Repudiation means showing compliance to the norms for the integrity and origin of data at any time; such features include, Data signatures, encryption, third party validation etc. E-travel, E-payroll, E- training, E-clearance, E-authentication are some of the Government initiatives in establishing Enterprise architectures that work for the benefit of public.
However, as different stakeholders like civilians, criminals, IT staff and Government staff all perceive utility from the e-governance initiatives, the Information with such activities should maintain certain authentication tools such as, Passwords for access logins, Biometrics, Cryptography, Digital signatures, Vulnerability checks, Intrusion detection systems, Firewalls, Virus Scanners, organizational backups, multiple paths.
Role of IRM in Government
In Government, the IRM initiatives can be observed through the practice of various acts like, Clinger-Cohen Act of 1996(P.L. 104-106, Division E), E-Government Act of 2002(H.R. 2458),Government Paperwork Elimination Act (GPEA), Defense Acquisition Workforce Improvement Act (DAWIA), OMB Circular A-11, OMB Circular A-130, Presidential Decision Directive (PDD)-63
CRM
Customer Resource Management is such a critical application where information has to be assured to the interest of customers and the clients between the stakeholders like organization and its suppliers or partners. CRM architecture has a concern for security of and dependability of information.
For the applications like CRM, the Information Assurance management has to be implemented to assure the aspects like – Security and Dependency.
Under Dependency, critical infrastructure like electric power grids and communication devices should be properly configured in order to maintain connectivity with the customers. Security violations can be checked through proper Information security policies. And the infrastructure management should ensure the IT operations not only through proper Network system, admin policies or back up policies but also by ensuring the communication equipment that does not depend on the Wall power.
Importance of Enterprise Architecture
Enterprise architecture aligns IT to business needs. EA acts as common platform for the stakeholders to interact and execute functional operations. EA improves the capacity of decision making and make effective project schedules. EA architecture also escalates the hidden risks an tries to terminate them at the initial state. EA architecture provides contingency plan for key areas and documentation for every process.
Enterprise architecture has to deal with the challenges like, Concept of uncertainty, Integration of large activities, Efficiency in dealing with bulk data, Maintenance of quality in each organization, Adaptability across the organization and cost.
Role project and risk management play in Information Resources Management
A Well Planed Project Management can aid the overall Information Resource Management. An IT project management plans the resources like- humans, Physical, Infrastructure required and time and cost along with other dependencies. A Project manager coordinates all the project activities and sees to that the project is delivered in time with quality and is not overrun. Information Resource management can be build basing on the reliable data from different project to assign and allocate resources in time and within budgets. Similarly Risk management is another process that contributes a lot to the IRM in addition to the technical risks. Risk management not only identifies the risks but also assesses the nature and severity of risks to suggest recommendations on risk mitigation plans to different executing departments. While having such risks at distance, IRM can be assured by CIO in the practicing organization.
The importance of Project management can be identified by the inputs it contributes to IRM – like nature, number and abilities of human resources in the form of Intellectual property, the input and output of information sources like PCs, laptops, printers and their configuration and safety, etc.,
The risk management is important with its contributions on vulnerable point that are to be strengthened in the IRM plans and strategies, the contingency plans and back up systems required in the high risk instances in order to ensure recovery, etc.,
References
- David J Skyme, Information Resources Management, Web.
- Smith, Gregory S., Straight to the Top: Becoming a World-Class CIO, John Wiley & Sons, Inc., Hoboken, NJ, 2006 — ISBN: 0-471-74478-6
- The future of enterprise information governance.
- Matthijs van Roosmalen, Stijn Hoppenbrouwers, Enterprise Architecture Rule Management: A Synthesis of Stability and Agility.
- Yi Qian, James Joshi, David Tipper, Prashant Krishnamurthy, Information assurance: Dependability and security of networked information systems.