Govciooutlook

The Evolving Role of CIO

By David L. Stevens, CIO, Maricopa County

David L. Stevens, CIO, Maricopa County

1) How do you see cloud computing transforming your governance, and how have you embraced it?

We have adopted cloud services as a foundation of our strategy as cloud services provide a competitive edge to deliver technology at the speed of business. Governance becomes an important consideration as you further your adoption of could services. Data is king, so ownership, security, and clear terms and conditions become critical discussions. We are confident that as cloud services continue to mature better standards around moving packages and workloads across platforms whether on-premise or hosted will emerge.

"Measure outcomes, meet customers and spend time with business partners—be visible and give back to the industry and others"

2) Governments at all levels—local, state, national, transnational—are exemplifying the benefits of becoming e-governments. What are your thoughts on getting this act right?

Do not neglect the fundamentals – a strong, secure, and well-designed infrastructure, clear visibility into the technology financials, and a well thought-out strategic plan are essential to sustaining successful e-government services. There is much work that is done behind the scenes before the business and customers rely on these services and grow them on demand. In short – there is much prep work that needs to be done to enable digital business – and it is well worth it in the end.

3) There is a lot of buzz these days around social media, mobile, cloud and tablets. Can you share with us how some of these technological trends will have significant impact on your business environment?

The use of social, mobile, analytics, and cloud technologies is helping to provide better service on the customers’ terms. Understanding the ‘Voice of the Customer’ and delivering the right service and information—that is contextually relevant—is essential for driving future business. Additionally, the ability to provide open data will also drive new economic development opportunities and has the potential to provide solutions and outcomes for systemic issues. It is exciting to think how these technologies will drive better outcomes for citizens and businesses alike.

4) Government has lots of information but can’t use it effectively to drive business. Data is both difficult to access and needed by more applications. How do you examine the effective and proactive use of data—how to consolidate, integrate and use it to drive business?

The most challenging aspect of orchestrating and leveraging enterprise customer data is sorting out the rules and policies that govern ownership and privacy and establishing trust. Furthermore, having specific use cases and outcomes will keep you focused on the value-add. This is critical as you map your outcomes to your strategy to ensure that the business and technology are aligned to the necessary investments and a full understanding of the expectations and challenges along the way.

5) What is the difference between a threat, vulnerability, and a risk?

First, we are talking about protecting assets that hold value. To that end a threat is something we want to protect against, a vulnerability is a weakness or gap in our protection efforts, and a risk is the intersection of assets, threats, and vulnerabilities.

So in short: Asset + Threat + Vulnerability = Risk. Which is to say that risk is a function of threats exploiting vulnerabilities to damage assets. Threats may exist, but if there are no vulnerabilities then there is little or no risk. Similarly, you can have a vulnerability, but if you have no threat, then you have little to worry about.

6) Over the years, we have witnessed a massive change pertaining to the role of CIOs depending on the organization, the industry, the business strategies, the prevailing market conditions and the financial climate in terms of business value. How would you describe your own role as CIO has changed in the past couple of years?

IT is the business and the CIO is a trusted advisor to leverage technology in order to improve service, grow the business, and connect the dots across the organization. The days of the CIO simply managing the infrastructure are long gone. The CIO is a broker of services and at the same time a thinker who contemplates investments that will result in new value and growth. The CIO must be able to partner with executives across the business in order to provide the best capabilities and competitive edge necessary to bring new growth and efficiencies to the company. This takes building strong relationships and spending time with customers, industry, and company leadership. The CIO cannot be comfortable being the person behind the curtain – rather seek to be part of the team and actively look for ways to partner with the business.

7) With your rich experience of managing IT organization and steering technology for your enterprise, can you please share some of the unique lessons learned and your advice for fellow CIOs.

The ability to clearly communicate outcomes, expectations, and impacts (good and bad) in a way the business can relate to is essential to building credibility and long-term success.

Listen, establish trust, and be tenacious and bold in dreaming about what can be done—and don’t forget that failure is the stepping stone to success; be sure to demonstrate your character. Measure outcomes, meet customers and spend time with business partners—be visible and give back to the industry and others. And always remember there was someone who helped you get to where you are today. And finally it is often in the “interruptions” that we discover opportunity to exercise leadership!

8) Are there any special considerations for securing services in the cloud?

Consideration must be given to different service categories, for instance Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS). Each model brings different security requirements and responsibilities. Pay close attention to data, governance, privacy, and compliance needs. The contract terms and conditions are also critical when considering these services.