In such situations, Powell may work to find a solution by, for instance, obtaining a written exception to the contract from the agency client. But that works only some of the time. "If the organization or technology provider hasn't structured their product in a way that provides the appropriate legal and technical protection, it becomes difficult to work with that product," he says.
When that happens, the internal conversation can be difficult, but Powell says it's easy to make his point: "My response is, 'Do you like your paycheck? It comes from clients writing us checks, and if a client fires us for being in breach of contract, it becomes harder to pay.'"- Minda Zetlin
How can CIOs, without a big-picture view of the organization and its strategy, make judgments like these? They'd better get that big-picture view, advises Frank Petersmark, CIO advocate at management consultancy X by 2 in Farmington Hills, Mich., and former CIO at Amerisure Insurance, a 102-year-old property and casualty company with more than $600 million in direct premiums, also located in Farmington Hills. "You have to put technology risks into business terms," he says. "If there's a data breach and customers' information is out there, how will they feel about it? How will it impact sales or profitability?"
It's part of the new CIO role. "The CIO has evolved from CIO 1.0, techie person in the room where the lights are blinking and we don't know what they do," he says. "Now we're up to, I think, CIO 6.0, moving toward a full business partner with executive colleagues. You're expected to know the business domain of your organization as well as anyone who works there. And the reason is obvious. Technology is such an enabler or disabler now, that's the kind of IT leader they want."
4. Establish a Technology Risk Profile
Your corporate leaders, working with your company's financial advisers, have undoubtedly determined what their "risk appetite" is when it comes to investments — how much loss they are willing to risk in pursuit of financial gain. They've likely done the same for their personal investments.
It's time to look at technology through the same lens. Petersmark suggests that IT could go to the C suite and say, "We've done some thinking about it and we can make a bigger splash in the marketplace if we are a little more open to risk. And we'd like you, Mr. or Ms. CEO, to help us think about it and give us a place on the continuum between market impact and business gain to risk of business loss."
A smart organization would take this approach, he says, "rather than just leaving it to the CIO to be like Caesar with the gladiators, always pointing thumbs up or thumbs down."
Sign up for CIO Asia eNewsletters.