Menu
The Virtual CIO: How Does It Work?

By Mark Gianturco, CIO on 12/1/20 8:00 AM

When it comes to ensuring continuity across your IT initiative, many organizations don’t realize just how little they know until they are faced with the departure of a chief information officer (CIO) or chief information security officer (CISO). Between understanding your ongoing technology investments and accurately gauging workers’ morale, these moments can be a wake-up call for organizations not prepared to adapt.

While filling the role left by your CIO will be a priority for many businesses, a virtual CIO (vCIO) can help you bridge the gap between the departure and making a permanent hire.

In our most recent blog post, we discussed the many factors that organizations must be aware of to ensure continuity and minimize risk at such crucial junctures. In this post, we’ll break down some of the more concrete ways that a vCIO helps businesses get a handle on their people, processes, and technology to refocus on growth.

Management of People

A vCIO’s primary goal when it comes to managing people involves minimizing single points of failure, as well as understanding and maintaining worker morale.

To get a handle on these factors, vCIOs will develop resources like organization charts and questionnaires. These artifacts should be standardized yet also tailored to different areas, such as IT and security. Applying these resources typically involves a combination of meetings, interviews, and informal observations.

Over time, a vCIO will often identify a core group of key personnel who can help them understand risks at a granular level. For instance, are the main risks project-based or team-based? What are the expectations around individual projects, and what could throw the team off schedule? Are there key benchmarks that need to be met?

Management of Processes

Some organizations rely on rigid, formal processes; others thrive when their teams are given more freedom. A vCIO’s job is to understand the processes that do and don’t work for your business.

For example, one common risk around processes emerges when a software development team is tasked with getting to market quickly. The right way to minimize ambiguity in the software development lifecycle (SDLC) involves wireframes, storyboards, and more. However, certain circumstances may call for such procedures to be carried out in a more ad hoc manner.

To determine the level and type of process your organization needs, vCIOs must look carefully at why tasks are being carried out in a specific way. If the process is light, are there good reasons for this? Or are there holes where more robust guidelines would help? A vCIO will always be on the lookout for the risk of scope creep, as well as places where different processes overlap.

Security

When it comes to security, what an organization claims it does and what it actually does are often very different. This can present a challenge to gathering reliable information.

To reduce risk and improve efficiency in this area, a vCIO starts by talking to people who understand security awareness. Informal conversations are especially helpful in determining adherence to your internal processes, as well larger issues such as compliance with federal regulations.

From there, a vCIO will turn to specific artifacts. While physical, logical, and administrative security are all important, administrative security will present the most opportunities for gathering concrete information. For instance, checking audit logs will enable the vCIO to see if users are following procedures for logging in, signing out, and rotating their passwords.

Application Development

One of a vCIO’s main goals is determining whether your organization’s technology investment is aligned with its larger vision. Ensuring that your current tools are efficiently meeting users’ needs involves eliminating risk as well as eliminating waste.

To get started, a vCIO will conduct a technology audit and have informal conversations with users who fill a variety of roles. Relevant questions include: What are the pain points in your SDLC? Do you have any redundancies or viable backups in your toolset? Finally, what support is available for these products?

In thinking about both your SDLC as a whole and individual tools, vCIOs will be especially on the lookout for instances of data lock-in. If your company finds that it’s dependent on particular software to freely access its data, you’ll need to react quickly to keep control over your information and avoid further technology expenses.

Strategic Projects

When it comes to ensuring continuity in strategic initiatives, the vCIO’s goal is to determine what information the departed CIO had that others didn’t.

Even if the vCIO has come in right when a project is about to launch, understanding how these initiatives fit into longer-term goals is crucial. Often, for example, there may be a small set of strategic projects that cannot fail in order for a larger initiative to move forward. Additionally, leadership may have important reasons for not wanting to unveil a project until a certain time.

Understanding the factors at stake in a given project also requires carefully sketching out a project’s champions and stakeholders. Who is impacted, and how? When determining stakeholder sentiment, a vCIO will need to know whether they’re speaking to someone with a particular interest in or issue with a given project.

Culture and Environment

While establishing relationships with leadership is essential for keeping strategic initiatives on schedule, assessing an organization’s culture often hinges on lower-level relationships.

Keep in mind that understanding relevant influencers often means looking beyond just roles and job titles. Because a company’s vision statement doesn’t necessarily translate all the way down, informal conversations and observations are key. Expect vCIOs to be as involved in everyday tactical meetings as they are in high-level strategy sessions.

The departure of a CIO will inevitably leave your organization with questions, but enlisting the help of a vCIO service can help keep your projects and your people on track. By providing an objective look at your business’ IT practices, the right vCIO can help your team work more efficiently and at a higher level of quality.

es_ESES