The effective CIO : how to achieve outstanding success through strategic alignment, financial management, and IT governance

In a business world of uncertain budgets, relentless technology changes, scarce management talent, and intense production demands, theory is good, but practice sells. The Effective CIO: How to Achieve Outstanding Success through Strategic Alignment, Financial Management, and IT Governance is all about practice, successfully delivering the nuts-and-bolts for effective governance execution. It helps to dissolve the negative image many CIOs have as remote, purely rational decision machines, while demonstrating how to improve quality and throughput in your business.

This authoritative text includes governance checklists, sample IT controls, merger and acquisition recommendations, and a detailed framework for IT policies. Authored by two highly regarded IT management experts, the book provides not only a survey of existing strategies, but also includes detailed problem-solving ideas, such as how to structure optimal IT and telecom contracts with suppliers, the implications of SOP-98, and accounting for software costs.

The book seamlessly brings together two perspectives - that of a working CIO who must cope with day-to-day pressures for results, and that of an IT audit consultant with a special focus on governance and internal control. Unlike many other CIO-related books that merely discuss strategies, The Effective CIO includes easy-to-follow guidelines and governance principles that can be implemented immediately.

• Peface p. xiii
• Acknowledgments p. xv
• The Authors p. xix
• 1 Core Skills and Career Development p. 1
• CIO Roles-A Sampler p. 2
• No One Is Planning Your Career p. 3
• Strategic Planning p. 6
• Technical Expertise p. 8
• The Generations p. 8
• What Affects Compensation? p. 9
• CIO Viruses p. 11
• The Magic "AND" p. 12
• References p. 13
• 2 Information Technology Governance p. 15
• CIO Success Pills-For Best Results, Take with Governance p. 15
• Alignment-How to Avoid Growing Weeds p. 16
• First Step-Make Sure a Business Strategy Exists p. 16
• Prioritization p. 19
• Alignment Tools p. 19
• Value Delivery p. 22
• IT Risk Management p. 23
• Compliance p. 24
• Ten Steps to Sarbanes-Oxley Compliance p. 25
• Resource Management p. 31
• Performance Management p. 31
• The Nut-and-Bolt Stuff-Managing Your Own Department with Governance p. 32
• References p. 34
• 3 Information Technology Finance p. 37
• Budgeting p. 38
• Constructing the Budget p. 40
• Rational Buying p. 43
• Managing the IT Investment p. 46
• SOP No. 98-1 p. 50
• Cost Management p. 52
• Gray Areas and the Tilt p. 54
• Chargeback p. 56
• Looking Financially Smart p. 57
• Managing Contracts p. 59
• Summary p. 61
• References p. 62
• 4 Project Management p. 63
• Project Organization p. 64
• Systems Development Methodologies p. 65
• Model #1 Informal Approach-Code First, Fix Later p. 65
• Model #2 Traditional Approach-Waterfall p. 67
• Model #3 Rapid Prototyping/Rapid Application Development (RAD) p. 68
• Model #4 Agile Methodologies p. 68
• Model #5 Rational Unified Process (RUP) p. 71
• Model #6 Out of Scope/Embedded Project p. 73
• Project Dynamics p. 73
• Why Do Projects Fail? p. 73
• Planning the Work p. 75
• Project Risk Assessment p. 76
• Scope of the Job-The Program Management Office's (PMO) Dilemma p. 81
• A Practitioner's Perspective p. 83
• The Future of Project Management p. 86
• References p. 86
• 5 Creating Good Enough Code p. 89
• How Do You Do Good Code? p. 89
• How Important Are Coding Standards? p. 90
• Toolboxes Are Useful p. 91
• Some Example Guidelines p. 91
• Release Philosophy p. 91
• Porting p. 92
• The Ultimate Answer-Hire Good Developers and Keep Them Happy p. 93
• References p. 93
• 6 Enterprise Architecture p. 95
• Develop the Business Model p. 98
• Business Drivers and Selling the Enterprise Architecture (EA) p. 100
• Information Architecture and Process Modeling Perspective p. 101
• Technology Architecture Perspective p. 105
• Road Map to an Effective Architecture p. 107
• Business Architecture p. 107
• IT Architecture p. 108
• Pushing Out the EA-Communicating with Management and Employees p. 109
• The Outsourcing Alternative p. 110
• Tools p. 111
• Enforcement and Governance of the EA p. 111
• Architectural Maturity p. 114
• Putting It All Together p. 116
• References p. 118
• 7 Mergers and Acquisitions p. 119
• The CIO's Golden Opportunity p. 120
• The CIO's Two Responsibilities p. 120
• Responsibility #1 Due Diligence p. 120
• Staff Due Diligence p. 123
• Responsibility #2 IT Integration p. 124
• One Approach to Integration p. 126
• Success Factors p. 128
• References p. 128
• 8 Sourcing p. 129
• The Pendulum of Opinion p. 129
• The Traditional Pros and Cons p. 130
• Pro-From the Provider's Perspective p. 130
• Con-From the Customer's Perspective p. 131
• To Outsource or Not to Outsource? p. 133
• Xshoring p. 134
• The Proximity Factor p. 135
• Keeping Xshoring and Sourcing in Perspective p. 136
• Sourcing Is More Than IT Services p. 137
• References p. 137
• 9 Business Intelligence and Analytics p. 139
• Getting Started-Selling Business Intelligence (BI) p. 140
• Value Proposition p. 141
• Core Components p. 145
• Data Warehouse p. 145
• A Data Warehouse Alternative p. 147
• Predictive Analytics and Data Mining p. 148
• The Nuts and Bolts of Predictive Analytics p. 150
• Data Mining p. 151
• Survey of Business Uses p. 151
• Security and Data Quality p. 151
• Effective Implementation p. 153
• Distributing the Intelligence p. 155
• Organizational Structure p. 156
• Roadblocks p. 156
• What Elephant? p. 158
• The Bottom Line p. 158
• References p. 159
• 10 Security p. 161
• The Sources of Risk p. 162
• It's about the Money-Script Kiddies Persona Non Grata p. 162
• Defense in Depth p. 162
• Tools and Defense Automation p. 163
• Frameworks p. 165
• Telephone Security p. 166
• A Checklist for Building Security p. 167
• Some Comments from Security Practitoners p. 168
• References p. 176
• 11 Training p. 179
• Tools p. 180
• User Needs Vary p. 181
• How Much Training Is Needed? p. 181
• Seminars or Vendor-Specific Training for IT p. 182
• The Harsh Punishment of Silo Knowledge p. 182
• Knowledge Management p. 183
• 12 Effective Use of Consultants p. 185
• Becoming a Skilled Buyer of Professional Services p. 185
• On One Side of the Table: The Consultant's Objective p. 186
• On the Other Side of the Table: The CIO's Objective p. 186
• Matching Interests p. 187
• Some Miscellaneous Defense Tactics p. 189
• Knowledge Transfer p. 191
• A Few Closing Comments about Consultants p. 191
• Reference p. 191
• 13 Operations p. 193
• Tree Houses Are Great for Kids p. 193
• Management Frameworks p. 193
• Change, Configuration, and Release Management p. 194
• Help Desk, Incident and Problem Management p. 195
• Capacity Management, Service Levels, Availability, Job Scheduling p. 195
• Day-to-Day Management p. 197
• Some Common-Sense Approaches to Good Operations p. 197
• Cloud Computing p. 198
• The Bottom Line-Discipline p. 199
• References p. 199
• 14 Futures p. 201
• Society and Demographics p. 202
• Technology p. 203
• References p. 206
• 15 CIO Interviews p. 207
• Appendices
• A Examples of Key IT General Controls p. 225
• B Eamples of Key IT Application Controls p. 231
• C Project Management Artifact Examples p. 237
• D IT Risk Assessment Checklist p. 247
• E Due Diligence Checklist for Mergers and Acquisitions (Business) p. 257
• F Due Diligence Checklist for Mergers and Acquisitions-IT p. 281
• G Example IT Policies and Direction for "XYZ Corp" p. 285
• H Recommended Reading p. 315
• Index p. 317