I spied an interesting article in today’s US print edition of the Financial Times called, “A banking grandee’s rethink on the rules of the game“. Sir David Walker, chairman of Barclays and author of a government report that has proven very influential in terms of guiding recent regulatory developments, is interviewed. His perspectives over what he would do then, knowing what he knows now, are most interesting. One thing explored in the article are the roles and new board oversight committees he would put in place. One concerns risks- external and internal to the business, and specifically focusing on “unknown unknowns”. He says, for example, he didn’t know what cybercrime was five years ago.
At Gartner we periodically discuss the scope of the role of the new CDO. This emerging role is really just an excuse to put a laser-like focus on that part of the CIO’s role that has, for many CIO’s, been hard to develop and sustain. For example too many CIO’s tell us that they are too busy negotiating vendor contacts or managing physical infrastructure issues that they have little time left to look at information innovation or strategy. To help, the message is “hire a CDO”. Or, elevate the role as CIO and delegate the other stuff to someone else.
The scope of the CDO has tended to focus on information compliance (often in regulated industries) and also information innovation, information strategy and information governance including leading the Master Data Management program. Sir David Walker’s interview makes it clear to me that we should ensure the role of the CDO should also include information security and information risk management. This is not to say that chief risk officers or security and fire wall departments need to report to the CDO. I just means that there is value in a unified organizational structure where such reigns converge- as it relates to information.
Physical technology and organizational security can carry on doing what it needs to do. But those that understand the life and times of information, and its relevant impact on business operations and performance, are best suited to analyzing, understanding, and setting information policy for the entirety of the information life-cycle. I suspect this is not an open and shut case though. The role of the CDO is still emerging- there are more hired every day. And the roles assigned are different, often across organizations even in the same industry. But if I try to be prescriptive, I just feel that article and analysis from the likes of the chairman of Barclays leads me to this conclusion. What do you think?
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.