CIO roles: Developing 'safe and sound' IT systems

Typical CIOs have likely seen a dramatic evolution of their role and responsibilities, as their companies strive to successfully adapt to the digital economy. For Frédéric Véron, this evolution included a new title: In addition to chief information officer, he is also head of safety and soundness at Deutsche Bank, where his team strives to ensure quality IT operations from development to launch.

At the 2018 MIT Sloan CIO Symposium, Véron discussed how CIO roles continue to evolve as companies make digital transformation a priority. In this Q&A, he discusses how his typical CIO responsibilities expanded into the head of safety and soundness role at Deutsche Bank and how it helps ensure quality of IT operations.

What do you do as the head of safety and soundness, and what does that title mean, exactly?

Frédéric Véron: To make it very simple, it is pretty much production support for all systems at the bank. It is IT operations, but we didn't want to call it 'IT operations,' because it is not just IT operations. It's about focusing on the safety and the soundness of all the systems as we create them, even before they get to production.

Frédéric Véron

The role of the organization is to support those systems -- day in, day out, weekends, nights -- but also to work with the teams that develop the next version of the systems to make sure that they are developed in the correct manner. We are involved in the planning, in the design, even the construction and the testing. 
 
We are not doing it for them, but we are actually with them, looking at how they do it so that we get systems that are better instrumented, more reliable, more resilient, have better performance, are more flexible and so forth. That is why we call it 'safety and soundness.' We want to be involved much earlier in the lifecycle of those systems.
 
It sounds like the role suggests the level of security in these systems, too. Is that expansion of typical CIO roles intentional?
 
Véron: We have a chief information security officer that focuses on information security, but my group also has security operations people that focus on access rights, access management, things like that. So, it does have the security aspect.

When you look at the SDLC [software development lifecycle] to prepare a release from the planning all the way to production, there are a number of tools and systems we use during the course of the SDLC process to actually scan the software to make sure that it is safe from a security perspective.

I have been noticing at this year's MIT Sloan CIO Symposium that there seems to be this sort of blurring between the chief digital officer and CIO roles. Is the CIO being asked to take on more of a digitally forward role than they were a couple of years ago, or is that an anomaly this year at the conference?
 
Véron: No, I don't think it is an anomaly. I think people are having that discussion left and right these days. For me, it is still bizarre, because when you think about it, IT and digital [are] the same thing. IT is information technology and, for many years, has been digital. Analog has left us, you know, 50, 60 years ago, so we are already digitized.
 
I think what people mean by that is that they want a chief digital officer or head of digital products with them, closer to that front part of the business, closer to the day-to-day life they have with their customers, closer to the customer experience. Often, the CIO doesn't have the opportunity to spend that much time there, because he or she has to support plenty of other systems that are deeper into organization and not customer-facing. It is a question of focus.