CIO Decisions

RPA: Mapping out a plan for enterprise automation


News Stay informed about the latest enterprise technology news and product updates.

Corporate boards seek more IT expertise, but CIO presence still small

Interest in recruiting CIOs to corporate boards is rising, say recruiters, but board presence is still rare and the CIO talent pool for these appointments relatively shallow.

For nearly 20 years, recruiter Shawn Banerji has seen corporate boards seek out high-tech company CEOs when they wanted a technology perspective.

These boards for years generally dismissed the idea of bringing on CIOs, believing IT executives lacked the commercial, business and strategic vision required to help steer companies, he said.

But Banerji, managing director of the technology officers practice at Russell Reynolds Associates, started to see a change about three years ago, as boards started to grapple more and more with cybersecurity, digital transformation and burgeoning technology budgets.

"That started to create some momentum to bring CIOs onto the board," Banerji said.

Several years ago, Banerji conducted just one or two searches annually for corporate boards seeking CIOs. Now, he said he's conducting five to 10 a year and expects more in the future, as an increasing number of Global 1000 companies look for such talent.

How CIOs add value to boards

Martha Heller, president of Heller Search AssociatesMartha Heller

Current statistics on the issue are difficult to find, but several leaders in this space confirmed they, too, see a growing number of corporate boards seeking CIOs to serve. They said boards need the unique insight into the transformative qualities of IT that successful CIOs can bring to the boardroom.

Experienced CIOs can bring a range of skills, from their expertise with governance, to their in-depth understanding of the IT organization and its budget, to their experience working with business leaders across the entire enterprise, said Martha Heller, president of Heller Search Associates, an IT recruiting firm in Westborough, Mass., and author of the forthcoming Be the Business: CIOs in the New Era of IT.

"Boards that don't appoint CIOs are at a disadvantage," she said. "They're missing out on board-level governance of an area that has the potential to make or break a company."

Shawn Banerji, managing director of the technology officers practice at Russell Reynolds AssociatesShawn Banerji

Like Banerji, Heller said corporate boards in the past sought out CEOs of high-tech companies when they wanted to gain technology insight, but have recently started to reach out to CIOs.

"Boards have come to realize, to their credit, that high-tech CEOs are not what they want. They want a CIO. A high-tech CEO knows his or her niche in the market; they don't have the breadth and depth that a CIO has," she said.

Boards have come to realize, to their credit, that high-tech CEOs are not what they want. They want a CIO. A high-tech CEO knows his or her niche in the market; they don't have the breadth and depth that a CIO has.
Martha Hellerpresident, Heller Search Associates

Boards often first seek out CIOs in response to something negative, Heller observed. They experience or see a competitor experience a cybersecurity breach, or they fall behind in leveraging technologies.

Richard Chambers, who as CEO of The Institute of Internal Auditors often works with boards, said a growing list of regulations, legislation and best practices require boards to demonstrate more oversight of risk.

"And there's nothing that jumps out at you more than technology risk," he said.

Yet, most board members don't have a strong enough technology background to fully assess their companies' cyber-risk profiles, he said. Without an IT expert on the board, members may overly rely on management's assessment of technology risk.

Richard Chambers, CEO of The Institute of Internal AuditorsRichard Chambers

"They won't have anyone in the room to speak up and say, 'What about X or Y?' If you don't have someone on the board who is able to stimulate that kind of conversation, as a board, you're at the mercy of management in how they characterize performance, risk and the assurances they're given," Chambers said.

But technology risk expertise is not the only reason to put CIOs on corporate boards, Chambers said. "A good CIO is one who not only has the technology background and the cyber expertise, but also has a keen sense of business strategy and strong business acumen."

Why CIO board presence is still low

Not everyone sees a growing demand for CIOs to serve as directors, however.

Paul DeNicola, a managing director of PwC's Governance Insights Center, cited data showing less than 5% of public company board members have a technology background.

However, that doesn't mean boards aren't seeking out the expertise, DeNicola said. PwC data showed boards are increasingly relying on consultants to help them navigate the complex technology landscape. In 2012, 27% of boards used an outside adviser to advise them on IT, but the figure jumped to 45% in 2015.

Paul DeNicola, managing director of PwC's Governance Insights CenterPaul DeNicola

"That tells me that trying to put a CIO on the board isn't the top priority," he said.

But the situation could change, he added. "Companies, particularly companies in a high-profile public-facing business, may choose to put CIOs on the board in the future, but the more pervasive trend now is using advisers."

Heller and Banerji agreed the numbers of CIOs on corporate boards are still relatively low, despite rising interest in having more technology oversight. Heller estimated less than 20% of boards have CIOs on them.

Korn Ferry on CIO board recruitment

CIO: 'The CIO is the fastest-growing segment of board construct'

And even if more boards want to add CIOs, they face challenges doing so. Observers say many CIOs lack the experience and expertise to sit on boards -- in particular, boards at the large companies that are the ones currently seeking them out.

"They're looking for a business person who has experience with large-scale transformation and has a commercial orientation and governance experience," Banerji said. "They're looking for people who have gone through and faced similar challenges and opportunities and the same scope, scale and complexity as to what they're facing in their current organization.

"The challenge is that many operating CIOs do not have meaningful experience interacting with boards," he added, "even if it's just within their own company."

Article 1 of 4

Next Steps

Recent articles by Mary K. Pratt on SearchCIO:

CIO role in moving to DevOps

IT 'lights-on' team a partner in digital transformation

Companies asking CIOs to get more involved in mobile

Dig Deeper on Leadership and strategic planning

Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

A couple years ago had an article "Corporate Boards Are Hungry for IT Info from CIO's.  I agreed with the premise then, and I agree with it now. 

At the beginning of 2016 I stepped down as a Director of Technology with my company to take a security position (non-Director).  The motivation behind me doing this is to get exposure and time as a manager of security and risk.  I see my next position as CIO or CTO and believe that this experience will be invaluable.  It will also help with working with boards and being able to give them a more holistic view of the company. 

With CFO's (typically responsible for risk for the company) becoming more and more aware of their lack of technology understanding, the partnership of the CIO and the CFO is critical.  As the laws change and boards are becoming mindful of the risks and expenses around technology, this shift to CIO's being on boards, to hiring outside consultants to assist with boards, etc. is the logical step. 



You, Shawn Banerji and Richard Chambers each highlight important topics.  I concur that CIO’s bring essential skills and perspectives to boards; most notable are their years of deep experience regarding IT risks and the requisite governance associated with the successful execution of large-scale enterprise IT programs and the clear business value (as well as risk reduction) such programs provide. I concur with Martha Heller’s comment regarding CEOs of high-tech companies; (when what is needed are CIO skill sets).  More importantly, Heller’s comment addresses an important question, “what challenge is the board trying to solve?”  Considering the example provided (breach), the CIO’s core skill set may not adequately address the digital risk and security aspects of the breach due to an advanced cybersecurity threat.  There is today a healthy dialog regarding a more prudent separation of duties between the CIO and the CISO.  The proposed separation (where the CISO works to the chief risk officer or chief counsel) addresses the unique incentives both are chartered to meet; incentives that, at times, conflict.  If the largest challenge to the board is getting the governance of large corporate enterprise IT under control, the program’s value clearly aligned with corporate strategy and objectives, and reducing technology risk, then I agree, pick the CIO of a high tech company as a board member.  If however, the largest challenge facing the board is a complex and serious threat to the company’s digital security, compliance with myriad state, national and international digital security compliance schemas, previous logic would suggest the board bypass selection of a CIO, and look to picking a CISO of a fortune 500 company; one with deep experience within a market arena targeted by the most advanced global cyber threats and subject to compliance with intense regulatory oversight. A CISO with such experience would provide the board perspectives of digital risk and security aligned with clear, understandable and actionable business impacts, directly aligned with the board’s charter to provide strategic guidance to the company’s executive suite.

Mike Steinmetz

President, Digital Executive Ltd

Since the companies, products and even the market is changing because of disruptive technologies, if the Board doesn´t have the right people in order to understand what IT could bring (good or bad), it can decide badly enough to put the company in jeopardy

Get More CIO Decisions

Access to all of our back issues View All