From the Other Side of the Table — CIO Questions to Potential Employers

meetingsSitting on the opposite end on the board room table, CIOs need to understand the type of organization they will be joining. Having been on the other end several times, it is important to get a sense that you will be valuable as a CIO and most importantly have job satisfaction. Below are a few questions I think can help.

  • What is your company’s mission and vision? What steps are you taking to accomplish them?
  • Can you explain your company’s brand and how it has evolved?
  • Can you describe your company’s growth (or lack there of) in terms of revenue and hiring over the last 5-10 years?
  • What do you think distinguishes this company from its competitors, both from a public and employee perspective? How is technology used by your competitors? How is a CIO role used by your competitors?
  • Can you explain your company’s structure and how a CIO role will fit in?
  • How do you see the CIO role contributing to the success of the organization?
  • Is this a new CIO position, or did someone leave? If someone left, why did they leave? If this is a new position why are you looking for a CIO now?
  • How would you describe the company’s culture and leadership philosophy and style? Could you describe the type of employee who fits well with it?
  • What are some of the technical problems facing your staff, and how to do you see the CIO role solving it?
  • How is the technology department perceived today? What past steps have been taken to correct this perception? What steps were successful or not?
  • What steps have the company done recently to show how it values its technology?
  • How does management view the CIO role and the importance of the IT department?
  • What is the company’s plan for the next five plus years, and how does the IT department fit into these plans?
  • How do other executives view IT?  As a Business Peer/Game changer or Service Provider/Cost Center?
  • How have various types of decisions been made (i.e. M&A, process changes, layoffs, loss of business, risks, new business)?
  • How will my leadership responsibilities and performance be measured? By whom? How often?
  • What would you say are the five most important skills/traits needed to excel in this position?
  • What particular achievements would equate to success in this role? What would success look like?
  • What challenges will this role face? What advice will you give to succeed?
  • Are you most interested in a candidate who works independently, on a team, cross-functionally, or through a combination of them all?
  • What is your ideal communication style? Do you meet regularly with your team, rely heavily on e-mail, use status reports or work primarily through other means?
  • How much guidance or assistance is made available to employees in developing career goals?
  • What resources will be available to the CIO to ensure success?
  • How do you see me as a candidate for the job in comparison with an ideal candidate?
  • Do you have any concerns about me or about my qualifications that may prevent you from selecting me for the role?
Advertisements

Systems Objective Scorecard

During the course of managing an IT department, it is important for IT management to understand areas of risks. There are standard best practices that can be engaged to score your department/organization. Below I have added some as a starting point. These are by no way complete.

 

Management and Planning

Objective 1

The staff responsibilities to information systems environment are assigned to specialized personnel.

Deficiencies in this objective could lead to not knowing and/or too many responsibilities associated to information systems.

 

Objective 2

The strategies about information systems, development plans and budget are mapped according to the strategic goal and company business.

Deficiencies in this objective could lead to the design, purchase/construction, development and system operations not responding to the company and business needs.

 

Objective 3

The selection of a service provider is based on company policies.

Deficiencies in this objective could lead to unsuitable service and inaccurate generated information, vulnerable or lack of integrity.

 

Objective 4

The services levels given by the provider are consistent with the Management expectations.

Deficiencies in this objective could lead to unsuitable service and inaccurate generated information, vulnerable or lack of integrity.

 

Objective 5

Users receive correct formation in use and handling the information systems.

Deficiencies in this objective could lead the incorrect use of information assets, which could cause generated information, were inaccurate, vulnerable or lacks of integrity.

 

Physical and Logical Security

Objective 1

Tools and security techniques are implemented and set up with the purpose of assuring a correct logical techniques level, narrowing the access to the programs, data and other information sources only for authorized persons.

Deficiencies in this objective could lead to unauthorized access and possible exposure, theft, modification, damage or loss of information, due to absence of proper policies, the lack of implementation of these measures on information systems and ignorance on the part of users of safety standards.

 

Objective 2

Tools and security logical techniques are implemented to monitor and control actions on information systems.

Deficiencies in this objective could lead to lack of control made actions on information systems, with possible impact in information confidentially, integrity and availability.

 

Objective 3

Information systems are correctly protected against external attacks and/or malicious codes.

Deficiencies in this objective could lead to unauthorized access and possible exposure, theft, modification, damage or loss of information.

 

Objective 4

Tools and security are implemented to allow access to information systems only to authorized users.

Deficiencies in this objective could lead to unauthorized access and possible exposure, theft, modification, damage or loss of information, due to an incorrect access profiles management.

 

Objective 5

All information resources are fixed by a correct security control, access to critical areas are restricted to authorized personnel.

Deficiencies in this objective could lead to unauthorized access and possible exposure, theft, modification, damage or loss of information, as well as failures or incidences in information systems working and other disaster or extraordinary accidents.

 

Objective 6

All company information resources are identified and managed.

Deficiencies in this objective could lead the incorrect of fraudulent use of equipment and/or data they have, leading in a possible exposure, theft, modification, damage or loss of information.

 

Applications Development and Maintenance

Objective 1

Development or maintenance applications of projects are consistent with the management’s intention.

Deficiencies in this objective could lead to the design, purchase/construction and systems development not responsive to the end users’ needs.

 

Objective 2

Migration process of replaced old applications is carried out accurately and completely.

Deficiencies in this objective could negatively impact information integrity and validity.

 

Infrastructures Operations and Maintenance

Objective 1

Infrastructure development or maintenance projects (database software, networks, equipment) are in consistent with the management’s intentions.

Deficiencies in this objective could lead to changes not responsive to the users’ needs.

 

Objective 2

Technological infrastructure are correctly identified and supported.

Deficiencies in this objective could lead to the changes not responses to the users’ needs, as well as a possible loss of knowledge in information assets.

 

Objective 3

Information systems levels of service providers are consistent with the management’s expectations.

Deficiencies in this objective could lead to the information systems not working correctly, resulting in potential risk to the availability of the information.

 

Objective 4

In disaster case, every essential business processes are recoverable in a defined time.

Deficiencies in this objective could lead to the information integrity and availability, due to incomplete, inaccurate or no recoverable data.

 

Objective 5

The information is kept in accordance to company laws, regulations and politics, could be recoverable, in case.

Deficiencies in this objective could lead to the information integrity and availability, be incomplete, inaccurate or not recoverable data.

CIO Blogs for July 2011

CIO BlogsReinvent Your Training Methods by Chris Curran

Available does not equal best by Eric D. Brown

Transitioning IT from a technical focus to a business focus by IT BS Watch

How to Kill Projects and Develop Agile Programs Part 1 by Isaac Sacolick

Free Answers From Google On How CIOs Can Be Better Managers  by Jim Anderson

ReBoot – 9 Career Lessons from Dilbert

A CIO's VoiceFrom the Business Insider’s War Room here are “9 Career Lessons From Dilbert Comic Strips”

http://www.businessinsider.com/scott-adams-dilbert-2011-5#-1

CIO Blogs for January 2011

Better Communication: Technology Isn’t Always The Best Solution by Mike SchaffnerCIO Blogs

CIO as General Manager? by Mark Brewer

Can a CIO be successful without IT experience? Define your terms! by Peter Kretzman

Four Models for success for the CTO / CIO- CTOVision by Eric Brown

Why CIOs Need Management Power Maps To Get Anything Done by Jim Anderson

How To Cope When The Boss Is A Bully by Andy Blumenthal

CIO Blogs for December 2010

Lessons from Old Backups by Mark BrewerCIO Blogs

Wikileaks Positive Side Effect for IT by Mike Schaffner

Predictions 2011 by Peter Birley

Holy Grail of IT, Operating Expense vs Capital Investment by Oh I See (CIO Inverted)

One CIO’s “lessons learned” in managing others by Peter Kretzman

Which IT project comes first – Legacy or Sexy? by Eric Brown

500 Meetings a Day by John D. Halamka

3 Skills That Most CIOs Are Missing by Jim Anderson

CIO Blogs for November 2010

CIO BlogsCreating a vision by Don Lewis

One CIO’s “lessons learned” in managing others by Peter Kretzman

Is Project Management a skill or a technique? by Eric D. Brown

Selfishness and The Paradox of Emotional Intelligence by Andy Blumenthal