Chief Information Officers: Responsibilities and Information Technology Governance at Leading Private-Sector Companies

To help address the many challenges being faced by federal agencies, Congress has enacted a series of laws designed to improve agencies' performance. The Clinger-Cohen Act of 1996, for example, requires that each agency head designate a Chief Information Officer (CIO) to lead reforms to achieve real, measurable improvements in the agency's performance through better management of information resources. Recognizing the importance of the CIO position, congressional requesters asked GAO to conduct two reviews. The first, reported in July 2004, discussed the extent to which federal CIOs had responsibility for 12 functional areas that GAO had identified as either required by statute or critical to effective information and technology management, including information technology (IT) capital planning, strategic planning for information resources, and information security and privacy. This report focuses on the responsibilities of CIOs at 20 leading private-sector organizations. The questions GAO addressed were (1) What are the responsibilities of these CIOs, and how do they compare with those of federal CIOs? (2) What are the key challenges of these private-sector CIOs? (3) How do these organizations govern their information and IT assets enterprisewide?