The CIO Handbook

By Eric J. Brown, William A. Yarberry, Jr., Christopher Cragin

© 2012 – Auerbach Publications

576 pages

About the Book

Focusing on enterprise architecture, this book addresses the management of information technology for commercial, industrial, and governmental organizations. It presents the fundamentals of technology management, surveys current technologies, and details how to build a tactical and strategic roadmap for transformation. Coverage includes consumer drive architectures, business intelligence and analytics, content management, business continuity and disaster recovery, security, dashboards and scorecards, as well as IT strategies. The book’s appendices cover IT policies and procedures and include sample enterprise roadmaps for architecture and strategic direction.

Table of Contents

Soft Skills, Part 1- Managing Yourself

A little soft skill goes a long way

High cost of human friction

Words to effort ratio

Too smart to learn?

Internal and external cultures

Soft Skills, Part 2 - Managing Other People

Hiring the right people

Counterproductive behaviors

Peter Drucker's principle - no one is incompetent but some are in the wrong job

Creating self esteem

Retaining talent - acquisitions and mergers

Motivation beyond cash

The fourth R

The CIO as Runner

The 90 day sprint

Multi-tasking is not natural- you have to work at it

How established CIO's spend their day

Transitioning from the 100 meter run to the marathon

Innovation Incubators

Ideas need to mingle

Diversity - what if the smartest people in the room went to the same schools?

White space - places to think, create, discuss

Curiosity - customers, processes, product

Leverage the thinkers, leverage the doers

ClO's as resident intellectuals but with an eye towards practicality

Completing Projects and Not Completing Projects

Project delivery organization

Common project management methodologies

Project scope and creep management

Planning the work

Risk assessment

Perspectives from practitioners

People-centric versus process-centric

How to stop a project gone bad

Possible futures for project management

Managing Other People's Money

The CIO as financial information "pro-sumer"


Services approach

Asset management

Rational buying

Managing contracts

Business modeling - calculating the financial impact

Complex tracking and cost allocations


Financial acumen and the CIO's career path

Enterprise Architecture and IT Strategy

Why this chapter is so long and so important

Elements of a complete Architecture

Implementation - going against a headwind




The New World of Packaged Parts

AP versus drag & drop - this is not your granddaddy's programming

Levels of modules and abstraction madness

The rules of picking "off the shelf" systems, programs and objects

Business Intelligence and Analytics

The analytics culture

In God we trust, all others bring data

A sampling of tools

Example applications

Metrics, Dashboards and Scorecards

Driving without a gas gauge

A strategic foundation - what is to be measured?

Selecting metrics and goals

Executive versus operational dashboards

Designing practical balanced scorecards

Some real-world examples

Security - Embracing the Hassle

The biggest enemy: perception of the unstoppable hacker/insider

Start with the top ten list

At least manage to the checklist


Defense in depth - a layered approach

A smorgasbord of prevention/detection/control technologies

Access controls & operations

Physical security - it is still relevant

Application security

Database and file systems protection

Telecom and network security


Business Continuity and Disaster Recovery

Disaster recovery and business continuity planning - different spelling, different meaning

Varieties of disaster recovery

Critical applications and people inventory


Fail over complexity

Critical measurements

Embedded links to minor (relatively unimportant) systems

BCP/DR in a world of cloud computing, software as a service, infrastructure as a service, everything as a service

Traditional offsite storage - still needed?

Recovering from a hostile security breach

What true business continuity means to the business (what the business units have to do themselves)

Testing and the certainty of surprise

Content Management

Content/knowledge/information management

Web Presence with CIO Guidance

Web development needs structure

Silo development

What IT brings to the table

Operations - IT's Gyroscope and Satellite Navigator

Operations is the base of all IT - fix it before anything else

Service desk perspective

Basic control functions

Service level agreements

Relationships with other groups within IT

Operations/infrastructure design and architecture



ITIL pros and cons

Consumer Driven Architectures

Back in the day, new technology was imposed top down

Today, it is served bottom up {consumer products drive corporate "needs"}

Ounce weight devices for all of us?

Opportunities and strategies for social networking and web X.O


Outsource it all? Just one overworked contract administrator?


Learning to Love the Data Explosion

Hadoop culture

Dust off your dad's old IBM "THINK" placard

Worry about the unknown unknowns

Search appliances

Growth of sources, volumes and granularity

Challenges and Opportunities in Selected Industries



Exploration and Production (Oil & Gas)


Supercomputing - It's Getting Cheaper

Why it matters for the rest of us (not just physics labs)

Quantitative speed change becomes a qualitative leap forward

Analytics on a laptop?


SIMD and MIMD architectures

Supercomputing challenges

Weird Futures

"Beam Me Up"

Emerging worlds

i. Personal fabrication devices

Why we're always surprised

CIO Interviews

4 to 6 CIO's will be interviewed


Example architecture roadmaps

IT general and application controls

IT risk management checklist

Security checklist

Budget spreadsheet techniques

Recommended reading

Some websites of interest

About the Authors

Eric J. Brown is with MECI, Inc. in Houston, Texas.

William A. Yarberry, Jr. is with ICCM Consulting LLC.

Kit Cragin currently resides in Pearland, Texas.

Subject Categories

BISAC Subject Codes/Headings:
BUSINESS & ECONOMICS / Management Science
BUSINESS & ECONOMICS / Information Management
COMPUTERS / Information Technology