The CIO Wears Two Hats: Isn't IT Enough?

Roy highlights three examples where CUNA Mutual is getting benefit from IT working more closely with another shared service.

Physical security: We already mentioned the cooperation related to assessing and securing wireless networks. The IT and physical security teams have not at this point linked employee badges that grant building access to network access, which is controlled using RSA tokens. But if CUNA Mutual moves network access to a software based network access system instead of tokens, a link between physical and network access controls might be worth considering.

Facilities: The company is now doing more comprehensive disaster recovery testing, Roy says, instead of testing in silos. Individual business units and facilities management had plans for where people should go if a building couldn't be accessed, but IT didn't have always have plans to get those people access to a network and applications. This spring, CUNA Mutual did a mock disaster drill, and Roy says, "It was very successful, because we found issues."

Procurement: One third of CUNA Mutual's controllable expenses go through this group -- not only factors like technology, but also real estate and facilities, marketing costs, employee benefits, travel, and temporary staffing. Looking at those expenses companywide located savings--like one temporary help vendor that had nine different contracts using different rates for essentially the same type of staffing. CUNA Mutual bundled those to negotiate a lower rate.

Placing the CIO in charge of procurement does raise the potential problem of checks and balances when IT is doing the buying. As Roy bluntly puts it: "We've had to be careful, because we don't want the fox in the hen house."

Checks and balances include having the legal department separate from the procurement organization. There's a clear policy on who must sign off on different types of contracts--often four to six different people. And while the vendor management office reports to Roy, those staffers aren't a part of the IT organization. "They're fully authorized to raise their hands and say 'This deal doesn't hunt,'" Roy says.

InformationWeek is conducting a survey to get a baseline look at where enterprises stand on their IPv6 deployments, with a focus on problem areas, including security, training, budget, and readiness. Upon completion of our survey, you will be eligible to enter a drawing to receive an 16-GB Apple iPad. Take our InformationWeek IPv6 Survey now. Survey ends May 11.