The Dream Team: CIO + CLO
CIOREVIEW >> Legal >>

The Dream Team: CIO + CLO

Danish Butt, Director-Law Department Management, Huron Legal
Danish Butt, Director-Law Department Management, Huron Legal

Danish Butt, Director-Law Department Management, Huron Legal

The digital age combined with the rapidly changing business climate has given rise to a new working partnership within the global enterprise, between the CIO (Chief Information Officer) and the CLO (Chief Legal Officer). Their collaboration provides the enterprise with a “Dream Team” that is well suited to address the constant barrage of business needs, regulatory changes and statutory requirements. This article discusses how the transformation of each role has created opportunities to lead measurable change within the organization.

CIO and CLO as Business Enablers

Both, the CIO and CLO roles are experiencing a transition from leading their respective functional areas to becoming strategic advisors for the enterprise as a whole. The term “technology as a business enabler” is very familiar to every CIO. Similarly, the CLO role, traditionally known for risk mitigation and legal advice, is now more focused on strategic business enablement. This mindset has opened the door for the legal and IT functions not only to provide their services on a referral basis, but to embed them within business processes, opening a number of opportunities for the Dream Team partnership.

“With the CIOs technical expertise and the CLOs legal expertise, the Dream Team can proactively improve GRC maturity across the organization”

One such area is the opportunity to collaborate in order to enable efficient, effective, and low-risk business transactions. For many organizations, gaining an understanding of all their contracting obligations can be daunting. Many organiza­tions struggle to answer questions similar to these: How many contracts does the company have? How many non-standard NDA’s were signed? How many contracts have ‘one-off’ obligations? How many contracts will be affected by the new legislation?

The Dream Team can address this challenge by collaborat­ing and sponsoring an enterprise contract management program, including a Contract Lifecycle Management (CLM) system. Ac­cording to Forrester Research, Inc., “Contract Life-cycle Management (CLM) software helps firms create, manage and achieve maximum value from these contracts and is a key piece of the business technol­ogy agenda.” The enterprise contract management program is by no means a small undertaking; however, it will have a significant impact on the business risk and bottom line. A well planned program with supporting technology can reduce risk by undertaking initiatives such as coding legacy contracts, storing all contracts in a standard repository, and developing standard contract templates and legal clause libraries. It can also benefit the enterprise’s bottom line to the extent it reduces contract turnaround time by using centralized workflows, auto­mates reminders to manage key dates, and fa­cilitates evaluation of the commercial impact of each contract.

Similarly, the Dream Team can jointly in­troduce process and technology to other areas where the law department is a key stakehold­er. Some other examples include marketing material reviews, advertising copy approvals, and intellectual asset management programs.

The CIO can also directly assist the CLO in improving technology maturity within the law department for functions including elec­tronic billing, legal and claims management, vendor management, discovery management, and others. These systems can, in turn, feed information back to the enterprise; for exam­ple, the trend of legal claims can be used to identify the need for and develop proactive training and remediation actions.

CLO as an Adviser to IT

According to a joint 2014 EMC and IDC study, annual data production will reach 44 trillion gigabytes by 2020. Meanwhile, Com­puter Science Corporation estimates that 80 percent of the data produced world-wide is stored by enterprises. In today’s information economy, these numbers have far-reaching consequences for each C-Level executive.

While the CIO must deal with the op­erational aspect of all this data, the CLO must manage its associated risk. There are some obvious areas of overlap in these two goals, relating to topics such as unmanaged data growth, cloud technology, social media, real-time data, and domestic and international data protection requirements.

This situation presents more opportuni­ties where the Dream Team can collaborate. For example, IT and Legal can partner with the Records and Information Management team and other key stakeholders in establish­ing an enterprise-wide information govern­ance program to govern how information within the enterprise is treated, from creation to disposition. A strong information govern­ance program treats information as an asset and includes aspects such as a records reten­tion and disposition program that takes into account operational and legal requirements (including data privacy and security). The program can reduce risk by mitigating legal discovery concerns, can help control discov­ery costs, and, of course, can reduce enter­prise storage costs significantly.

The cloud is another area where the CIO and CLO can work together. IT departments are often eager to reduce data storage costs through cloud storage arrangements, and many technology systems are web-based and therefore also have a cloud component. There can be legal risks associated with the cloud, but a strong partnership between the CIO and CLO where the law department reviews and helps negotiate cloud arrangements can help mitigate these risks.

CIO and CLO Improving Enterprise Com­pliance

According to Competitive Enterprise Insti­tute, approximately 3,500 rules are issued by the federal government and agencies every year in the United States. From the CLO perspective, each of these affects multiple enterprise stakeholders in the enterprise. It is common for the CLO to rely on a combina­tion of business staff, legal personnel, some technology and internal compliance and audit team members to ensure that the enterprise is governing its behavior and managing its compliance.

The CIO and CLO can collaborate (in­cluding the compliance function and other stakeholders) to establish an enterprise-level Governance, Risk and Compliance (also known in short as GRC) program with sup­porting GRC technology. The CIO can pro­vide expertise and technology to support le­gal and business stakeholders, disperse new information, develop plans, provide staff training, track compliance, manage remedia­tion, and generate management action items. With the CIOs technical expertise and the CLOs legal expertise, the Dream Team can proactively improve GRC maturity across the organization.


The synergy from the CIO-CLO partnership has effects that radiate throughout the en­terprise. Programs such as contact lifecycle management enable and expedite business ac­tivities while reducing risk. A proactive GRC program illustrates the Dream Team’s role as responsible stewards. Advising one another on items of tangible importance to the enter­prise demonstrates collaborative strength to the benefit of both parties.

These examples are just the tip of the iceberg of opportunities for the Dream Team partnership, whose collaboration can be en­riched further by including other C-Level and management stakeholders.

The possibilities are endless. Go Team!

Read Also

International Expansion In Apost-Pandemic World

International Expansion In Apost-Pandemic World

Pearl Mathew, Director, Fintech Corporate Banking at Standard Chartered Bank
Intelligence-Led Investigations And Better Information Sharing Hold The Promise Of Improving The Disruption Of Financial Crime

Intelligence-Led Investigations And Better Information Sharing Hold...

Lora von Ploetz, Head of Global Financial Crime Unit, Commerzbank AG
How Dutch Bros Coffee embedded culture into its mobile app

How Dutch Bros Coffee embedded culture into its mobile app

John Graham, Chief Marketing Officer, Dutch Bros
The Calculus of Cyber in the Context of Enterprise Risk

The Calculus of Cyber in the Context of Enterprise Risk

Seema Sewell, Director of Cyber Assurance and Architecture, Maricopa County Lester Godsey, CISO, Maricopa County