The trend can also be seen as an extension of the shift of a couple of years ago when increasing numbers of CIOs began moving from reporting to finance to reporting directly to the board or CEO. As the traditional title of IT manager began to lose prominence, with organisations breaking the job down into different areas of responsibility, including internal IT, external IT, security and knowledge and privacy, the ground started shifting again.

"Since then there have been other important roles which have come up, including chief security officer, or chief privacy officer or chief knowledge officer, and they are coming up in the big corporations or the banks," says Hamilton James & Bruce executive director Jon Leighton.

"The big companies of the market have led it: companies like Qantas or Telstra or whatever. They would lead this area because they're big and have lots of issues surrounding privacy and security and knowledge and everything else. There is a growing understanding and a growing need for people to take responsibility for these roles," Leighton says.

Also increasingly popular is the chief knowledge officer. IBM, keen to accelerate integration of knowledge management, has appointed designated knowledge management leaders in each of the company's businesses, major business process areas and key functional areas.

These knowledge leaders spearhead the formation of communities of practice — groups of people who work in different divisions but serve similar functions. Communities provide means of connecting people and systematically managing organisational knowledge.

In Australia, IBM and Global Services CIO Julian Wee says knowledge management responsibilities within IBM are split. On the one hand, IBM recognises that knowledge management is best handled by individual business units because that's where the intellectuals are and that is where knowledge sharing is important. Overlaying that is the responsibility for CIOs to provide the infrastructure and tools to let business units share information more freely.

Meanwhile, the global CKO is charged with examining processes — how IBM captures knowledge, and how it reuses it.

"There are many layers of knowledge management in a business as complex as ours," Wee says. "The important thing is that you capture it at that [business unit] layer, [because] you don't capture it in a centralised model."

There is a single CIO office at IBM with global responsibilities. "Within that office are specific groups that cover security, knowledge management and what we call technology and architecture strategy (effectively a CTO)," Wee says. "The CIO of the IBM Corporation is based in the US at our headquarters in Armonk, New York and people like myself who run a geographical unit are part of that management line. Reporting is under the good old matrix management. I have my in-country management line, being my CEO, and I also report up to the CIO of IBM."

IT security is conducted within the global CIO organisation, while Wee has a security focus within Australia and New Zealand that aligns with that function globally and considers local laws and regulation. "I liaise with all the other business units across the business here locally to make sure security standards and policies are implemented," Wee says. "Most standards are laid down from global head office because our global presence and global customer base makes consistency very important to us and to our customers."

There is also a chief privacy officer within corporate head office, and while there is no equivalent Australian function yet the company is actively considering appointing one.

Wee finds the arrangement incredibly effective, as indeed do Hannan, Parker and Dwyer.

Meanwhile, Craig Wright, the CIO/CTO at Sydney-based IT and Internet security specialist DeMorgan, comes at the situation from a different perspective. Wright says being both CIO and CTO for an Internet security company makes life relatively easy.

Wright says he sees his CTO job as more of a visionary role, while the CIO job is a production/make-it-happen type role. While many companies give those roles to different people because both positions come at technology from different points of view, and it can be hard having to play Devil's Advocate to yourself, Wright has found a way to overcome that.

"I use staff time, and we all sit down and talk periodically. There's good and bad to it all of course — doing it all yourself versus having other people do it. Then again, it still comes down to being answerable to the board and having to justify all these solutions."

On the other hand, he says, at least he can't complain about being uninformed about the issues. When you take on all such jobs yourself, the left hand should at least always know what the right hand is doing.

That's not something that organisations where "CXO" titles are flourishing can always be confident of saying