THANK YOU FOR SUBSCRIBING
Gov CIO Outlook Weekly Brief
Be first to read the latest tech news, Industry Leader's Insights, and CIO interviews of medium and large enterprises exclusively from Gov CIO Outlook
Vina Morris, Head of IT and Security Department, Vera Institute of JusticeIn mission driven and public interest organizations, technology modernization is ultimately about credibility and stewardship. Even when the people we serve do not interact directly with our systems, the integrity, security and reliability of those systems shape how effectively we advance the mission. That understanding guides how I lead technology governance and security with clarity, discipline and a commitment to building infrastructure that strengthens both organizational trust and operational impact.
I begin every modernization effort with grounding questions: What is the organization here to do? What outcomes do we owe to the people who rely on our systems, whether they interact with them directly or are affected by the mission those systems support? And what risks, whether operational, ethical or reputational, are simply not acceptable? From those answers, I build governance that enables progress rather than slows it down. Effective governance is not bureaucracy. It is shared priorities, clear decision making and accountability that can be measured. It brings leadership, operations, legal, finance and program teams into alignment so modernization moves as one effort rather than a set of disconnected projects.
I lead with a protect the mission, protect the people mindset. That includes protecting our data, intellectual property, systems, equipment and the reputation that allows us to operate with credibility. These are not separate concerns. Together, they form the foundation of organizational trust. Security is built in from the beginning, not added at the end. Equity is treated as a design requirement, not an afterthought.
Cloud modernization is often described as a technical upgrade, but readiness is fundamentally organizational. I look at it through three lenses: people, process and technology. Do teams have the skills and capacity to support new models? Are policies around data classification, identity, incident response and change management clear and actionable? And do we understand which systems can move quickly and which require redesign or retirement?
Security and data governance must move in step with modernization. Strong identity and access management, consistent logging and monitoring, and clear data ownership are non-negotiable. Cloud can be highly secure, but only with discipline. Without guardrails, it becomes a fast track to sprawl, cost surprises and unnecessary exposure. The goal is not simply to migrate. The goal is to modernize responsibly while strengthening resilience, privacy and governance.
"I lead with a protect the mission, protect the people mindset. That includes protecting our data, intellectual property, systems, equipment and the reputation that allows us to operate with credibility."
One of the most important lessons I have learned leading large-scale transformations is that change management is not a parallel workstream. It is the work. People rarely resist change because they do not care. They resist when the purpose is unclear, the process feels opaque or their role in the future state is uncertain. Translating technology into mission language helps bridge that gap by grounding the work in purpose and helping teams see where they fit in what comes next. It means talking about protecting sensitive information, reducing administrative burden, improving service delivery and building systems staff can trust.
Momentum matters. In complex organizations, transformation is rarely linear. Competing priorities, limited resources and legacy systems require thoughtful sequencing. I focus on building foundational capabilities such as security, governance, data management and infrastructure reliability, then delivering visible wins that build confidence and adoption.
I approach AI with cautious optimism. It can reduce repetitive work, improve operational efficiency and support better decision making. But in public interest environments, intentionality is essential. I prioritize use cases where AI supports human judgment and ensure the underlying data and governance are sound. AI is only as trustworthy as the controls, accountability and literacy surrounding it. Building AI literacy across teams, helping people understand what AI can and cannot do, how to use it responsibly and where human oversight remains essential, is a critical part of that work.
Responsible AI requires more than technical controls. It requires a culture of accountability. That includes clear usage policies, privacy and security reviews, defined ownership and continuous monitoring of how AI is used and how it performs. It also means investing in AI literacy so teams understand the capabilities, limitations and risks of the tools they rely on. Diverse perspectives are essential because the impact of AI is never purely technical. It shapes decisions, workflows and ultimately the communities our mission serves.
For leaders driving change in complex, public interest organizations, my guidance is straightforward: lead with mission, build with discipline and communicate with consistency. Create governance that enables progress. Treat security and equity as core requirements. Invest in the AI literacy and change management that make transformation real for people. Modernization is ultimately about trust — protecting the mission, the people and the organizational assets that sustain our work. When trust is built, change becomes durable and the organization becomes stronger for the communities it exists to serve.
Read Also
