5 CIO priorities shaping enterprise execution in 2026

Australian CIOs enter 2026 under pressure to deliver growth, efficiency, resilience, and measurable value in a more constrained operating environment.

Across ADAPT’s CIO Edge discussions, the February 2026 CIO Edge Survey, and ongoing conversations with senior technology leaders, the CIO agenda is consolidating around execution.

Technology leaders are being asked to modernise core systems, strengthen data foundations, govern emerging risks, prove investment value, and support business change at greater speed.

AI is intensifying that pressure, but it is not the whole story.

Agentic systems are exposing whether organisations have the data, platforms, governance, workforce capability, and funding discipline required to scale new forms of automation safely.

The CIO role is moving deeper into enterprise architecture, where technology decisions now shape operating models, accountability, risk, and value creation.

The five priorities below reflect where CIO attention is concentrating heading into 2026, as technology leadership shifts deeper into enterprise architecture, operating model design, and business value creation.

1. Turning AI roadmaps into operating model discipline

AI roadmaps are being asked to carry more weight than previous technology plans.

ADAPT’s February 2026 CIO Edge Survey shows that developing AI strategies and roadmaps is the number one goal for Australian CIOs.

Piloting and adopting generative AI is the top initiative, while AI agents are the leading investment priority for the next 12 months.

Five of the top 10 investment priorities are AI-related, showing that AI now sits near the centre of CIO planning.

The challenge is that planning alone does not create execution.

AI roadmaps can quickly become catalogues of use cases if they fail to resolve harder operating questions: who owns the workflow, which data is trusted, where risk sits, how funding is staged, how adoption is measured, and how human judgement remains in the loop.

That is where the CIO priority has shifted.

The roadmap has to become an operating model instrument.

It needs to coordinate business ambition, platform readiness, governance, workforce change, and investment logic into a sequence the organisation can absorb.

Arul Arogyanathan, Chief Information Officer at Village Roadshow, reinforces this shift by positioning AI as a strategic design question when the CIO is close to the CEO and growth agenda.

AI decisions move beyond tool selection and into choices about how the organisation creates leverage, reshapes customer experience, and allocates leadership attention.

Solly Brown, Partner at McKinsey and Company and Leader of QuantumBlack ANZ, gives the execution agenda a practical edge through an agent-first operating model.

Agents can support design, testing, documentation, and delivery across the software development lifecycle.

The implication is broader than software productivity.

It shows how AI starts to change the flow of work when human and machine capability are deliberately orchestrated.

The emerging priority is not to produce an AI roadmap but to make the roadmap strong enough to govern sequencing, ownership, funding, risk, and capability building across the enterprise.

Recommended actions:

To turn AI roadmaps into operating model discipline, CIOs should:

• Prioritise AI use cases that change meaningful workflows, customer outcomes, citizen outcomes, or employee capacity.
• Build roadmaps around capability sequencing, ownership, funding gates, risk controls, and measurable delivery milestones.
• Use pilots to expose process weakness, decision friction, and data gaps, then feed those lessons into operating model redesign.
• Establish shared accountability between technology, data, risk, legal, finance, and business leaders before scaling AI into core workflows.
• Report AI progress through execution measures, including process performance, adoption, risk exposure, capability maturity, and business impact.

By treating AI roadmaps as operating model instruments, CIOs can move the conversation from activity to enterprise capability.

Back to top

2. Strengthening data ownership around autonomy and decision quality

Data foundations have become a limit on how much autonomy an organisation can trust.

ADAPT’s research shows that 40% of Australian CIOs identify data foundations as the number one constraint to scaling agentic AI.

This is a structural constraint because agentic systems act on context, interact with workflows, transact on behalf of users, and influence operational outcomes.

When data is fragmented or poorly governed, autonomy can scale inconsistency.

The deeper issue is ownership.

Traditional data programmes often focused on quality, integration, and reporting.

Agentic AI raises a harder question: which data can the enterprise rely on when systems begin to act, recommend, trigger, or decide?

Peter Weill, Chairman and Senior Research Scientist at MIT CISR and ADAPT Senior Advisor, frames that shift through the move from enterprises informing customers to acting for them.

Once systems act for customers, data becomes part of the business model. Customer context, integrated records, decision ownership, and service design all need to work together.

Fragmented data then becomes a constraint on revenue, trust, and service quality.

Jeremy Hubbard, Chief Technology and Data Officer at Rest, brings the issue back to operating architecture.

Product aligned data ownership and lifecycle accountability determine whether experimentation can become enterprise capability.

Without clear owners and coherent architecture, AI inherits the organisation’s existing process debt.

Simon Reiter, Chief Technology Officer at CareSuper, shows what this looks like when autonomy becomes operational.

Treating agents as registered assets with identity and oversight depends on disciplined data lineage and access controls.

Governance becomes executable only when data flows are visible and attributable.

Data foundations are now a control layer for autonomy.

CIOs are defining which decisions can be delegated, which workflows can be automated, which data requires stronger stewardship, and where human intervention remains necessary.

Recommended actions:

To strengthen data ownership around autonomy and decision quality, CIOs should:

• Assign accountable owners for priority data domains, with responsibility for quality, lifecycle, access, and use.
• Prioritise lineage, metadata, access controls, and data product accountability for workflows exposed to AI.
• Identify where data fragmentation affects customer context, service quality, decision confidence, compliance, or financial outcomes.
• Use agent identity, access permissions, and auditability as design requirements for any autonomous or semi autonomous use case.
• Link data investment to business outcomes such as revenue protection, risk reduction, service quality, and decision speed.

By treating data as the control layer for autonomy, CIOs can create clearer boundaries between contained experimentation and enterprise scale.

Back to top

3. Embedding governance where decisions, risk, and accountability converge

AI governance has moved from policy expression into operating control.

ADAPT’s research indicates that only 7% of Australian CIOs report enterprise-wide AI governance with board involvement.

That gap is significant because AI systems are moving closer to decisions, customer interactions, citizen services, financial exposure, and reputational risk.

The old governance approach breaks down when every use case is treated in the same way.

A low risk productivity assistant, a citizen facing service process, and a financially material decision workflow should not move through identical controls.

Uniform governance either slows safe use cases or under controls risky ones.

Aarti Joshi, Chief Information Officer at the Department of Customer Service, points to the practical answer through tiered governance aligned to risk.

High impact use cases face structured scrutiny, while lower risk productivity tools move through more streamlined pathways.

This creates speed where risk is lower and stronger scrutiny where the consequences are higher.

Kerry Holling, Interim CIO at the University of Sydney, shows how governance becomes real when it enters delivery.

Responsible AI self assessment, developed with legal teams, gives staff a practical way to assess ethical, responsible, and safe use.

In a research intensive environment, that control has to account for intellectual property, sovereignty, academic integrity, and decentralised adoption.

The boardroom perspective raises the standard again.

Mark Cameron, CEO and Director at Alyve, Claudine Ogilvie, CEO at HivePix, and Brett Raven, Fractional CTO and CIO at The Consulting CIO, point to the need for explicit policy, risk appetite, business problem definition, and strategic intent.

Governance weakens when organisations start with the tool and work backwards to justify it.

Stronger governance begins with the business lever, the acceptable risk boundary, and the accountable human decision maker.

CIOs are now applying that same scrutiny to vendors.

Buyers are losing patience with AI narratives that treat governance as a later layer, a responsible AI statement, or a policy pack.

They want to know how oversight, escalation, identity, traceability, review paths, and accountability work inside live operating environments.

The CIO priority is to make governance part of execution itself.

AI risk emerges through use, so governance needs to sit where decisions are made, risk is accepted, money is allocated, and accountability is assigned.

Recommended actions:

To embed governance where decisions, risk, and accountability converge, CIOs should:

• Define risk tiers that separate low risk productivity tools from customer, citizen, financial, compliance, and reputational use cases.
• Establish human accountability for AI supported decisions, including intervention thresholds and escalation pathways.
• Build governance into architecture, access management, procurement, funding approval, delivery methods, and executive review.
• Engage boards on risk appetite, delegated decision making, and business implications rather than technical configuration.
• Require vendors to prove how governance operates inside workflows, including auditability, traceability, oversight, and control points.

By scaling governance to consequence, CIOs can protect the organisation without slowing every use case to the same pace.

Back to top

4. Modernising the systems where AI value and control intersect

Modernisation has become more selective because AI has changed the sequence of value creation.

ADAPT’s February 2026 CIO research shows that 33% of mission critical applications still depend on legacy platforms.

CIOs are prioritising upgrades across three areas: industry specific or custom legacy systems, data warehouse, lakehouse and BI platforms, and security, identity and access platforms.

The pattern points to a more disciplined modernisation agenda.

CIOs are concentrating on the systems that determine whether AI and automation can reach the workflows where value is created, draw from trusted data, and operate inside secure access and identity controls.

Gabby Fredkin, Head of Insights and Analytics at ADAPT, frames the broader risk clearly: once AI starts shaping customer interactions, internal decisions, and workflow execution, weak foundations stop looking like technical imperfections.

They become constraints on speed, service quality, and value creation.

That turns platform modernisation into an execution issue, because the quality of the underlying systems determines whether AI can improve work or simply expose the friction already inside it.

Maile Carnegie, Innovation and Growth Leader, in conversation with Alan Thorogood, Research and Engagement at MIT CISR, adds the capital and leadership dimension.

Meaningful AI transformation requires courage, capital, coherent data, strong workflows, and access to talent.

For Australian organisations operating with tighter risk appetite and stronger pressure for near term certainty, modernisation needs to be sequenced into credible capability increments.

That is why the upgrade priorities in ADAPT’s research are so telling.

Industry specific platforms hold the processes and sector context that AI needs to improve.

Data platforms determine whether AI has reliable inputs.

Security, identity and access platforms determine whether AI enabled channels and agents can be governed.

The modernisation question is therefore not “which systems are old?” It is “which systems limit value, trust, and control as automation moves closer to real work?”

The vendor market is reinforcing the same shift.

CIOs are testing suppliers on production readiness, integration, identity, traceability, workflow control, and enterprise architecture fit.

Product capability still matters, but it carries less weight when the buyer’s harder problem is whether the solution can function inside a fragmented, regulated, and operationally complex environment.

Modernisation in 2026 is therefore becoming a prioritisation exercise.

CIOs need to rank platforms by their ability to unlock business outcomes, stabilise AI scale, and strengthen control over increasingly automated workflows.

Recommended actions:

To modernise the systems where AI value and control intersect, CIOs should:

• Map legacy exposure across mission critical applications and rank modernisation by AI dependency, risk, and business value.
• Prioritise industry specific systems where workflow redesign, customer outcomes, and operating efficiency are most constrained.
• Modernise data warehouse, lakehouse, BI, and AI platforms to support trusted data access and agentic workflows.
• Strengthen security, identity, and access platforms so agents and AI enabled channels can be governed inside the enterprise control environment.
• Use rationalisation and consolidation to reduce complexity and release capacity for higher value transformation.

By organising modernisation around the points where value, data, security, and control meet, CIOs can focus constrained investment where it has the highest execution impact.

Back to top

5. Proving value through workflow economics and capital confidence

Technology value proof has moved from benefit statements into workflow economics.

ADAPT’s research shows budget constraints are the biggest obstacle for CIOs and technology leaders securing CFO approval, with 40% of CFOs agreeing.

A further 36% of CFOs cite difficulty articulating clear ROI as the next major challenge, while only 13% of CIOs share that concern.

That gap reveals a dangerous misalignment.

CIOs may feel confident in the value story, while CFOs still require clearer proof of financial return, risk adjusted impact, and business performance visibility.

The issue is whether the investment case shows how work changes, how costs move, how quality improves, and how outcomes can be tracked.

David Walker, former Group Chief Technology Officer at Westpac and DBS and ADAPT Advisor, argued that AI value must be observable in process performance.

This moves the value conversation away from adoption rates and into operating evidence. CIOs need to show how technology changes the speed, cost, consistency, accountability, and quality of work.

Andrew Dome, Chief Digital and Information Officer at Uniting, provides a grounded example through Buddy, an AI assistant that delivered measurable productivity uplift across care teams.

The value was not simply faster work.

Administrative load was reduced, giving frontline teams more time for care and linking workforce efficiency to service quality and sustainability.

Daniela Polit, Director of Strategic Programs at the NSW Department of Customer Service, broadens the value frame for public sector use cases.

Trust, transparency, and equitable access sit alongside cost discipline as performance indicators.

In government and essential services, value proof must include citizen impact and mandate aligned outcomes, alongside financial savings.

This is also reshaping vendor accountability.

CIOs are tuning out generic productivity stories because they need evidence of workflow redesign, service outcomes, decision quality, governance, and execution credibility.

A vendor claim only helps the CIO when it can be translated into the operating and financial logic executives are prepared to fund.

The priority is to make value visible inside the work itself.

If technology changes the flow, cost, quality, accountability, or service outcome of a process, CIOs have a stronger foundation for capital confidence.

Recommended actions:

To prove value through workflow economics and capital confidence, CIOs should:

• Build investment cases around measurable financial, operational, customer, citizen, or workforce outcomes.
• Define baseline workflow metrics before deployment, including speed, cost, quality, consistency, service impact, and risk.
• Translate technology value into CFO language, including cost avoidance, productivity yield, risk reduction, capital efficiency, and revenue or service impact.
• Use observability and performance tracking to show how technology changes process outcomes over time.
• Hold vendors accountable for execution evidence, including integration fit, governance support, traceability, adoption, and measurable business impact.

By proving how technology changes the flow, cost, quality, and accountability of work, CIOs can create investment cases that CFOs, boards, and business leaders can fund with greater confidence.

Back to top

The execution test for CIOs

In 2026, CIO execution will be judged by whether technology changes how work gets done while keeping cost, risk, trust, and performance under control.

AI has intensified the pressure, but the mandate is broader than AI adoption.

Data ownership will set the limits of trusted autonomy. Governance will determine where AI can scale safely.

Modernisation will decide whether new capability can connect to the systems where value is created.

Workflow economics will decide whether boards and CFOs keep funding the agenda.

Progress will depend on sequencing: fix the foundations that limit scale, apply governance where risk concentrates, and prove value where technology changes performance.

Back to top