Part-time IT leadership (vCIO)
Here to govern, not to troubleshoot.
No internal IT director on staff — or a complement to an existing one on the governance side.
A vCIO (Virtual Chief Information Officer) is a part-time IT leadership service, recurring and client-side. Factero handles technology governance, decision preparation, and IT vendor oversight — without a permanent hire. This service is primarily for organizations without an IT director, but it can also complement an existing internal resource on the governance side.
Who is it for?
Municipalities, MRCs, townships and public bodies without an IT director. Factero Advisory Services is registered on the SEAO (Quebec) and the Ontario Tenders Portal (Ontario).
SMEs with IT providers but nobody steering the whole picture.
Nonprofits that want structure without a full-time hire.
When does it help?
If you recognize yourself in any of these situations, this service is designed for you.
- Leadership needs to decide, but the technical picture is too blurry.
- Projects are piling up with no order or logic.
- Your providers are doing their job, but nobody client-side is steering the big picture.
What will you receive?
An IT governance framework adapted to your size, your financial capacity, and your business objectives.
Decisions prepared with options, impacts and trade-offs.
Regular follow-up on providers, projects and risks.
An engagement cadence defined based on your organization's IT maturity, size and objectives — revised throughout the mandate as the situation evolves.
Not a good fit?
- The vCIO mandate is about IT governance and leadership — not daily technical presence or first-line support. If your organization mainly needs someone on the ground to handle day-to-day operational issues, an MSP will likely be better suited for that. If the situation is more urgent — a departure, a transition, a period without an IT lead — the interim mandate may be the right starting point before moving to ongoing support. If you feel that need for daily support and urgent issue management but aren't sure what's right for you, the SME offer can help clarify the situation together before committing to anything.
How does the process work?
A rigorous and transparent approach, step by step.
Governance
Roles, cadence, decisions, follow-up. We structure who decides what, when, and on what basis. We draw on recognized frameworks — NIST-CSF for risk, COBIT for governance — adapted to your size and reality, without applying them in full if it's not warranted.
Decision preparation
Options, impacts, trade-offs. We prepare decisions so leadership can act with confidence.
Contracts and SLAs
We review your provider agreements — what's covered, what isn't, and the grey areas worth clarifying. The goal isn't to change providers, but to make sure the commitments match your operational reality.
Frequently Asked Questions
Answers to the questions our clients ask before reaching out.
What's the difference with interim management?
Factero's vCIO service is an ongoing IT governance engagement — we are present long-term on a regular basis (monthly or bi-monthly), steering technology strategy, overseeing providers, and preparing investment decisions for the executive team. The cadence and deliverables are structured according to COBIT and NIST-CSF frameworks, ensuring continuity and alignment with business objectives. Interim IT leadership, by contrast, is a temporary mandate of 1 to 6 months: we step into the organization, stabilize critical operations, then transfer governance to the permanent replacement with complete documentation.
What does a vCIO engagement actually look like?
A vCIO engagement starts with a structured scoping phase: understanding your current IT environment, cataloging your providers and active contracts, identifying ongoing projects and leadership priorities. Factero then establishes a cadence adapted to your size and reality — monthly, bi-monthly, or adjusted to your needs. Each governance meeting follows a documented agenda: project review, vendor follow-up, decisions to prepare for leadership, and urgent items. Between sessions, we remain available for decisions that can't wait — a contract to sign, an incident to evaluate, a provider proposing a change. The mandate is formalized in writing with clear objectives, defined deliverables, and periodic reviews to ensure the support stays aligned with your reality.
How is this different from letting our MSP manage things?
An MSP manages operations on the provider side — that's their role and they do it well. Factero's vCIO is on the client side: your independent perspective, like a building inspector or a trusted mechanic who works for you, not for the garage. They understand what the provider is proposing, explain the stakes without jargon, and help you make informed decisions.
We don't work against the MSP — we work with them. In most mandates, having someone on the client side who understands and steers unblocks projects that were stalling, clarifies priorities that weren't being communicated, and gives the provider a clear contact to move forward with.
These aren't competitive roles. They're complementary ones — and the good MSPs recognize that.
Can we start without having done an audit first?
Yes, a vCIO engagement can start without a prior audit. Every situation is different, and Factero adapts. If your IT environment is relatively stable and well documented, a structured overview at the start of the mandate — as part of the onboarding process — is enough to frame governance properly without needing a full audit beforehand. This overview covers your infrastructure, vendor contracts, ongoing projects, and baseline security posture.
If the situation is hazier, less documented, or we identify significant blind spots during the initial scoping, we'll tell you honestly — and we'll discuss together whether a more in-depth assessment phase would be useful before starting recurring governance. In all cases, we won't engage you in something larger than what you actually need. Our charter of independence guarantees this transparency.
We already have a part-time internal IT resource. Is this compatible?
Yes, the vCIO doesn't replace an existing internal technical resource — it complements it on the governance and strategic leadership side. Your internal resource keeps its day-to-day operational responsibilities — support, maintenance, incidents. Factero's vCIO brings the big-picture view that daily operations don't always allow: preparing technology decisions for leadership, overseeing external vendor relationships, prioritizing projects according to business objectives, and budget tracking. In practice, the cohabitation works well when roles are clearly defined from the start. Your technician or IT coordinator handles operations; the vCIO pilots governance and prepares decision documents. This also allows your internal resource to focus on what they do best, without having to carry strategic decisions to leadership alone.
How often do you engage?
The cadence is set with you at the start of the mandate and adjusted along the way as your needs evolve. For most organizations supported by Factero, the typical rhythm includes a structured monthly governance meeting (agenda, action follow-up, decisions to prepare), ongoing vendor and project follow-up between meetings, and availability for urgent decisions that can't wait — a contract to validate, an incident to evaluate, a vendor proposal to analyze. Some organizations going through transformation or transition prefer a temporary bi-weekly or weekly cadence. Others, with a stable environment, work well with monthly check-ins supplemented by ad hoc calls. It's not a rigid package — it's a commitment that adapts to your operational reality and evolves over the course of the mandate.
What happens when we no longer need the vCIO?
A good vCIO mandate ends with a better-structured organization, often ready to hire an internal IT director or operate with less external support. The exit is planned with you — with a documented transfer of governance, accesses, ongoing follow-ups, and vendor contacts. Factero doesn't create artificial dependency.
Some organizations also choose to maintain the vCIO long-term as a part-time IT director — when the organization's size doesn't justify a full-time hire, but the need for IT governance and leadership is real and ongoing. This works well for SMEs, nonprofits, and public bodies that want an IT lead without the costs of a permanent position.
In all cases, the relationship evolves according to your needs — not ours.
What approach do you use to structure IT governance?
Factero draws on internationally recognized IT governance frameworks — NIST-CSF for risk assessment and action prioritization, COBIT for governance structure and alignment of IT investments with business objectives. These frameworks aren't applied literally — they're adapted to your size, IT maturity, and actual objectives. A 20-employee SME doesn't need the same governance framework as a 500-employee municipality. The principal associate holds the CISA certification (Certified Information Systems Auditor) from ISACA, which guarantees a rigorous methodological approach aligned with international best practices in information systems auditing and governance. The goal isn't to impose a theoretical framework, but to structure IT decision-making so that it's documented, traceable, and defensible.
What's the typical duration of a vCIO mandate?
There's no minimum duration imposed — most vCIO mandates last between 6 months and 2 years. The timeline depends on the starting IT maturity and objectives: structuring basic governance for an SME that never had IT leadership typically takes 6 to 12 months. Transforming a complex environment, supporting a major cloud migration, or overseeing 5+ simultaneous providers can justify an 18 to 24-month mandate. Factero offers mandates that are revisable at any time — with no exit penalty or minimum commitment period. Some organizations maintain the mandate long-term as part-time IT leadership, which avoids the costs of a permanent position while preserving structured governance. The mandate evolves according to your needs: we continue as long as it's useful, reduce the cadence when governance is in place, and stop when it's no longer needed.
Need to move forward on this?
Let's discuss your specific situation. No commitment, just expert advice.