The AI Strategy Guide logo The AI Strategy Guide at the cusp of AI Subscribe →
AI for the CTO: Expanding the Seat Without Overloading It — Roles illustration

AI for the CTO: Expanding the Seat Without Overloading It

Tom Prommer · CIO/CTOUpdated 2026-05-2911 min read

The CTO conversation that convinced me to write this page happened in a coffee shop in Munich, two weeks before the company’s annual planning cycle. The CTO was good — a real engineering leader, twenty years in, the kind of operator whose team would walk through walls. The board had asked him whether the company needed a Chief AI Officer. His honest answer, the one he gave me before he had to give one to the board, was: “I don’t know whether I want one above me or whether the work is already mine.” His instinct said the work was already his. His calendar said he did not have time. The two were both right, which is the situation this page is about.

That is the structural fact about AI for the CTO in 2026. The work has expanded into the CTO seat in most enterprises whether the seat has been formally expanded or not. The board’s instinct that “AI is a CTO thing” is right more often than it is wrong, and the consultancy framing that defaults to “you need a CAIO” is wrong more often than it is right — because the search-firm retainer is the product, and the seat being filled is what funds the retainer. The honest version of this conversation, the one I have a dozen times a year with sitting CTOs and the boards above them, is what this article writes down.

I run that conversation from the operator seat. The fractional CTO and CIO engagements I take are usually the period after the board has decided AI is strategic and before they have decided what org-chart change goes with it. The work in those engagements is largely the work this page describes — expanding the CTO mandate, writing the boundary, fitting the new reporting cadences into a calendar that was already full, and figuring out whether the CTO actually wants the expansion or is taking it on out of duty. The honest answer to that last question shapes everything else.

The CTO-expansion path the roles hub argues for

The roles hub makes a structural case I will not repeat in full: at firms in the €500M–€2B revenue band, expanding the CTO seat to include AI ownership is more often the right answer than adding a CAIO. The reason is that the work an honest CAIO would do in year one — write the strategy, run the boundary conversations, set up the governance posture, fit the executive reporting cadences — sits inside the existing remit of a competent CTO who already owns engineering, product, and platform. Adding a fifth executive above that work usually solves a political problem rather than a capability problem, and the political problem is usually that the CEO wants to be seen to have done something visible about AI.

The contra case — when a CAIO is genuinely required — is covered in the CAIO cornerstone. The signals are real and worth respecting: an AI thesis that crosses three or more functions with none of the existing executives volunteering to own the crossing, a CEO who can describe what they would tell a CAIO to do on Monday morning in one sentence without consulting a deck, an operating budget that is already durable, and an existing C-suite that actively wants the partner rather than tolerates the appointment. When all four are present, a CAIO is the right hire. The 90-day playbook for that role lives in the cornerstone.

This page is for the other case. The case where the CTO is the right owner, the work has expanded into the seat informally, and the formal version of the expansion has not yet been done. The work below is what the expansion actually entails.

What the modern CTO mandate now includes

A CTO mandate in 2019 was product engineering, platform, the engineering organisation, and the cross-functional technology strategy. A CTO mandate in 2026 is all of that plus six specific additions that did not exist or did not matter five years ago. The additions are not optional. Firms that have not formally added them to the CTO mandate are running a stretched CTO without saying so, and the stretch shows up in the work that is not getting done.

AI strategy ownership inside product and platform. The strategy document at / — what the four-question diagnostic produces — is owned by the CTO when AI is primarily a product or platform question. That is the case at most product-led enterprises in 2026. The strategy is not delegated to the VP of Engineering or the head of data; it is owned at CTO level because the four questions are board-level questions and the CTO is the one explaining them to the board. The strategy document is a CTO artefact.

Model-vendor portfolio management. The 2026 model-vendor landscape is a serious procurement category, not a casual technology choice. The portfolio decisions — frontier vs open-weights, single-vendor vs multi-vendor, contract structure, exit clauses, data-retention terms — sit at CTO level because the consequences are at CTO level. The CIO is not best placed to make them because the use-case context is product-engineering context. The CFO is not best placed because the cost arithmetic depends on technical substitution paths the CFO cannot evaluate. The CTO owns the portfolio. The portfolio review is a quarterly artefact, not an annual one, because the underlying economics shift on a six-to-nine-month cadence.

The engineering side of EU AI Act compliance. The August 2026 deadlines for high-risk AI systems land on the engineering function in any firm that ships AI capability in regulated contexts. The documentation work, the model-inventory completeness, the technical evaluations the audit posture rests on — those are engineering deliverables coordinated with the CISO and DPO, but produced by engineering. The CTO who treated this as a compliance problem in 2025 inherits a remediation calendar in 2027 that they did not budget for. The CTO who took it on as engineering work in 2026 has a defensible posture by August and a planning-cycle conversation about year-two refinement rather than emergency remediation.

MLOps and evaluation infrastructure as a permanent capability. The 2021 instinct was to treat AI infrastructure as a project — build it, ship it, move on. The 2026 reality is that the infrastructure is a permanent capability requiring permanent staffing, on roughly the same cost base as the rest of platform engineering. The CTO who has not formally allocated headcount to this as a function rather than a project is funding it out of the slack of other teams, and the slack is running out.

The agentic-architecture decision and its second-order effects. Whether to commit to an agentic orchestration layer, which one, what the in-house build vs commercial-vendor split looks like, what the implications are for the engineering org structure. This is the architectural decision with the biggest second-order effects in 2026, and it is a CTO decision. Delegating it to a VP-level architect produces decisions that get reversed at CTO level six months later. The CTO needs to engage with it directly.

Four executive reporting cadences. Board AI updates, CFO unit-economics reviews, CISO regulatory check-ins, and customer-facing AI capability commitments. None of these existed in the 2021 CTO calendar. All of them exist now, and they have to fit into a calendar that was already full. The FAQ above outlines the cadence shape; the deeper question is what gets removed to make room, which I cover below.

What stays with a CAIO when one is genuinely required

Not every CTO expansion is right, and the cases where a CAIO is the genuine answer have a recognisable shape worth naming. The strategy artefact ownership across multiple functions, board-level reporting on portfolio coherence, the cross-functional capability-trade-off decisions that no single existing executive can make — those belong to a CAIO when the conditions warrant the seat.

The specific work that stays with the CAIO and does not transfer cleanly to a CTO-expansion is largely about scope and cadence. A CAIO who reports to the CEO has the standing to convene the CTO, CIO, COO, and CISO on a single agenda. A CTO who has been expanded to include AI strategy can convene a similar meeting on engineering and product topics but is structurally junior on operations and governance topics. The convening authority matters when the AI thesis genuinely crosses operations, product, governance, and engineering with no clear primary owner. The convening authority is what the CAIO seat provides; the CTO-expansion path does not provide it as cleanly.

This is the test I run when a board asks me to help them decide. If the AI thesis is operations-and-product with the engineering layer underneath both, a CTO expansion works. If the AI thesis is operations-and-product-and-governance-and-new-capability with no clear primary, a CAIO is the right answer. The middle case — operations-and-product-and-governance — is genuinely ambiguous, and the deciding factor is usually the CTO’s calendar headroom. A CTO with 30% headroom can absorb the governance coordination. A CTO at capacity cannot, and the work that does not get done is the governance work, because it is the least urgent on any individual week and the most consequential in aggregate.

Fitting four reporting cadences into a CTO calendar

The CTOs I have worked with on the expansion path have all asked the same question by month two: how do I fit this work into a calendar that was already full. The honest answer is that something has to come off the calendar. The work below is what comes off, in roughly the order I have seen it work.

The first thing to come off is the engineering-architecture review cycle at the VP level. The CTO who is reviewing every architectural decision below the agentic and platform layers is the CTO who does not have time to own the AI strategy artefact. The fix is to formally hand the architectural review at the application tier to a Chief Architect or VP-level designate, with the CTO reviewing only the platform-tier and agentic-tier decisions. This is uncomfortable for many CTOs because the architectural review was the part of the job they enjoyed. The expansion path requires giving it up.

The second thing to come off is the deep-product-roadmap involvement. The CTO who is sitting in the weekly product-roadmap meeting at feature-team level is the CTO who is doing the VP of Product’s job. The expansion path requires moving the CTO’s product involvement to the quarterly strategic-roadmap review and the monthly portfolio review, with feature-level decisions delegated downward. Again, uncomfortable for CTOs whose engineering instincts pull toward feature-level engagement; necessary for the expansion to work.

What comes onto the calendar in their place is the four reporting cadences. The board AI update is quarterly, fifteen minutes, focused on the four-question diagnostic. The CFO unit-economics review is monthly in year one, quarterly thereafter, focused on cost per unit-of-AI-output against the operating-budget trajectory. The CISO regulatory check-in is monthly through August 2026, then quarterly, focused on the EU AI Act calendar and the audit posture. The customer-facing capability review is monthly during active product programmes, focused on shipped capability against the roadmap. Together: about three hours per month of formal reporting, but six to eight hours of executive time once you include preparation, context-switching, and the political alignment needed for the meetings to land. That is the calendar gap the two delegations above are meant to close. The arithmetic works if the delegations actually happen. It does not work if the CTO tries to keep the engineering-architecture and product-roadmap involvement while adding the new cadences. Brooks again: there is no ninth man-month available to a CTO who is already at capacity.

The COO partnership and the CIO boundary

The CTO expansion does not absorb the operations side of the AI thesis, and the COO partnership is what makes the expansion survivable when the work is genuinely cross-functional. The partnership works when the CTO and COO co-own the strategy document, agree on which workstreams are operations-led (COO sponsor, CTO platform support, success metric is unit-cost reduction in operations) and which are product-led (CTO sponsor, COO consumer of the capability, success metric is customer engagement or revenue uplift), and split the budget defence accordingly.

The partnership fails predictably in two ways. The first is the CTO who treats AI as exclusive engineering territory and excludes the COO from strategic-posture decisions. That CTO loses operational credibility — the operations functions stop briefing them on the use cases that matter — and the AI work becomes engineering-pure, which is the failure mode of foundation-first roadmaps. The second is the COO who treats AI as exclusive operations territory and bypasses the CTO on platform decisions. That COO ends up running a parallel AI shadow-organisation with no engineering support, which collapses at the first serious infrastructure decision.

The CIO boundary is sharper and easier to manage. The CTO owns AI capability inside the product; the CIO owns AI tooling employees use internally and the IT-tier AI integrations. The boundary is genuinely clean when both executives respect it. The boundary blurs when an internal-employee tool uses a frontier model that has product-tier governance implications, or when a customer-facing capability depends on an internal data pipeline owned by IT. The fix is the same as in the CAIO triangle: written down on one page, signed by both, revisited every six months. The CTO who treats this as a launch artefact rather than a living document is the CTO whose boundary erodes by month twelve.

The CISO boundary, the third one the expanded CTO has to navigate, is covered in the CISO governance page. The short version: the CISO owns the security posture and the risk-categorisation work; the CTO owns the engineering implementation of mitigations and the model-architecture decisions that affect the risk profile. The boundary works when both meet monthly through the EU AI Act compliance window; it breaks when either treats the August 2026 deadline as the other’s responsibility.

The fractional CAIO as the intermediate step

The honest middle path, and the one I have helped a handful of firms take, is the fractional CAIO. A fractional CAIO comes in for six to twelve months at a fraction of full executive comp, writes the strategy document, runs the first round of boundary conversations between the CTO and CIO and COO and CISO, sets up the executive reporting cadences, and at the end of the engagement either hands the seat to an expanded CTO or to a full CAIO appointment.

The fractional CAIO works as the intermediate step because it produces the artefacts a permanent expansion needs without committing the firm to a permanent fifth executive before the case is clear. The cost is roughly a third of a full CAIO comp package. The optionality is real. The risk is the fractional CAIO who tries to make themselves permanent, which is a known failure mode of fractional engagements generally; the fix is to write the engagement as twelve months with a defined hand-off deliverable, not as open-ended.

The case for the fractional path is strongest at firms where the CTO instinct is “I think the work is mine but my calendar says otherwise” — which is the situation I opened with. The fractional CAIO can absorb the boundary and reporting-cadence work for the period required to free CTO calendar headroom, and the expanded CTO inherits the work with the boundary already drawn and the reporting cadences already running. The case is weakest at firms where the existing C-suite is hostile to the AI agenda, because the fractional CAIO has no political standing to convene against active resistance. In that situation, a permanent CAIO with CEO sponsorship is the only path that works, and the cost is the cost of doing it properly.

What this article is not

It is not an argument against CAIO appointments. The cornerstone at /role/chief-ai-officer/ covers the case where a CAIO is genuinely required, and that case is real. The argument here is narrower: at most enterprises in the €500M–€2B band, the CTO-expansion path is the right answer first, and the CAIO question is the one that follows if the expansion does not work. The default consultancy framing reverses the order, and the reversal is the marketing tell.

It is not a job description. The work above is what the expansion entails; the formal mandate is a board-level artefact that needs to be written by the CEO and the CTO together, not borrowed from a template. The templates I have seen are uniformly wrong in the specifics, because the specifics depend on which of the four CAIO-cornerstone signals are present at your firm.

It is not advice for every CTO. CTOs at AI-native firms have a different problem — AI is the product, the expansion has already happened, the question is how to scale the leadership underneath them. CTOs at deeply traditional firms where the board has not yet decided whether AI matters have a different problem — the strategy conversation needs to happen before the role conversation. The article above is calibrated for the middle case, which is most of the enterprise market in 2026.

If you are the CTO that opened this page two weeks before a planning-cycle conversation about AI, the work below is what the expansion entails, and the calendar conversation is the one to have with the CEO before the planning cycle starts. The expansion only works if the calendar headroom is real. The calendar headroom is only real if something formally comes off the existing mandate. The board that asks the CTO to take on AI strategy without removing anything from the existing mandate is the board that is setting the CTO up to fail, and the failure is predictable enough to be worth naming in advance.

Sources & methodology

  • EU AI Act, Regulation (EU) 2024/1689 — engineering-side compliance obligations the expanded CTO inherits
  • Foundry / IDG State of the CIO 2026 — CIO remit data, used to triangulate the CTO ↔ CIO boundary
  • Russell Reynolds Global Leadership Monitor, H2 2025 — CAIO appointment frequency, used to ground the “when CAIO is genuinely required” counter-case
  • NIST AI Risk Management Framework, v1.0 — governance posture baseline relevant to the CISO partnership
  • Brooks, F. (1975), “The Mythical Man-Month” — calendar arithmetic for CTOs taking on the AI mandate without removing work
  • Methodology: observations from fractional CTO and CIO engagements (2023–2026), roughly fifteen CTO-expansion conversations and a smaller number of fractional CAIO engagements. The €500M–€2B band is where the CTO-expansion pattern fits best in my engagement experience; outside that band the calculus shifts.

If a claim looks wrong, send it and I will publish the correction with attribution.

Frequently asked questions

Should the CTO own AI strategy, or do we need a separate CAIO?
At firms in the €500M–€2B revenue band with a strong sitting CTO who has an active AI agenda, expanding the CTO seat is the right answer more often than adding a CAIO. The honest test is whether the AI work crosses three or more functional lines and whether the CTO has the calendar headroom to own the cross-cutting decisions. If both are true and the CTO wants the mandate, expand the seat. If either is false — or if the existing C-suite has not actively asked for the expansion — the conversation is different, and a fractional CAIO is often the right intermediate step.
What does the modern CTO mandate now include that it did not five years ago?
AI strategy ownership inside product and platform, model-vendor portfolio management as a real procurement category, the engineering-side of the EU AI Act August 2026 obligations, MLOps and evaluation infrastructure as a permanent capability rather than a project, and four executive reporting cadences that did not exist in the 2021 CTO calendar — board AI updates, CFO unit-economics reviews, CISO regulatory check-ins, and customer-facing AI capability commitments. The seat got bigger, and the firms that did not formally rewrite the mandate are running a stretched CTO without saying so.
When is a fractional CAIO the right intermediate step?
When the strategy document needs to be written, the boundary work between CTO, CIO, COO, and CISO needs to be done, and the firm is not yet sure it wants a permanent fifth executive. A fractional CAIO can carry six to twelve months of strategy and boundary work, produce the document, run the first set of executive reporting cycles, and either hand the seat to an expanded CTO or to a full CAIO appointment. The cost is roughly a third of a full CAIO comp package and the optionality is real.
How does the CTO partner with the COO on AI strategy?
The COO owns the operational-efficiency case, which is where the majority of enterprise AI value lands in 2026. The CTO owns the capability — the platform, the engineering organisation, the model-vendor portfolio — that the COO's case runs on. The partnership works when both write the strategy together and agree on which workstreams are operations-led (COO sponsor, CTO platform support) and which are product-led (CTO sponsor, COO consumer). The partnership fails when one of them treats AI as their exclusive territory. The CTO who does this loses operational credibility; the COO who does this loses engineering support.
What does AI strategic executive reporting actually look like in a CTO calendar?
Four cadences. Board update on AI: quarterly, fifteen minutes, focused on the four-question diagnostic — posture, cost ceiling, timeline pressure, failure tolerance — and what has moved since last quarter. CFO unit-economics review: monthly in year one, quarterly thereafter, focused on cost per query, per resolved ticket, per generated artefact, against the operating-budget trajectory. CISO regulatory check-in: monthly through August 2026, then quarterly, focused on the EU AI Act calendar and the audit posture. Customer-facing capability review: monthly during active product programmes, focused on shipped capability against the roadmap. Together: about three hours per month of formal reporting, plus preparation. The CTOs who treat this as a calendar problem are the ones whose AI agendas survive year two.