Chief INFORMATION Officer - Not really!

The news that the Prudential has been fined by the Information Commissioners Office (ICO) after a "mix-up" over the administration of two customers’ accounts should send a further warning to CIOs and Compliance officers that managing information as real critical business asset must be taken seriously.

Chris Bradley, an well known independent Information Strategist has been evangelising the Information Management message across the world for many years said:
“Unfortunately, only a few companies are really serious regarding management of information as a vital corporate asset.  If the assets of cash or physical property or employees were treated as poorly as Information there would be major scandal, but the mis-management (all be it unintentional) of information is fast becoming a critical impedance to business success”

The Prudential mix up led to tens of thousands of pounds, meant for an individual’s retirement fund ending up in the wrong Customers account.  Bradley further commented that:
“This is important because it is the first ICO penalty served which does not relate to loss of data, but rather puts the spotlight firmly on the absence of sound Data Governance and Master Data Management in companies”

The original error was caused when the records of both customers, who share the same first name, surname and date of birth, were mistakenly merged in March 2007.

Stephen Eckersley, ICO head of enforcement, said, “In this case two customer files were consistently confused and the company failed to remedy the situation despite being alerted to the problem on more than one occasion before it was finally resolved”

Chris has been advising his clients upon the vital importance of Data Governance and the critical role Master Data Management (MDM) plays in this.  He successfully introduced a Business focused MDM approach into Global organisations in the Finance, Oil & Gas and Pharmaceutical sectors.  Acknowledged Information Management thought leader and author Bradley further commented “We’re delighted to help our clients truly see the value that effective business focused Master Data Management plays and how it is critical to achieving effective information governance”

He further continued, “make no mistake, this is one of the most important considerations for CIO’s in just about any organisation that is subject to any degree of regulatory or compliance pressure”

His insight is echoed by Gartner whose recent research stated “By 2016, 20 percent of CIOs in regulated industries will lose their jobs for failing to implement the discipline of information governance successfully” The same 2012 Gartner survey also supports his Information Management position stating: “Through 2016, spending on governing information must increase to five times the current level to be successful”.

The good news however that is some enlightened organisations are recognising the importance of managing data as an asset, however several holders of the CIO role are not really taking responsibility for Information but rather focus upon the delivery of Technology & Applications.

The realisation that Information must be managed as a corporate asset has given rise to the new phenomenon of the Chief Data Officer.  As recently as June 21, 2012, according to a survey by GoldenSource Corporation over 60 percent of firms surveyed are actively working towards creating specialized data stewards, and eventually Chief Data Officers, for their enterprise.

So a few years after the financial crisis, institutions are still struggling to get a 360-degree view of their data.  Considering organizational, policy, and behaviours within which a data control framework operates is as important as the underlying technology services that enable it. Appointing data stewards and Chief Data Officers to incite governance across these firms will be crucial to success.

Bradley concludes that the Chief Data Officer, distinct from the Chief Information Officer will be one of the top critical hires in 2013 - 2015.

DFD's and ELH's ... Back to The Future?

I was recently asked by a client and also at a conference, "we need to be able to model flows of data - how do we do that"? How to model Data Flows.....hmmm that'll be Data Flow Diagrams then.

These were one of the great features in methods like LSDM and SSADM and was pretty well supported by early generation CASE tools. I still remember with some fondness how useful these were and we used them extensively in the 80's and 90's. With DFD's there was some problem with determining how to create diagrams of the appropriate level, but TBH this was really a question of practitioner experience. Simplified Level 1 DFD

As the fundamental problem that was addresed by DFD's still exists, I'm not really sure why modeling tools now don't support this any more.

I was also asked during a data modelling class, "we know we shouldnt create separate entities for each state that one could be in, but how do we model the change of entity state"?

Just in case youre not sure what this means, a simple example of state change would be how a Suspect becomes a Prospect, then a Customer, then a Gold Customer and maybe a lapsed Customer. All these are examples of when the entity has changed state over the history of its lifetime.
Here's a simple example for a Purchase Order: Purchase Order Simplified ELH

So for a bonus point, the approach to modelling the change of state of a Data Entity over time is Entity Life Histories and State Transition Diagrams.  Simple State Transition Diagram
These were also very popular in the 80's and 90's but again seemed to become unpopular for a while and not widely supported by modeling or CASE tools. Fortunately their importance is now being recognised again & I've increasingly seen these (or similar approaches) being picked up again recently.

The problems that DFD's, ELH's and State Transition Diagrams address haven't gone away, so let's use the approaches that actually work! Maybe it's a case of back to the future?

Data Governance; a vital component of IT Governance

Thursday 1st March ... I have just completed delivering a presentation on Data Governance at Ovum London conference http://governance-planning.ovumevents.com/
I'll add a link to the slides here shortly.

I'm sure that we all know that data is growing at a vast rate, however there's been an even bigger problem concering uncontrolled growth that I have recently read about ...
 ... 12 Grey Rabbits were brought to Autralia in the 19th Century for sport.  After 2 years there were in excess of 2million per year were being shot & still the population wasnt dented.  A few years later the population was over 400million.  So, even the Data explosion highlighted by the 2011 IDC Digital Universe study hasn't yet reached these proportions.

IT Governance:
From several of the well established frameworks (eg ITIL), the common key components of an IT Governance framework seem to be:

1) Strategic Alignment: 

Alignment of the business and IT strategy with regard to the definition as well as the review of and improvement in IT’s contribution to value.

2) Value Delivery:
Within their service cycle, IT services in their entirety bring a benefit in respect of the corporate strategy and generate added value for the enterprise.
3) Resource Management:
Efficient management of resources such as applications, information, infrastructure and people, as well as optimization of the investment.
4) Risk Management:
Identification and analysis of the risks in order to avoid unpleasant surprises and to gain a clear understanding of the company’s risk preference.
5) Performance Management:
Monitoring and control of all performances in terms of their orientation towards the corporate strategy.

Looking now at  Data Governance, some of the key areas that need to be considered, certainly to folks more used to IT Governance are:

1) There are usually 3 main drivers for Data Governance:
Pre-emptive:  Where organisations are facing a major change or threats. Designed to ward off significant issues that could affect success of the company.
Reactive: Where efforts are designed to respond to current pains
Pro-active:  Where Governance efforts designed to improve capabilities to resolve risk and data issues. This builds on reactive governance to create an ever-increasing body of validated rules, standards, and tested processes.

2) Data Governance can be implemented in 3 ways, often these may overlap (Tactical, Operational, Strategic).

3) There is certainly no "one size fits all" approach to Data Governance. Need to have a flexible approach to Data Governance that delivers maximum business value from its data asset.
Data Governance can drive massive benefit, however to accomplish this there needs at least to be  reuse of data, common models, consistent understanding, data quality, and shared master and reference data.
Organisationally, different parts of the business have different needs, and different criteria for their data.  A matrix approach is needed  do these different parts of the organisation and data types are  driven from different directions.
However, no matter how federated the organisation may be there will be some degree of central organization required.  This is to drive Data Governance adoption, implement corporate repositories and establish corporate standards
The IPL Business Consulting practice have a flexible DG framework that can be tailored to help.

4) Communication & stakeholder engagement is key.  No matter how brilliant the framework is, or how great your polices or DG council are, if you dont adequately engage and communicate with the stakeholders, the DG initiative will go nowhere.

5) Finally, all of this is only important if Information REALLY is a key corporate asset for your organisation ..... so ask yourself, is it?

So IT Governance vs. Data Governance?
In summary, Data Governance is a vital frequently overlooked component of an overall IT Governance approach.  Remember the 5 commmon components of an IT Governance approach?  Well, lets apply these in a Data Governance context and we see ...

1) Strategic Alignment:

Alignment of the business information needs and the IT methods and processes for delivering information that is fit for purpose.

2) Value Delivery:
Delivering information to the requisite quality, time, completeness and accuracy levels and  optionally monetising the value of information.
3) Resource Management:
Ensuring people, and technology resources are optimised to ensure definition, ownership, and delivery of information resources meet business needs.
4) Risk Management:
Information security, backup & retention and delivery are balanced against regulatory and accessibility needs as befits the company’s risk preference.
5) Performance Management:
Monitoring and control of Data Governance roles, responsibilities and workflows such that they meet the demands of the corporate strategy.