We live in a world where data is shared across departments, across system, and across our enterprise ecosystems. As the data flows through this information supply chain, how do we ensure that the data is fit-for-use for all relevant stakeholders? And how do we define who is responsible for data quality assurance at any point in the supply chain?
Last week at the 2016 CIO Summit in Sydney, Australia, I participated in a panel discussion on this same topic. During the event, I discussed a requirement for several layers of “data firewall.” This firewall is needed to protect our enterprise system from foreign contaminants. The data firewall is akin to the first layer of protection of our human immune defenses – the largest organ of our body – our skin. This is an idea that I morphed from the Harvard Business Review.
To expand on the firewall analogy, data standards and validation rules that represent system-of-record configuration need to be shared and extended – as fitting and relevant – to ecosystem partners. In an extended supply chain – e.g., medical device manufactures, pharmaceutical companies, or manufacturers of baby formula – traceability of components, ingredient sources, individuals, machines, etc., is required. We’re talking about a very diverse set of companies with particular data needs – from logistics companies to 3rd party data content providers.
Information governance comes into play across the ecosystem to ensure identified key data elements are defined and/or translated in such a way so that everyone is talking about the same thing. This requires both alignment across the ecosystem and balance within the organization.
The Balance Between Data Governance and Data Stewardship
Balance in the organization is required in a couple of ways. First, there needs to be a balance between policy creation and policy enforcement. For instance, we don’t want to create policies that are impossible to monitor and control. Data governance is about the setting of policies (strategic) and data stewardship is about the monitoring and control of these policies (operational). The last thing we need is to have unrealistic information policies doom a data governance or data quality initiative before you’ve even started!
Second, balance is required between the Data Governance Organization (“DGO”) and Information Management Professionals. The DGO is staffed by representatives of the business: their job is to protect the integrity of key data elements defined in the enterprise data model. This needs business data stewards to monitor out-of-standard data and be aware of data quality remediation workflow SLAs owned by “data custodians – individuals who are generally not part of the DGO. A segregation of duties is necessary to balance these two functions to minimize potential conflicts of interest.
- Business Data Steward – Is responsible for data quality assurance as it applies to the business scope in accordance with data flows within its business process scope.
- Data Custodian – May create, read, modify and delete data as per guidelines of data quality management set by the data governance organisation, and acts on the data quality and corrects erroneous data as a result of the monitoring process.
Data Strategy Ownership
Ultimately the responsibility for the communication among data custodians and data stewards should be delegated by the Chief Data Officer (or other likeminded business executives) via a data strategy. The data strategy should be elevated to the same level of strategic importance as the IT strategy. At the same time, there needs to be hyper-awareness on change management.
Many companies are reluctant to change the CIO charter and introduce a CDO role. Oftentimes this is attributed to constant organizational flux and the resulting change fatigue. This is especially true for required conversations and decisions related to the centralization and/or federation of data governance authority and responsibility.
We need ensure that everyone is aware that organisational change related to data governance and data stewardship isn’t change for the sake of change. Conversations need to take place on the subjects of organisational readiness and information governance maturity. This helps to ensure that transformational changes related to data strategy makes sense to all stakeholders.
Data Standards Ownership
So if the CDO owns the overall data strategy, who owns the upkeep of the data standards? The answer is simple. It’s everyone’s responsibility! Considering, however, that business is ultimately responsible for ownership and execution of business processes, they need to own data standard definition as well. Business process owners also need to own – be responsible for – the design of workflow processes related to the data that is consumed by their core business processes.
There are business policies and rules associated with core business processes. We need to ensure that corresponding data policies, standards and rules are mapped and aligned in order to manage information rules in this world of Data Governance 2.0.