Read an Excerpt

Selling Information Governance to the Business

Best Practices by Industry and Job Function

MC Press

Introduction to Information Governance

This chapter includes contributions by Andrew Foo (IBM), Patrick Keaton (IBM), Kate Muir (IBM), and Helena Soares.

Practitioners of information governance lament that they want to implement information governance but they lack the appropriate organizational buy-in. Poor information governance is not new. In fact, organizations have been struggling with it for hundreds of years. Let's consider, in Case Study 1.1, how Christopher Columbus struggled with information governance in his quest to gain funding for an expedition to reach the East Indies by sailing westward.

Case Study 1.1: Christopher Columbus' funding request for an expedition to reach the East Indies by sailing westward

Christopher Columbus was an explorer, colonizer, and navigator. Under the auspices of the Catholic monarchs of Spain, he completed four voyages across the Atlantic Ocean that led to general European awareness of the American continents in the Western Hemisphere. Rather than reaching the East Indies, Columbus arrived at a continent that was previously unknown to Europeans. Columbus created a metadata problem when he referred to the inhabitants of these lands as "Indians" because he was expecting to meet people from India.

Washington Irving's 1828 biography of Columbus created another information governance challenge. The biography popularized the idea that Columbus had difficulty obtaining support for his plan because Christian theologians insisted that the Earth was flat. In fact, most educated westerners had understood that the Earth was spherical at least since Aristotle, in the 4th century B.C.

Columbus based his ideas on three factors:

1. A low estimate of the size of the Earth

2. A high estimate of the relative size of the Eurasian landmass

3. A belief that Japan and other inhabited islands lay far off the east coast of China

In all three of these, Columbus was wrong. As far back as the 3rd century B.C., Eratosthenes had correctly computed the circumference of the Earth by using simple geometry and studying the shadows cast by objects at two different locations. These measurements were widely known among scholars, but confusion about the old-fashioned units of distance had led, in Columbus' day, to some debate about the exact size of the Earth.

Columbus knew that a degree of latitude spanned 56.66 miles, but he did not realize that this was expressed in the Arabic mile (1,830 meters), rather than the shorter Roman mile (1,480 meters) with which he was familiar. By relying on incorrect metadata, Columbus incorrectly estimated the circumference of the Earth to be about 30,200 kilometers, whereas the correct value is 40,000 kilometers.

In 1485, Columbus presented his plans to John II, the king of Portugal. The king submitted Columbus' proposal to his experts, who rejected it. In their opinion, Columbus' estimated travel distance of 3,860 kilometers was far too short. This situation is no different from when an executive committee declines a business case because of inconsistency in the underlying definitions of terms.

Fortunately for Columbus, the Spanish monarchs were desperate for a competitive edge over other European countries in the quest for trade with the Indies. Columbus promised such an advantage, and they agreed to fund his expedition. The rest is history.

Information governance is the formulation of policy to optimize, secure, and leverage information as an enterprise asset by aligning the objectives of multiple functions.

By decomposing the above definition, we lay out the essential prerequisites of information governance:

• Formulate policy — Policy includes the written or unwritten declarations of how persons should behave in a given situation. For example, information governance might institute a "search before create" policy, requiring that customer service agents avoid duplicates by searching for an existing customer record before creating a new one.

• Optimize information — Let's consider how organizations might apply the principles of the physical world to their information. Companies have well-defined enterprise asset management programs to care for their machinery, aircraft, vehicles, and other physical assets. Over the past decade, companies have seen an explosion in the volume of information. For example, the volume of information in the financial services industry has grown by almost 70 percent per year. With this degree of data explosion, it is nearly impossible for companies to know where all their information is located. Similar to cataloging physical assets, organizations need to build inventories of their existing information. This process of data discovery is covered later in the book. In addition, all companies have preventive maintenance programs for their physical assets. Similarly, companies need to institute routine preventive maintenance around the information about their customers, vendors, products, and assets. This process of data quality management is also covered later in the book.

• Secure information — Organizations need to secure business-critical data within their enterprise applications from unauthorized access, since this can affect the integrity of their financial reporting, as well as the quality and reliability of daily business decisions. They must also protect sensitive customer information such as credit card numbers, as well as intellectual property such as customer lists, product designs, and proprietary algorithms from both internal and external threats.

• Leverage information — Organizations need to get the maximum value out of their information to support broader initiatives that grow revenues, reduce costs, and manage risk.

• Treat information as an enterprise asset — Traditional accounting rules do not allow companies to treat information as a financial asset on their balance sheets unless it is purchased from external sources. Despite this conservative accounting treatment, organizations now recognize that they should treat information as an asset. There is a reason that the term "information" is included before "governance." Information governance is about demonstrating how the actual information has been optimized, secured, and leveraged. In other words, if organizational policies do not actually affect the information in the organization's databases and repositories, then information governance has failed.

• Align the objectives of multiple functions — Because multiple functions leverage the same information, their objectives need to be reconciled as part of an information governance program. For example, ownership of customer data is typically a challenge when different departments use that information for different purposes.

Notwithstanding the above, the marketplace has yet to agree on a consistent definition for information governance. In fact, practitioners variously define it to include one or more of master data management, data stewardship, data quality management, metadata management, business glossaries, information lifecycle management, and security and privacy. Given all of this, it is important to note the distinction between information management (managing information repositories) and information governance (setting information policy). It is possible to have information management without information governance. Indeed, organizations often struggle with the lack of business ownership of information. However, it is impossible to have information governance without information management. As mentioned earlier, information governance must ultimately affect the information that resides in the organization's databases and repositories.

Information management is the collection and management of information from one or more sources and the distribution of that information to one or more audiences.

Information management includes the following disciplines:

• Data architecture — The architectural design of structured and unstructured information systems to ensure that IT systems and applications work together effectively.

• Data modeling — The process of defining the data requirements to support the needs of a business process.

• Data integration — The process of combining data from one or more sources, transforming that data, and loading it into a target database, which is often a data warehouse. This category includes Extract, Transform, and Load (ETL) capabilities.

• Master data management — The process of establishing a single version of the truth for an organization's critical data entities, such as its customers, products, materials, vendors, and chart of accounts.

• Reference data management — The process of placing static data (such as country codes and industry classification codes) into lookup tables for reference by applications across the enterprise.

• Information lifecycle management — The process and methodology of managing information throughout its lifecycle, from creation to disposal, including compliance with legal, regulatory, and privacy requirements. This discipline includes content management and records management.

Case Study 1.2 compares and contrasts the role of information governance with that of information management at a social services agency.

Case Study 1.2: Information governance versus information management at a social services agency

The business intelligence team at a social services agency struggled to answer questions such as these from its legislature:

• "How many children under 15 also have children who are utilizing our services?"

• "How many people over 100 years of age receive benefits?"

• "How many indigenous people receive income support payments?"

The business intelligence team was embarrassed when the numbers it sent to the head of the agency did not match the numbers that he received from a different branch. When the data was profiled, the business intelligence team noticed a number of anomalies:

• Several one-year-old children also had children.

• The number of people over 100 years of age exceeded the number from the previous national census.

• The percentage of indigenous people receiving income support payments was significantly lower than their share of the overall population based on the previous national census.

Upon further investigation, the business intelligence team noticed certain issues with two critical data elements:

• Date of birth — The front-office employees paid minimal attention to this field when inputting data. Because the date of birth did not affect the ability of people to receive payments, personnel often created dummy entries for it.

• Race — The front-office personnel were embarrassed to question people about their race. Because race was not a required field, they once again created dummy entries for it.

The business intelligence team experienced one of the core challenges with information governance. The people inputting poor-quality data for date of birth and race (the front-office personnel) were not the people who had to live with the consequences (the business intelligence team). Based on the results of the analysis, the business intelligence team obtained sponsorship from the agency head to improve training and education for the front-office personnel. As a result, the quality of data improved significantly.

Here are the aspects of information governance that apply to Case Study 1.2:

• Formulate policy — The social services agency established policies to improve training and education for front-office personnel so that they would understand the importance of collecting valid information for date of birth and race.

• Optimize information — The business intelligence team improved the quality of key data attributes.

• Secure information — Although not explicitly stated in this example, the social services agency had to establish policy around who had access to what information, especially for sensitive data such as name and national identifier.

• Leverage information — The information was being used to generate reports for the legislature.

• Treat information as an enterprise asset — Improving the quality of information was important to the credibility of the entire social services agency. The business intelligence and front office teams had to set their differences aside to improve the quality of information for the common good. At the end of the day, the business intelligence team was able to demonstrably improve the quality of information regarding date of birth and race.

• Align the objectives of multiple functions — Information governance aligned the differing objectives of the business intelligence and front office teams. Business intelligence needed high-quality information, while the front office wanted to process cases in the shortest possible time.

Here are the aspects of information management that apply to this example:

• Data warehousing — The business intelligence team ran the data warehouse that was the source of information for the reports sent to the legislature.

• Data profiling — The business intelligence team used data profiling tools to baseline and monitor the quality of data for key attributes.

We also need to address the meaning of the term "data governance." The marketplace uses the terms "data governance" and "information governance" interchangeably. This book, however, uses the term "information governance" because "data governance" is quite limiting in the following areas:

• Types of content — Information governance deals with structured and unstructured content, while data governance can be construed to deal only with structured content. Structured content refers to data that resides in fixed fields in a file, such as in a relational database. Unstructured content includes such things as emails, paper documents, electronic documents, video, and social media.

• Business insight — The term "information" is about the insight that is generated from "data."

Organizations are starting to appoint full-time or part-time owners of information governance. A search on "information governance" or "data governance" on a social networking tool like LinkedIn will produce thousands of hits for individuals with information governance or data governance in their titles. These individuals are not always 100 percent devoted to information governance. However, there is an increasing trend for companies to employ full-time information governance leaders. Much like in the early days of customer relationship management, there appears to be a marketplace and a practitioner community that is coalescing around information governance.

All of this brings us back to the beginning of this chapter. Practitioners say that they want to implement information governance, but they lack the appropriate organizational buy-in. The symptoms of this lack of organizational buy-in present themselves in the views of key personnel:

• Information governance leader: "Nobody in the business gets it. The senior leaders attended the first meeting, and then sent delegates to subsequent meetings. These delegates were not senior enough to make decisions on behalf of their respective organizations."

• IT leader: "Data architecture is leading the information governance program because we cannot find a sponsor within the business."

• Vice president of sales: "Do I have to fire one of my operations staff to hire a customer data steward?"

• Vice president of operations: "IT needs to own the data, and clean it up."

• Business intelligence manager: "The information governance team has been meeting for a year, but they cut my budget and reassigned my staff."

Before you can implement an information governance program, you need to get the appropriate buy-in from the business stakeholders. These stakeholders do not care about charters, metadata, stewardship, and data quality. They care about running their business on a day-to-day basis. They care about growing revenues, cutting costs, and managing risks. If information governance can help them achieve these objectives, great. If not, good luck implementing an information governance program. If you believe your organization faces some of these challenges, read on. This book lays out the "hot buttons" for information governance by industry and job function. As you read the book, remember that you will also learn from information governance case studies outside your own industry and job function.

---

Excerpted from Selling Information Governance to the Business by Sunil Soares. Copyright © 2011 IBM. Excerpted by permission of MC Press.
All rights reserved. No part of this excerpt may be reproduced or reprinted without permission in writing from the publisher.
Excerpts are provided by Dial-A-Book Inc. solely for the personal use of visitors to this web site.

---