Enterprise Information Management & Governance in Statoil

Size: px

Start display at page:

Download "Enterprise Information Management & Governance in Statoil"

Gavin Shields
7 years ago
Views:

1 Enterprise Information Management & Governance in Statoil Liv Stordahl Borud, Senior Analyst IT Solutions

2 Content About Statoil Enterprise Information Management Definition and framework Our approach Strategy Organization and roles Policy and process Monitoring and follow up Summary 2

3 About Statoil employees in 35 countries Operates 80% of all oil and gas production in Norway World leader in crude oil sales World s largest operator in waters deeper than 100 meters World leader carbon storage and CO 2 efficiency in oil and gas production 3

4 Enterprise Information Management Definition: A structured program for managing information as a strategic asset (DAMA 2011) In Statoil: Information Management shall be an integrated part of the businesses and processes across our company. To ensure coordination and benefits, a common approach to Information Management is established. 4

2011 Forrester s Data Management Reference Architecture

5 Enterprise Information Management Frameworks DAMA Framework (Data Management Association, 2009) February 2011 Forrester s Data Management Reference Architecture The Data Management Functional View 5 IBM s Information Governance model

6 IM Strategy Focus on business critical information with necessary quality Ensure that our valuables are not compromised or that the information is misused Appropriate access to information for collaboration 6

IM Organisation and roles Corporate IT: IM Strategy, policy, requirements and best practice Process owners: Supporting tools and IM requirements in their process Business

7 IM Organisation and roles Corporate IT: IM Strategy, policy, requirements and best practice Process owners: Supporting tools and IM requirements in their process Business areas: Ensure that requirements are implemented and monitored Service provider (GBS): Deliver and support CEO Processes: COA CFO Legal CSO CCOM DPN DPI DPNA MPR TPD EXP GSB

8 IM Professionals in Statoil Subsurface data management Document management in projects LCI network Master data management Collaborative information 8

9 Enterprise Information Model Enterprise architecture An enterprise architecture is a set of views that describe the enterprise 9

10 IM Policy and requirements

11 Purpose Simplify and clarify existing requirements Requirements relevant for information in all phases and process areas Strengthen risk based approach Increase value focus 11

12 IM Policy Our approach We manage information as a key corporate asset We are committed to Prioritizing management of business critical information Managing information according to risk exposure Sharing information to ensure efficient use and experience transfer Making information available for future needs Ensuring information quality How we work We understand requirements and responsibilities for managing information We use, store and archive information in accordance with legal requirements, operational, financial and historical needs We manage and share information according to security classification We ensure that information ownership is clearly defined We use verified sources and approved storage systems 12

13 IM Requirements Governing documentation for Information Management in all processes Relevant to end user Plan information handling Perform and complete information handling Relevant to information owner Maintain information Relevant to process owner and line manager Identify business critical information 13

14 Identification of business critical information Business critical information shall be identified to be able to: Prioritize information types Monitor the right information A supporting tool has been developed for identification of business critical information 14

15 Information criticality analysis How Information must be grouped into information types (at a high enough level) Follow the business process and identify information types used as input or created on sub-process level For each information type the degree of criticality must be set for six different categories/effects In addition information security classification and IT system where information resides should be assessed If necessary several iterations can be done, breaking down information types to a more detailed level 15

16 Effects considered in the analysis Support decision making and management control Information critical input to decision making and used as basis for performance, monitoring and control activities at different levels in the organisation Comply with legal, regulatory and contractual obligations Information critical to comply with legal, regulatory, contractual obligations and operating. Information critical to keep evidence of business transactions to ensure legislative preparedness Meet financial targets Information critical to manage transactions, contracts and customers and other assets, to prevent unforeseen costs, fraud, theft and lost interest Prohibit harm to staff, society or environment Information critical to prohibit harm to environment, society and staff, to ensure sustainability and company reputation Maintain operational efficiency Information critical for operational activities and to avoid loss of competitiveness e.g. delays in the introduction of new production capabilities, products or services Ensure essential learning and experience transfer Information critical to support essential learning and experience transfer and to drive innovation and new ideas 16

17 Example from Supply Chain Management Information type 1 Information type 2 Information type 3 17

18 18

19 How to apply analysis results examples Monitoring Give scope and directions for information monitoring and compliance activities Information systems projects Provide basis for how to prioritize need for system tailoring and configuration Retention and archiving Include retention requirements and used as basis for archiving of information types and retention policies Availability Include availability requirements to information types and provide basis for Service Level Agreements Information asset repository Output of analysis listed in a common repository providing overview of the companies most important information assets 19

20 Summary Management of information as a key strategic asset, - basis for the enterprise approach to Information Management Ensure that we prioritize and target our information management efforts where they are needed according to our business strategy and ambition Tool for identification of business critical information developed to operationalize and support the overall direction 20

21 Comments or questions? 21

22 Enterprise Information Management and Governance in Statoil Liv Stordahl Borud Senior Analyst IT Solutions 22

The oil fields in the NCS are located in the North Sea, Norwegian Sea, and Barents Sea.

The oil fields in the NCS are located in the North Sea, Norwegian Sea, and Barents Sea. A.2 Norway Volumes of Associated Gas Flared on Norwegian Continental Shelf Norway is a major oil producer, and its oil fields are located offshore in the Norwegian Continental Shelf (NCS). 81 In 2002,