Practical perspectives in advancing data governance to create improved data quality frameworks

Transcription

1 Practical perspectives in advancing data governance to create improved data quality frameworks Presented by: Micheal Axelsen Director Applied Insight Pty Ltd

2 INTRODUCTION

3 About this presentation Purpose The purpose of this workshop is to provide participants with the strategic data governance tools to implement good data quality practices in their business Objectives To provide practical approaches adaptable to any business to implement good data governance practices To provide tools to ensure ownership by end users and hints and tips for ensuring top level executive support for the project Tools to allow participants to develop their own practical roadmap using the discussion of practical case studies to demonstrate and highlight the issues businesses may encounter in aligning their data governance practices with their need for good quality data

4 About the speaker Services Micheal Axelsen provides consulting services in the business governance of information technology, and the development and implementation of information technology business strategy Position and qualifications Director of Applied Insight Pty Ltd Chair of CPA Australia Information Technology & Management Centre of Excellence Qualifications Bachelor of Commerce (Hons) Masters of Information Systems Fellow of CPA Australia

5 An honest approach to Data Quality I keep six honest serving-men They taught me all I knew; Their names are What and Why and When And How and Where and Who. 1 Rudyard Kipling, (follows "The Elephant's Child") Let s at least try to keep this simple

6 Agenda Agenda Introduction Data Governance and Data Quality: Who and Why? Data Governance: What, When and Where? How to deliver data quality Developing your data governance roadmap Applying IT Right Summary and conclusion Appendix Change management tactics

7 Administration and expectations Administrative matters Facilities & exits Breaks Expectations Audience demographics What are your expectations from this session?

8 DATA GOVERNANCE: WHO AND WHY?

9 Who needs to adopt this approach to data governance? COBIT (Control Objectives for IT) from ITGI is the underlying approach used in this presentation Applying IT Right takes the core components of COBIT and focuses on a goal-setting approach for a business that: Has a demonstrated need for data quality Wishes to improve data quality through data governance BUT Does not have endless resources and teams to apply to the issue Data governance will be less relevant for small businesses (that might have less of a need for data quality). A more structured & traditional approach (full project teams etc) might be better than Applying IT Right for a very large business that has the ability to provide dedicated resources and project teams

10 Who cares? The audience for COBIT COBIT is organised into three levels for three audiences: Executives & boards Business and technology management Governance, assurance, control & security professionals This workshop provides tools to answer these questions with respect to data quality

11 Corporate governance and data

12 Why are data governance and data quality important? Compliance frameworks Control Objectives for IT (COBIT) Sarbanes-Oxley ASX Principles (risk, value) National Privacy Principles AS A-IFRS (Australian International Financial Reporting System) Good IT governance is good for bottom line MIT research shows that companies with better than average IT governance earn at least a 20 percent higher return on assets than organizations with weaker governance (Weill/Ross 2004)

13 The increasing importance of data quality and data governance Growth in reliance on information technology Increasing dependence on IT in business organisations IT is an increasing percentage of expenditure IT as a business enabler Increase in standards of governance Corporate collapses Sarbanes Oxley Act 2002 AS 8015 Corporate Governance of ICT ASX Principles 2 & 7: Risk and Value Privacy Principles & Spam ISO IEC 38500:2008 IT Governance Standard

14 Workshop exercise Why are we all here? Interactive facilitation: are there specific reasons we are here today? Why do you want to increase data quality? Is it to comply with regulation, or to build a better business?

15 CONCLUSION DATA GOVERNANCE: WHAT WHERE & WHEN

16 What is data governance and data quality? Definitions Data Quality measures the data s fitness for the intended use in operations, decision making & planning Governance is a set of accountabilities, processes, and auditable and measurable controls that ensure the business is on track to achieve its objectives Data Governance is a set of accountabilities, processes, and auditable and measurable controls to ensure the business is on track to achieve its data quality objectives Data Quality Frameworks provide structure to data quality activities and allow assessment of data quality

17 Alternative governance frameworks Source: Gartner

18 IT Governance Global Status Report ITGI IT Governance Global Status Report 2008

19 The relationship between data governance and data quality Data governance is a process, and data quality is the output of that process Here, we are measuring data quality in terms of Effectiveness Efficiency Confidentiality Integrity Availability Compliance Reliability

20 Only put in what you get out

21 Data quality policy framework

22 COBIT Framework Control Objectives for Information Technology is published by the IT Governance Institute ( and is closely associated with the Information Systems Audit and Control Association Based on world-wide standards: Technical standards from ISO, EDIFACT. Professional standards ISACA, AICPA, IIA. Can be mapped to other frameworks (e.g. PRINCE 2, COSO) COBIT provides a controls perspective that allows us to implement governance over information and achieve data quality COBIT is used as a basis for this workshop 22

23 Where and when does data governance fit into the business plans?

24 Workshop exercise Data quality activities Over the past several days you have heard many options for maintaining data quality let s document some of those. How confident are you that you can implement these ideas back in the workplace?

25 HOW TO DELIVER DATA QUALITY

26 Data quality Achieving a matched level of data quality for business needs is our aim high quality data that we don t use does not seem to be very smart Data quality only exists where our governance processes are set in place to ensure results Appropriate data quality is a result of appropriate governance processes

27 Interrelationships of COBIT components Goals P Metrics Practices Maturity Models P P P See COBIT 4.1 Figure 4 p8

28 Gap analysis Maturity Models Nonexistent Initial/Ad Hoc Repeatable Defined Managed Optimised Legend for Symbols Used Enterprise current status International standard guidelines Industry best practice Enterprise strategy Legend for Rankings Used 0 - Management processes are not applied at all. 1 - Processes are ad hoc and disorganised. 2 - Processes follow a regular pattern. 3 - Processes are documented and communicated. 4 - Processes are monitored and measured. 5 - Best practices are followed and automated. 28

29 Advancing maturity Using maturity models for Continuous Improvement As-is and To-be maturity levels are determined. Scorecard can be based on 4 domains using total or average scores. Gap analysis is performed to determine required actions to move to To-be level. Progress towards To-be levels monitored over time.

30 Introducing Applying IT Right COBIT is great, but a little large and unwieldy at first brush Fortunately there s no need to apply all of it, immediately At its core, primarily focussed on identifying the business goals, implementing controls, increasing the maturity of practices over time, and providing performance indicators to measure performance Unless you have large resources available, a grow-andmature staged approach is best, and focussing on the data quality of your critical information Applying IT Right is a practical approach to increase governance over information (& thus data quality)

31 Applying IT Right

32 DEVELOPING YOUR DATA GOVERNANCE ROADMAP

33 Do what the business needs

34 Improving data quality Creating active strategies It is naive to think that data quality can be improved in a Great Leap Forward on all fronts and all at once To be sustainable, data quality must meet the cost/benefit test, and be important to the business A data governance strategy grows organisational capability by implementing a data quality floor for all data and focussing the most resources upon the most critical data This creates less business risk, higher quality, and lower costs than a big bang approach

35 Practical strategies Owned by the business, not IT Set core standards for all data, and focus resources on the development of data governance approaches for absolutely critical data first. Do not develop over-engineered solutions for the entire organisation s data at first. Slow-burn strategies that deliver beat fast-burning failures every time Build the strategic rhythm of monthly & quarterly reviews Set quarterly deliverables in the program of works for ease of monitoring An active strategy is a practical strategy

36 What a data governance strategy looks like

37 A methodology for developing a data governance roadmap

38 APPLYING IT RIGHT

39 Assess: case study exercise Applications Information Infrastructure People 4 Document Challenges 5

40 Plan: case study exercise

41 Plan: case study exercise 10 Data Governance Strategy 11

42 Do & Advance: case study discussion Responsible Accountable Consulted Informed 12 Weekly Monthly Quarterly Reboot 13 14

43 CONCLUSION

44 Revisit purpose & objective Purpose The purpose of this workshop is to provide participants with the strategic data governance tools to implement good data quality practices in their business. Objectives To provide practical approaches adaptable to any business to implement good data governance practices To provide tools to ensure ownership by end users and hints and tips for ensuring top level executive support for the project. Tools allow participants to develop their own practical roadmap using the discussion of practical case studies to demonstrate and highlight the issues businesses may encounter in aligning their data governance practices with their need for good quality data. Review expectations wall

45 Highlights: data quality policy framework

46 Highlight: do what the business needs

47 Highlight: data governance strategy

48 Highlight: Applying IT Right

49 Highlight: Applying IT Right Methodology

50 Conclusion meeting the challenges of IT Information Technology & Management Centre of Excellence Forthcoming: Social networking policies & procedures

51 CONTACT DETAILS Micheal Axelsen Director, Applied Insight Pty Ltd m: t: e: micheal.axelsen@appliedinsight.com.au web: Applied Insight Pty Ltd PO Box 603 Toowong DC 4066 AUSTRALIA

52 References Gillies, C, and Broadbent M. IT Governance: A Practical Guide for Company Directors and Business Executives. CPA Australia IT Governance Institute. COBIT 4.1. Rolling Meadows, Illinois Standards Australia. AS Corporate Governance of ICT. Standards Australia Weill, P., and Ross, J. W. IT Governance: How Top Performers Manage IT Decisions Right for Superior Results. Harvard Business School Press

53 References Websites

54 APPENDIX: CHANGE MANAGEMENT TACTICS

55 Rationale for change management

56 Change management Today s business environment Fast paced and dynamic No time to freeze a business Requires an organic and systemic response Requirements An understanding of the organisation A comprehensive consideration of the implications of the change. A particular concern for the implications of change for the individuals and groups in the organisation The need for a plan Systematic implementation of the change Whole-organisation change A problem-solving approach

57 Principles and tactics Five key principles Different people react differently to change Everyone has fundamental needs that have to be met Change often involves a loss, & people go through the "loss curve Expectations need to be managed realistically Fears have to be dealt with Tactics Preparing for change as a continuous activity for managers & staff Genuine involvement in the process Communication and participation across internal boundaries The removal of undue restrictions on input to strategies and tactics The sharing of information Prioritising personal development and new skills acquisition

58 Processes in change management

59 Preparing for change: Tactics Tactic Burning Platform Challenge Command Evidence Destabilising Education Management by Objectives (MBO) Rites of passage Setting goals Visioning Whole-system planning Notes Expose or create a crisis Inspire them to achieve remarkable things Just tell them to move! Cold, hard data is difficult to ignore Shaking people of their comfort Learn them to change Tell people what to do, but not how Hold a wake to help let go of the past Give them a formal objective Done well, visions work to create change Everyone planning together

60 Introducing change: Tactics Tactic Challenge Coaching Command Education Facilitation First steps Involvement Management by Objectives Open Space Re-education Shift-and-sync Spill and fill Stepwise change Whole-system Planning Notes Inspire them to achieve remarkable things Psychological support for executives. Tell them what to do. Teach them, one step at a time Use a facilitator to guide team meetings. Make it easy to get going Give them an important role. Tell people what to do, but not how People talking about what concerns them Train the people you have in new knowledge/skills Change a bit then pause restabilise Incremental movement to a new organisation Breaking things down into smaller packages. Everyone planning together

61 Making the change stick: Tactics Tactic Burning bridges Notes Ensure there is no way back Evidence stream Golden handcuffs Institutionalisation New challenge Reward alignment Rites of passage Socialising Show them time and again that the change is real Put rewards in their middle-term future Building change into the formal systems and structures Get them looking to the future Align rewards with desired behaviours Use formal rituals to confirm change Build it into the social fabric