Information Governance Practice IBM Information Governance Michel Bouma Information Governance Practice Leader Europe
Data Stewardship at Social Services Agency Questions from Legislature How many children under 15 also have children utilizing our services? How many people over 100 years of age receive benefits? How many indigenous people receive income support payments? Data Profiling by Business Intelligence department Several one-year old children also had children Number of people over 100 years of age exceeded the number of people from the national census The percentage of indigenous people receiving income support payments was significantly lower than the average population Outcomes Focus on Date of Birth and Race as critical data elements People creating the mess (front office) were not the people consuming the mess (Business Intelligence)
Information Governance is... Information Governance is a holistic approach to managing and leveraging information for business benefits and encompasses information quality, information protection and information life cycle management. ~ IBM SWG Data The orchestration of people, process, and technology to enable an organization to leverage data as an enterprise asset. ~ IBM GBS People Decision Rights Accountability The specification of decision rights and an accountability framework to encourage desirable behavior in the valuation, creation, storage, use, archival, and deletion of information. It includes the processes, roles, standards, and metrics that ensure the effective and efficient use of information in enabling an organization to achieve its goals. ~ Gartner Inc. Process Policies Standards Roles Metrics Essentially the practices and technologies involved with proactively managing what information is retained, where it is stored and for how long, who has access to it, and how it is protected. ~ The 451 Group Technology Trusted Security Lifecycle Management Integration Single view The set of multi-disciplinary structures, policies, procedures, processes and controls implemented to manage information on all media in such a way that it supports the organizations immediate and future regulatory, legal, risk, environmental and operational requirements. ~ Wikipedia We worry and we are mobilizing against the pollution that we generate in our everyday life, and it s called sustainable development. We are just beginning to worry about pollution of information generated daily, our response is called the Information Governance 3org Conseil Increase Revenue Reduce Cost Complaint
Key Challenge is Unlocking the Value of Information Where is my information? Can I trust it? What is the right version? Are all sources protected? 52% of users don t have confidence 59% of managers miss information 42% of managers use wrong information in their information1 they should have used2 at least once a week2 1AIIM 4 2Accenture 2008 Survey 2007 Managers Survey
Imagine putting your organization s information to work to achieve your desired outcomes Enhance Customer Understanding Customer Churn Marketing Spend Sales Productivity Foster Collaborative Decisions Customer Service Channel Management Loan Origination Optimize Real-Time Decisions Trading Advantage Fraud Protection Health Monitoring Enable Enterprise Visibility Risk Management Demand Visibility Strategy Alignment Doing so requires a focus on information governance
Proactively Unlock Value while Managing Risk 1 Do you fully understand your information landscape? 2 Do your users trust your information? 3 Do you have a strategy to contain cost as data volumes grow? 4 Do you have a 360º view of protecting information? 5 How prepared are you to address legal and regulatory obligations?
IBM - Pioneering Information Governance The IBM Information Governance Community: Created in 2005, pioneered thought leadership around governance and continuous process improvement. 1250 Community Members: This community enables an international dialog on key Information Governance topics including Data and Information Governance on Maturity Models, Assessments, and Best Practices. Community s Key Objective: Work with international companies together to identify the top governance challenges facing organizations http://www.infogovcommunity.com/
Good governance requires process and accountability IBM Information Governance Unified Process 1) Define Business Problem 5) Establish Organizational Blueprint 10) Govern Data Quality 2) Obtain Executive Sponsorship 6) Build Business Glossary 11) Govern Master Data 3) Conduct Maturity Assessment 7) Understand Data 12) Govern Lifecycle of Information 4) Build Roadmap 8) Create Metadata Repository 13) Govern Security & Privacy 9) Define Metrics 14) Govern Analytics 15) Measure Results
The Data Governance framework identifies 11 disciplines that are essential to any Enterprise Data Governance program Outcomes, the reason we do Governance. The expected benefit to the business. Enablers, the organizational pre-requisites enabling successful governance. Outcomes Data Risk Management and Compliance Value Creation Enablers Organizational Awareness Stewardship Policy Core Disciplines Data Quality Management Information Life Cycle Management Security, Privacy & Compliance Supporting Disciplines Data Architecture Classification & Metadata Core Disciplines, the primary areas in which governance is focused Audit & Reporting Supporting Disciplines, techniques and technologies common to core diciplines.
The maturity model allows any firm to benchmark their current practices against required maturity and identify the steps (roadmap) to converge Initial Elements of practice in the category may be present but are localized in individual departments and are for the most part performed on an ad hoc basis. Value Creation Managed Elements of practice are for the most part defined at an enterprise level but implementation is not complete. Data Risk Management (DRM) and Compliance Organizational Structures and Awareness Defined Elements in practice are defined and implemented at an enterprise level but no formal processes are established to ensure continuous improvement. Stewardship Policy Data Quality Management (DQM) Quantitatively Managed Elements of practice are defined and implemented across the enterprise and repeatable processes and metrics are used to monitor and track progress to ensure continuous improvement. Information Lifecycle Management (ILM) Information Security and Privacy Data Architecture Classification and Metadata (C&M) Audit Information Logging and Reporting Initial Repeatable Defined Managed Optimized Optimize Elements of practice are implemented, monitored and used proactively across the enterprise to reduce risk, continuously improve data governance practices and to gain a competitive advantage in the market place.
IBM Information Governance workshop from strategy to roadmap in 3 days Establish a complete governance strategy Identify capability gaps, create a roadmap Implement governance across the enterprise Outcomes Data Risk Management & Compliance Value Creation Enablers Organizational Structures & Awareness Policy Stewardship Core Disciplines Data Quality Management Information Life-Cycle Management Information Security and Privacy Maturity Assessment 12) Manage Security & Privacy 13) Manage Lifecycle of Information Value Creation Data Risk Management (DRM) and Compliance Organizational Structures and Awareness Supporting Disciplines Stewardship Policy Data Architecture Classification & Metadata Audit Information Logging & Reporting Data Quality Management (DQM) Information Lifecycle Management (ILM) Information Security and Privacy Data Architecture Classification and Metadata (C&M) Audit Information Logging and Reporting The Data Governance framework identifies 11 disciplines that are essential to any Enterprise Information Governance program IBM Capability Maturity Model supports business transformation by providing IBM Capability a framework for Information Governance Maturity IBM Information Governance Unified Process describes how an IBM Capability organization should develop a Information Governance Capability
Governance provides both cost reduction and cash-positive revenue value Increase revenue Revenue & profit growth Increased profitability Value Creation Reduce operational cost Cost savings Reduce IT cost 13 1. Increase cross sell and up sell by providing call center resourcdes and agents with better customer and product insight 2. Improve customer service by awareness/utilisation of full product holdings, household relationships, and contact history at each customer interaction 3. Improve sales performance with better customer information and targeting 4. Improve relationships or manage non-profitable customers out of the business 5. Optimise central contact centre to increase once and done processing and flex activity to demand 6. Reduce volume of customer payments manually processed 7. Reduced effort to assemble and manipulate data for BI 8. Improve marketing effectiveness less wasted campaigns 9. Provide end to end online self service with reduced development and ongoing m/frame cost 10. Reduce application development and maintenance with services led approach
Contact details - Information Governance around Catalogs and Telemarketing A. Total number of customers in the marketing list 950,000 B. Number of individual party matches 40,000 C. Additional duplicate individuals who are double-counted as part of a household 50,000 D. Total number of duplicate matches 90,000 E. Number of annual marketing mailings per customer F. Cost per mailing G. Total avoidable cost of duplicate mailings (DxExF) H. Outbound telemarketing calls per customer per year I. Cost per outbound telemarketing call J. Total avoidable cost of outbound telemarketing calls (DxHxI) K. Total avoidable cost of duplicate matches (G+J) 2 $3.25 $585,000 4 $1.50 $540,000 $1,125,000 L. Cost to implement data quality tools $500,000 M. Annual Cost of full-time customer data steward $200,000 N. Total cost of data quality solution (L+M) $700,000 O. Payback period 7.5 months
Retail Banking Information Governance around Date of Birth A. Number of customers in the retail bank B. Estimated percentage of customer records with inaccurate dates of birth C. Estimate number of retail banking customers with inaccurate dates of birth (AxB) 5% 500,000 D. Annual percentage of customers who call the bank with a request to buy another product 10% E. Average dropout rate associated with customers who have to visit a branch to correct inaccurate dates of birth before the bank can sell them an additional product 50% F. Estimated number of annual cross-sell opportunities that are lost because of dropouts from inaccurate dates of birth (CxDxE) G. Average value of product that is cross-sold to existing customers H. Average operating margin on products that are cross-sold to existing customers I. Potential increase in annual operating margin by improving the quality of dates of birth for existing retail banking customers (FxGxH) 15 10,000,000 25,000 $20,000 0.5% $2,500,000
Corporate Banking Information Governance around Industry Classifications A. Number of corporate customers 16 10,000 B. Estimated percentage of inaccurate industry classification codes 6% C. Estimated percentage of inaccurate industry classification codes after validation with external sources 2% D. Anticipated reduction in Basel II regulatory capital for corporate customers due to improved confidence in the industry classification codes (e.g., credit risk can definitively say that automotive and telecommunications make up 20% and 10% of the overall exposure) 1%
Finance and Procurement Information Governance over Vendor Payment Terms A. Number of large vendors with multiple contracts containing inconsistent payment terms (e.g., Net 30 and Net 60) 20 B. Average number of contracts with each vendor 10 C. Percentage of contracts with each vendor that contain terms that are less favorable than another contract with the same vendor D. Total number of vendor contracts that present an opportunity to negotiate more favorable terms (AxBxC) E. Increase in float from vendor payables by negotiating more favorable payment terms based on improved visibility to all the contracts with the same vendor (e.g., Net 30 to Net 60) F. Average vendor payables float per contract G. Additional vendor payables float generated by negotiating more favorable payment terms (DxExF) H. Cost of capital I. Savings in cost of capital by increasing vendor payables float (GxH) 17 20% 40 100% $100,000 $4,000,000 3% $120,000
Manufacturing Information Governance around Ship-to Address at a Medical Device Manufacturer A. Number of ship-to addresses in the customer master database B. Estimated percentage of inaccurate customer ship-to addresses C. Estimated number of inaccurate ship-to customer addresses (AxB) D. Average delay in weeks where the product is not installed at the customer site due to inaccurate ship-to addresses D. Average sales of aftermarket consumables per customer per week E. Total potential increase in aftermarket consumables based on improved ship-to customer addresses 18 100,000 5% 5,000 2 $100 $1,000,000
Supply Chain Information Governance over Materials Weight A. Annual spend on transportation costs B. Estimated efficiencies based on an increase in weight of materials per truck C. Estimated annual savings in transportation costs based on improved governance over the weight of materials (AxB) 19 $100,000,000 3% $3,000,000
Information Security Hard Dollar Business Benefits from a Database Monitoring Solution A. Number of DBA and analyst FTEs involved in manual database monitoring B. Annualized cost per FTE C. Annual personnel cost for manual database monitoring (AxB) D. Percentage reduction in personnel cost associated with database monitoring solution E. Annual personnel cost savings associated with database monitoring solution (CxD) $80,000 $560,000 40% $224,000 F. Reduction in CPU costs because database logging is offloaded to the database monitoring appliance $50,000 G. Reduction in storage costs because of the reduction in database logging $40,000 H. Total hard-dollar savings in year one from the database monitoring solution (E+F+G) 20 7 $314,000
Information Governance around Application Retirement A. Number of applications to be retired B. Number of technical staff assigned to maintaining each application including developers, DBAs, and managers C. Annual cost per employee D. Total employee cost for applications to be retired (AxBxC) E. Annual cost of hardware and storage per application F. Total hardware and storage costs for applications to be retired (AxE) G. Total annual cost savings from application retirement (D+F) 21 10 5 $60,000 $3,000,000 $50,000 $500,000 $3,500,000
Telecommunications Information Governance around Network Data A. Annual spend on network equipment B. Estimated percentage of network inventory and topology that is incorrectly reflected in the master data management system being used for capacity planning purposes 30% C. Percentage of annual network equipment budget to build capacity that is actually not required due to incorrect master data 10% D. Potential annual spend on network equipment that may be freed up for more productive uses (AxC) 22 $100,000,000 $10,000,000
Legal and Compliance Reduced ediscovery Costs from Defensible Disposal of Information A. Total hours for review of ediscovery documents by outside counsel at a mid-size company B. Cost per hour for outside counsel C. Annual cost to review ediscovery documents by outside counsel (AxB) 23 100,000 $150 $15,000,000 D. Percentage reduction in ediscovery documents produced because the information lifecycle governance program disposed of information in a legally defensible manner 20% E. Annual savings associated with review of ediscovery documents by outside counsel (CxD) $3,000,000
Operations Business Benefits from MRO Parts Standardization A. Annual MRO spend across 10 commodity groups B. Average MRO inventory C. Inventory carrying cost D. Annual carrying cost of MRO inventory (BxC) E. Reduction in MRO inventory due to elimination of duplicate part numbers F. Savings in carrying cost of MRO inventory (DxE) 24 $100,000,000 $10,000,000 18% $1,800,000 30% $540,000
RACI Matrix Responsible Those who do the work to achieve the task Accountable 25 25 Approver The one ultimately answerable for the correct and thorough completion of the deliverable or task, and the one from whom Responsible is delegated the work Consulted Those whose opinions are sought, typically subject matter experts and with whom there is two-way communication. Informed Those who are kept up-to-date on progress, often only on completion of the task or deliverable; and with whom there is just one-way communication.
Example Customer Information Governance RACI Matrix Category Attribute Responsible Accountable Name Operations Type (person, org.) Operations National ID Operations1 Date of Birth Operations2 Marketing, Products, Compliance Operations Marketing, Internet Duplicates Identity Customer Unique ID Demographics Gender Income, net worth, etc. for segmentation Student Flag 1. 2. 3. 4. 26 26 Compliance3, Marketing, Internet Marketing Finance Marketing Products Credit Risk, Marketing Customer Service Marketing Power of Attorney Credit Risk, Legal Email address Marketing Preferred mode of contact Marketing, Customer Service Phone number Marketing, Customer Service, Debt Collections Mailing address Marketing, Customer Service, Debt Collections Do not contact 4 Party relationships Relationship Owner (only for high value customers) Contacts Compliance3 Informed Marketing Clustering Relationships Consulted Operations needs to validate the National ID. Operations needs to validate the Date of Birth with customer s record Compliance needs to validate customer identity to comply with Know Your Customer (KYC) regulations. Customer () has a function that is dedicated to customer privacy.
Sample Information Governance Scorecard Information Governance Metrics Goal Mar Feb Jan Dec Nov Oct 2011 2011 2011 2010 2010 2010 (Baseline) 27 1. Percentage of customer duplicates within Unica 5% 9% 10% 11% 12% 13% 14% 2. Percentage of customer duplicates within Oracle 3% 4% 5% 7% 7% 8% 14% 3. Percentage of public domain email addresses in Unica 12% 12% 14% 15% 18% 21% 23% 4. Percentage of non-validated email addresses in Unica 8% 10% 10% 11% 11% 12% 15% 5. Percentage of null bill-to email addresses within Oracle 2% 6% 8% 12% 15% 18% 22%
IBM s Information Governance Dashboard Offering 28