Over the past 12 months, new processes have been developed to comply with stepped-up regulatory demands. An important part of that response has been data-governance programs, which put processes in place to ensure the consistent definition, quality, security, usage and management of data. Fifty-nine percent of 220 companies responding to a recent Ventana Research survey say they have deployed a data-governance program.
Establishing proper data-governance practices isn't easy. Responsibility for data is not just IT's job; business units must define and manage the context of these assets. This shared role complicates matters as business and IT almost always have trouble agreeing on user requirements and technology choices; it won't be any easier to reach a consensus on data management.
Most organizations allow manual data manipulation. As a result, inconsistent data across departments and inaccuracies in reports at various levels are common. Data variability is exacerbated when organizations haven't established companywide business definitions and rules. Incremental investments in technology for master data or metadata management, data quality, usage auditing and integration only add to the patchwork systems and the problem of inconsistent data.
Thousands of organizations have endured reviews over the past two years under the Sarbanes-Oxley Act, the Health Insurance Portability and Accountability Act and other mandates. To compile regulatory and management reports for these reviews, individuals extended productivity tools — particularly spreadsheets — far beyond their purposes, essentially creating custom-built data repositories of uneven quality and subject to minimal auditing and security. I'm not talking about just a handful of business analysts or about data used only for specific, one-time purposes. I'm talking about widespread use of such tools by hundreds or even thousands of people within organizations and within thousands of corporations. Many of these repositories are still in use, though they weren't checked initially and haven't been validated to reflect subsequent business changes.
Like any other management program, data governance needs a strategy and well-defined processes. Begin by creating a team to document the information lifecycle, from data creation to consumption. The team should identify information technologies in use and, more important, activities involving human interaction with data, including reviewing, copying, manipulating and sharing. Later, managing the process of data integration will require an investment in master data management (MDM) technologies or techniques that can maintain common definitions and contexts of data.
These steps are crucial; without them, companies are dangerously exposed. Yet our survey reveals that only 26 percent of 220 companies include MDM in their data governance initiatives.
A number of vendors, among them I2 and SAP, have made advances in MDM for their applications. In the data management and middleware arena, MDM offerings have emerged from Hyperion, IBM, Kalido and Tibco, and in the customer-focused area from Purisma and Siperian.
In the excitement around MDM, executives who want to improve data management are trying to compare products, but that's difficult because these vendors approach MDM differently. In practice, a large organization must draw on multiple technologies to construct an enterprise MDM approach. And tools such as Teleran's application usage management software will be needed to secure and audit the MDM initiative.
To take control of your data, learn about successful data-governance processes and best practices. Ensure that your MDM strategy encompasses all of your company's needs, including the often-overlooked data usage, data security and data quality concerns. Identify and eliminate instances where poorly documented and unaudited spreadsheets are used in decision making.
Every organization will need companywide data definitions, a central repository for key business data, and mechanisms to keep the data accurate, consistent and integrated across the enterprise. You'll sleep better when data governance, built on an MDM foundation, replaces data anarchy.
Mark Smith is CEO and Senior Vice President of Research at Ventana Research. Write to him at [email protected].