Practical
perspectives in
advancing data
governance to
create improved
data quality
frameworks
Presented by: Micheal Axelsen Director
About this presentation
Purpose
• The purpose of this workshop is to provide participants with the strategic data governance tools to implement good data quality practices in their business
Objectives
• To provide practical approaches adaptable to any business to implement good data governance practices
• To provide tools to ensure ownership by end users and hints and tips for ensuring top level executive support for the project
• Tools to allow participants to develop their own practical roadmap using the discussion of practical case studies to demonstrate and highlight the issues businesses may encounter in aligning their data governance practices with their need for good quality data
About the speaker
Services
• Micheal Axelsen provides consulting services in the business governance of information
technology, and the development and
implementation of information technology business strategy
Position and qualifications
• Director of Applied Insight Pty Ltd
• Chair of CPA Australia Information Technology & Management Centre of Excellence
• Qualifications
– Bachelor of Commerce (Hons) – Masters of Information Systems – Fellow of CPA Australia
An honest approach to Data Quality
I keep six honest serving-men
They taught me all I knew;
Their names are
What
and
Why
and
When
And
How
and
Where
and
Who
.
1
Rudyard Kipling, 1865-1936
(follows "The Elephant's Child")
Agenda
Agenda
• Introduction
• Data Governance and Data Quality: Who and Why?
• Data Governance: What, When and Where?
• How to deliver data quality
• Developing your data governance roadmap
• Applying IT Right
• Summary and conclusion
Appendix
Administration and expectations
Administrative matters
• Facilities & exits
• Breaks
Expectations
• Audience demographics
• What are your
expectations from this
session?
DATA GOVERNANCE:
WHO AND WHY?
Who needs to adopt this approach to data
governance?
• COBIT (Control Objectives for IT) from ITGI is the underlying approach used in this presentation
• „Applying IT Right‟ takes the core components of COBIT and focuses on a goal-setting approach for a business that:
– Has a demonstrated need for data quality
– Wishes to improve data quality through data governance BUT... – ... Does not have endless resources and teams to apply to the
issue
• Data governance will be less relevant for small businesses (that might have less of a need for data quality).
• A more structured & „traditional‟ approach (full project teams etc) might be better than Applying IT Right for a very large business that has the ability to provide dedicated resources and project teams
Who cares? The audience for COBIT
• COBIT is organised into
three levels for three
audiences:
– Executives & boards
– Business and technology management
– Governance, assurance, control & security
professionals
• This workshop provides
tools to answer these
questions with respect to
data quality
Why are data governance and data quality
important?
Compliance frameworks
• Control Objectives for IT (COBIT) • Sarbanes-Oxley
• ASX Principles (risk, value) • National Privacy Principles • AS8015-2005
• A-IFRS (Australian International Financial Reporting System)
Good IT governance is good for bottom line
• MIT research shows that companies with better than average IT governance earn at least a 20 percent higher return on assets than organizations with weaker governance (Weill/Ross 2004)
The increasing importance of data quality and
data governance
Growth in reliance on information technology • Increasing dependence on IT in business organisations • IT is an increasing percentage of expenditure • IT as a business enabler Increase in standards of governance • Corporate collapses• Sarbanes Oxley Act 2002 • AS 8015 Corporate
Governance of ICT
• ASX Principles 2 & 7: Risk and Value
• Privacy Principles & Spam • ISO IEC 38500:2008 IT
Workshop exercise
Why are we all here?
• Interactive facilitation:
are there specific reasons
we are here today?
• Why do you want to
increase data quality? Is
it to comply with
regulation, or to build a
better business?
CONCLUSION
DATA GOVERNANCE:
WHAT WHERE & WHEN
What is data governance and data quality?
Definitions
•
Data Quality
measures the data‟s fitness for the
intended use in operations, decision making & planning
•
Governance
is a set of accountabilities, processes, and
auditable and measurable controls that ensure the
business is on track to achieve its objectives
•
Data Governance
is a set of accountabilities,
processes, and auditable and measurable controls to
ensure the business is on track to achieve its data
quality objectives
•
Data Quality Frameworks
provide structure to data
quality activities and allow assessment of data quality
Alternative governance frameworks
IT Governance Global Status Report
The relationship between data governance
and data quality
• Data governance is a process, and data quality is the
output of that process
• Here, we are measuring data quality in terms of
– Effectiveness
– Efficiency
– Confidentiality
– Integrity
– Availability
– Compliance
– Reliability
COBIT Framework
• Control Objectives for Information Technology is
published by the IT Governance Institute (
www.itgi.org
)
and is closely associated with the Information Systems
Audit and Control Association
• Based on world-wide standards:
– Technical standards from ISO, EDIFACT. – Professional standards – ISACA, AICPA, IIA.
– Can be mapped to other frameworks (e.g. PRINCE 2, COSO)
• COBIT provides a controls perspective that allows us to
implement governance over information – and achieve
data quality
• COBIT is used as a basis for this workshop
Where and when does data governance fit
into the business plans?
Workshop exercise
Data quality activities
• Over the past several
days you have heard
many options for
maintaining data quality –
let‟s document some of
those.
• How confident are you
that you can implement
these ideas back in the
workplace?
HOW TO DELIVER DATA
QUALITY
Data quality
• Achieving a matched level of data quality for
business needs is our aim – high quality data
that we don‟t use does not seem to be very
smart
• Data quality only exists where our governance
processes are set in place to ensure results
• Appropriate data quality is a result of appropriate
governance processes
Interrelationships of COBIT components
See COBIT 4.1 Figure 4 p8 Goals Metrics Maturity Models Practices
P
P
P
P
Gap analysis
28
0 1 2 3 4 5
Nonexistent Initial/Ad Hoc Repeatable Defined Managed Optimised
Enterprise current status
International standard guidelines Industry best practice
Enterprise strategy
Legend for Symbols Used Legend for Rankings Used
0 - Management processes are not applied at all. 1 - Processes are ad hocand disorganised. 2 - Processes follow a regular pattern.
3 - Processes are documented and communicated. 4 - Processes are monitored and measured.
5 - Best practices are followed and automated.
Advancing maturity
•
Using maturity models for Continuous Improvement
–
„As-is‟ and „To-be‟ maturity levels are determined.
–
Scorecard can be based on 4 domains using total
or average scores.
–
Gap analysis is performed to determine required
actions to move to „To-be‟ level.
–
Progress towards „To-be‟ levels monitored over
time.
Introducing Applying IT Right
• COBIT is great, but a little large and unwieldy at first
brush
• Fortunately there‟s no need to apply all of it, immediately
• At its core, primarily focussed on identifying the
business goals
,
implementing
controls
,
increasing the
maturity
of practices over time
,
and providing
performance indicators
to measure performance
• Unless you have large resources available, a
grow-and-mature staged approach is best, and focussing on the
data quality of your
critical information
•
Applying IT Right
is a practical approach to increase
DEVELOPING YOUR DATA
GOVERNANCE ROADMAP
Improving data quality
Creating active strategies
• It is naive to think that data quality can be improved in a
„Great Leap Forward‟ on all fronts and all at once
• To be sustainable, data quality must meet the
cost/benefit test, and be important to the business
• A data governance strategy grows organisational
capability by implementing a data quality „floor‟ for all
data and focussing the most resources upon the most
critical data
• This creates less business risk, higher quality, and lower
costs than a „big bang‟ approach
Practical strategies
• Owned by the business, not „IT‟
• Set core standards for all data, and focus resources on
the development of data governance approaches for
absolutely critical data first.
• Do not develop over-engineered solutions for the entire
organisation‟s data at first.
• Slow-burn strategies that deliver beat fast-burning
failures every time
• Build the strategic rhythm of monthly & quarterly reviews
• Set quarterly deliverables in the program of works for
ease of monitoring
A methodology for developing a data
governance roadmap
Assess: case study exercise
1
2
• Applications • Information • Infrastructure • People4
ChallengesDocument5
3
Plan: case study exercise
6
7
8
Plan: case study exercise
10
Data GovernanceStrategy
Do & Advance: case study discussion
• Responsible • Accountable • Consulted • Informed12
• Weekly • Monthly • Quarterly Reboot13
14
Revisit purpose & objective
Purpose
• The purpose of this workshop is to provide participants with the strategic data governance tools to implement good data quality practices in their business.
Objectives
• To provide practical approaches adaptable to any business to implement good data governance practices
• To provide tools to ensure ownership by end users and hints and tips for ensuring top level executive support for the project.
• Tools allow participants to develop their own practical roadmap using the discussion of practical case studies to demonstrate and highlight the issues businesses may encounter in aligning their data governance practices with their need for good quality data.
Conclusion – meeting the challenges of IT
Information Technology & Management Centre of Excellence
CONTACT DETAILS
Micheal Axelsen
Director, Applied Insight Pty Ltd m: 0412 526 375
t: +61 7 3139 0325
e: [email protected] web: www.appliedinsight.com.au
Applied Insight Pty Ltd PO Box 603
Toowong DC 4066 AUSTRALIA
References
• Gillies, C, and Broadbent M. IT Governance: A Practical
Guide for Company Directors and Business Executives. CPA
Australia. 2005.
• IT Governance Institute. COBIT 4.1. Rolling Meadows,
Illinois. 2007.
• Standards Australia. AS8015-2005 Corporate Governance of
ICT. Standards Australia. 2005
• Weill, P., and Ross, J. W. “IT Governance: How Top
Performers Manage IT Decisions Right for Superior Results”.
Harvard Business School Press. 2004.
References
Websites•
www.cpaaustralia.com.au
•
www.itgi.org
•
www.isaca.org
•
www.appliedinsight.com.au
•
www.michealaxelsen.com
APPENDIX: CHANGE
MANAGEMENT TACTICS
Change management
Today‟s business environment
• Fast paced and dynamic
• No time to freeze a business
• Requires an organic and systemic response
Requirements
• An understanding of the organisation
• A comprehensive consideration of the implications of the change. • A particular concern for the implications of change for the individuals
and groups in the organisation • The need for a plan
• Systematic implementation of the change • Whole-organisation change
Principles and tactics
Five key principles
• Different people react differently to change
• Everyone has fundamental needs that have to be met
• Change often involves a loss, & people go through the "loss curve” • Expectations need to be managed realistically
• Fears have to be dealt with
Tactics
• Preparing for change as a continuous activity for managers & staff • Genuine involvement in the process
• Communication and participation across internal boundaries
• The removal of undue restrictions on input to strategies and tactics • The sharing of information
Preparing for change: Tactics
Tactic Notes
Burning Platform Expose or create a crisis
Challenge Inspire them to achieve remarkable things Command Just tell them to move!
Evidence Cold, hard data is difficult to ignore Destabilising Shaking people of their comfort Education Learn them to change
Management by Objectives (MBO)
Tell people what to do, but not how Rites of passage Hold a wake to help let go of the past Setting goals Give them a formal objective
Visioning Done well, visions work to create change Whole-system planning Everyone planning together
Introducing change: Tactics
Tactic Notes
Challenge Inspire them to achieve remarkable things Coaching Psychological support for executives. Command Tell them what to do.
Education Teach them, one step at a time
Facilitation Use a facilitator to guide team meetings. First steps Make it easy to get going
Involvement Give them an important role.
Management by Objectives Tell people what to do, but not how
Open Space People talking about what concerns them
Re-education Train the people you have in new knowledge/skills Shift-and-sync Change a bit then pause restabilise
Spill and fill Incremental movement to a new organisation Stepwise change Breaking things down into smaller packages. Whole-system Planning Everyone planning together
Making the change stick: Tactics
Tactic Notes
Burning bridges Ensure there is no way back
Evidence stream Show them time and again that the change is real Golden handcuffs Put rewards in their middle-term future
Institutionalisation Building change into the formal systems and structures New challenge Get them looking to the future
Reward alignment Align rewards with desired behaviours Rites of passage Use formal rituals to confirm change Socialising Build it into the social fabric
