The Burden of Trusted Information

Information Management Magazine, June 2005

Timo Elliott, Darren Cunningham

Information Accountability

Governance. Accountability. Credibility. Integrity. Trusted information is a hot topic: Business people today are under increasing pressure to make the right decisions, fast - or else face increasingly dramatic consequences. Unfortunately, they often lack confidence in the information provided to them by their corporate information systems. To remedy this, IT organizations need to implement a trusted information framework that combines a unified approach to data integration and business intelligence (BI).

A number of trends focused on corporate data continue to distract today's IT departments. Shareholders are clamoring for more transparency as a result of the financial scandals that have shaken confidence in corporate governance around the world. Compliance legislation such as the U.S. Sarbanes-Oxley Act (whose impact is reaching far beyond the U.S.) can result in jail sentences for executives who - even unintentionally - report erroneous information. New privacy laws around the world restrict the use of customer information. Increasing global competition has put pressure on organizations to use their expensive information assets more strategically.

All these issues can be summed up in a single concept: trusted information. Simply accessing data is no longer enough. Today's CEOs, CFOs and knowledge-workers must be able to reliably track the information they use for decisions back to the original source systems in order to ensure its timeliness, accuracy and credibility.

Over the last decade, organizations have invested millions of dollars in systems to collect, store and distribute information more effectively. Despite this, information users at all levels of the organization are often uncomfortable with the quality, reliability and transparency of the information they receive.

Today's organizations rarely have a "single view of the truth." Executives waste time in meetings debating whose figures are correct, rather than what to do about the company's issues. Additionally, they worry about the consequences of making strategic decisions using the wrong information, directly impacting the long-term survival of the organization.

A recent study carried out by Business Week showed that more than half of business users said they found it "difficult" or "very difficult" to get the information they need.¹ Even when information was available, 43 percent of business users indicated they didn't trust their internal systems. Thus, it's perhaps no surprise that 77 percent of them said bad decisions had been made because of a lack of information.

To address these issues, organizations need to put in place a trusted information framework that relies on three different sets of processes:

• Information quality: The processes that ensure that information is filtered, aggregated and entered into the system without errors.
• Information controls: The processes that determine that the right people access the right information, that legal and privacy restrictions are respected and that changes are correctly propagated through the system.
• Information interpretation: The processes that ensure information can be used for decision making, that terms are consistent across the organization and that users of information can track how and when the data was collected or calculated.

Information Quality

Information quality is the foundation layer of any information accountability framework - one bad piece of data can call into question the whole decision process.

Many organizations are unaware - or in denial about - the magnitude of the data quality problem facing them. They can't begin to calculate the tremendous labor costs and lost productivity that result from time spent reconciling inaccurate and inconsistent reports throughout the organization, yet these directly impact the bottom line of the business.

In addition, strategic initiatives of the organization such as customer relationship management often fail to achieve expected benefits due to poor quality of the underlying data.

Whose job is it to fix this? In some organizations, the information technology department is tasked with ensuring data quality, but often without the resources necessary to do so successfully.

The most effective approach to data quality is to ensure that poor quality data never makes it into the corporate systems. A key notion is to establish a "data quality firewall," controlled by a team of "data stewards" who are formally charged with the task of ensuring good data quality.

The data stewards manage the sources of data flowing into the data warehouse, introduce standard definitions and calculations, conduct data-quality audits and develop data-retention criteria. And just like Internet firewalls, the role of the data quality firewall is to block inappropriate data flows - in this case, by using data profiling and filtering to prevent poor quality data from entering the corporate data warehouse.

Data quality can also be extended to include the notion of the timeliness of information - the consequences of decisions made on out-of-date information will be similar to those made on incorrect numbers. Business interest in "real-time" and "right-time" information has been increasing as organizations want to be able to act quickly on new data. For example, it is far more valuable to receive information indicating customers may be moving to a competitor while there is still time to address their concerns, instead of after they have left.

Automated data integration tools can pass alerts of unusual business events directly to business users' dashboards and help ensure that data warehouse information is loaded quickly and efficiently as it is updated.

Finally, data quality depends on consistency throughout the enterprise. Today's complex information flows mean that any change to the underlying operational systems or the data warehouse can have a direct impact on reports and dashboards used across the organization.

In most organizations, finding which users and reports have been impacted by a change is a time-consuming, manual process. These processes are typically slow and costly to implement, and are difficult to update as new information flows are required. Automated data integration tools should be able to propagate changes through the entire business intelligence system and provide alerts if manual updates are required.

Information Controls

Page 1 of 3.