The Business Processes of Information Governance
If you have the chance to engage an executive from the oil and gas industry in a candid conversation about what their company does, you’ll likely hear something like: “We drill for crude, we refine crude, and we sell crude.”
Regardless of industry or line of business, an analogous quote can easily be made, be it selling shirts, producing pharmaceutical drugs, or buying and reselling products. The business processes that organizations put in place determine how efficiently and effectively companies conduct their work. These processes are often unique by industry, tailored to specific companies, and studied and improved via major initiatives and strategic investments. The business processes of information governance should be added to this list of differentiating, business value-driving processes.
Indeed, highly effective organizations run highly effective business processes -- and information governance is no exception. To succeed, the business processes of information governance can be divided into six key areas:
While often overlooked, certain key dynamics and decisions should be established when instituting or refining information governance within an organization. Beyond resource assignment and flow-charting, the planning phases of information governance involve assessing the current state of the quality and validity of the data throughout an organization, linking those findings back to their business reality, and tying the information back to the key performance indicators (KPIs) set by an organization’s leadership. This process includes getting the right people involved at the right time with a flow of work that has strategic decision points and nuances that are managed and communicated effectively so that a direct line can be drawn from information governance to the bottom line.
Since the first transactional system was introduced into an organization, that organization started to collect and rely on data to execute its business. With the purchase of each new system, a new set of data requirements is introduced into an organization. When these new systems are implemented, it is not a data migration that occurs but rather a data modernization, as data is taken from outdated models and put into new, modern architectures that promise better performance and lower costs. In order for the modernization to be more than a lift and shift approach, but rather a conversion of the data into modern standards, a business process that facilitates accountability, visibility, and transformation is required. These modernization events are often rare for an organization and bring together a unique set of stakeholders that require a refined business process to execute effectively.
Either on the heels of a modernization effort or after systems have been up and running for some time, constantly monitoring the quality, state, and relevance of data is imperative to maintaining a smooth operation. Monitoring should be instituted as a business process via responsible individuals on both the business and technical teams to accomplish a holistic view of the data and its impacts. This strategy enables collaboration between the business owners who can communicate what they need from the data, as well as the technical resources who can then manage programmatic manipulation and deliver tailored reports with the right view of the data to the right person at the right time.
Monitoring by itself can bring deep insight into data and its impact on a business. The results of those monitoring activities need to be fed back into a separate business process around the governed cleansing of data and feeding that cleansed data back into the systems. The process of cleansing takes data that is causing interruptions and corruption of systems, clean that data, and put it back into the systems ensuring that those systems run smoother and faster with decreased business interruption. To be successful, cleansing requires a business process made up of a group of stakeholders, workers, and subject matter experts to properly modify, approve, and load the cleansed data.
As organizations mature in their use of monitoring and cleansing, many choose to institute a data firewall around their systems so that only good data can get into those systems. There are key business processes involved in determining where these active governance firewalls should be established as the effectiveness of implementations is often as much about change management within an organization as it is about the software used to implement the process. Once determined, the business process of implementing active governance takes over in order to properly model and enforce the business processes around data management.
Once data has been through its lifecycle, the final step on its journey is the decisions around, and processes of, archiving and retention. In order to properly make these decisions unique processes must be established that take into account legal, regulatory, storage, cost and general business variables. These decisions often involve a unique set of stakeholders each with their own concerns and responsibilities. Once made, the business process of identifying the data to archive and processing those archiving activities, often with a flow of work that involves approvals, sign-offs and compliance, can be implemented. The archiving business process is one that often runs on its own schedule with inputs and decisions that are unique throughout an organization. One must only look at the news to see what happens if this type of business process breaks down.
An organization may need to go through one or all of the information governance business processes at any given time and will most likely use a variety of IT tools in order to facilitate the technical aspects of each of them. Regardless of tooling, the business processes need to be monitored with the proper visibility given to the proper stakeholders regularly in order to drive real results and value.