Information Governance

The Why?

The Who?

The How?

Summary

Next steps

Wikipedia defines Information governance as: an emerging term used to encompass the set of multi-disciplinary structures, policies, procedures, processes

and controls implemented to manage information at an enterprise level, supporting an organization's immediate and future regulatory, legal, risk, environmental

and operational requirements.

Why?

Build a valued Information Asset• Greater protection of sensitive data

• Access to trusted critical business intelligence in a timely manner

• Increased value of information throughout its lifecycle, culminating in a quantitatively modeled information asset.

• Single business aligned version of the truth

• Cross selling by profiling the client through a single view across the organization

Reduce costs and increase revenue• Business knows what they needs for their business function, thus IT knows what business wants from their system,

therefore systems will be implemented on time, in budget and with little if any rework necessary.

• decreases time to market and increases revenue through efficient business processes due to an optimized transparent

information landscape

• Decreased data management and systems costs and risks, due to aligned information standards, policies and quality

rules enforced by a group wide business governance function

Optimize use of resources• Reduce the time spent on cleaning and validating data by general business employees, and more time spent on actual

analysis, BI and MI, with valid, consistent, complete and timely information

• Effective information sharing and trusted decision making

• Information alignment between business functions & lines, systems and business processes, ensuring the trusted

consolidation and aggregation of information with no costly data management operations.

Internal & External Audit Requirement & Regulatory Compliance• KYC, POPI, FATCA, Dodd Franks, Basel 3, IFRS, CRT etc

Who?

Ownership of Information resides with business.

To help business accept accountability and assume the

guardianship role for their information, a clearly defined governance

unit providing the authority, method and control to facilitate

this critical requirement, needs to exist.

James Orr, author of “Data Governance for the Executive” and respected authority on data governance in the USA believes that, even at its most conservative

estimate, bad data in Financial Institutions contributes to:

Operations: 10-15% of operational costs

Revenue: 2-4% reduction in revenue opportunities (even with a single client view across the enterprise)

Risk and Compliance: Risk of exposure, security breaches and non-compliance in the tens of millions of dollars, with serious reputational and market risk implied

How?

Scope

Information governance encapsulates the information needs of consumers, accountability of originators

and responsibility of stewards, and describes their role in building an information asset.

Moving Forward

Current

In the current environment we have fragmented

data strategy in business functions & lines, pockets

of data management, and IT governance for

systems and projects in silos.

Future

Business governs data management and projects and aligns business strategy and

IT governance, where:

• Business owns and defines data,

• Data management manages and monitors data,

• IT moves and stores data,

through a comprehensive Information Governance process

Projects

Current

In a Gartner press release “Dirty Data is a business problem, not an IT problem,” (2007), More than 25 percent of critical data in Fortune 1000 companies

will continue to be flawed, that is, the information will be inaccurate, incomplete or duplicated…

Future

Systems belongs to a business function

Data belongs to the organization

The bigger picture

We create a standardized governed data view,

where:

business can ensure alignment with business,

business can ensure alignment with IT,

IT can ensure alignment with the rest of IT,

directed by the data definitions, rules, policies

and standards created by business and collected,

consolidated and enforced by the Information

Governance Office in each logical subject area.

Functional Engagement

An independent study by NASCIO showed that:

• Up to 75% of information workers have made decisions that turned out to be wrong due to flawed data.

• As much as 30% of the work week is spent verifying the accuracy and quality of data.

• Only 10% of knowledge workers believe they always have all the information needed to confidently make effective business decisions.

Stewardship (IGO)

Martin Lippert, Chief Information Officer, Royal Bank of Canada, said:

““We have a culture that recognizes that what’s in the information vault is as critical to us as what’s in the money vault. For Royal Bank of Canada, data

management and customer data integration aren’t about the technology as much as they are about business strategy and information – and the change

management processes that enable it.”

Maturity Model

Future regulatory requirements states that information governance will become a regulatory requirement for compliance by 2016,

This will mean a formalized group wide business driven information governance organizational structure will needs to exist by this date

Cost and Sponsorship

Group Head: Chief Data Officer

Cost to Business Sponsor *:

• Subject Data Steward (Head of Information Governance in Business Area)

• Business Data Stewards (% time from Executive Decision Makers, SME’s)

• IGO (Cost to catalogue data subject for business area)

• Training and support of Information Governance Office

Cost to Projects: Project Data Steward

* It should be noted that most of these staffing cost would be negated by simply re-

appropriating existing staff members. It is therefore possible to implement an IGO with no

cost to sponsor.

An EIU research survey (2008) showed that even though most senior executives are aware that their company’s success is largely dependent on how often

information policies are evaluated and adapted as business priorities and market conditions evolve, 62% of them do not have a formal information governance

strategy in place.

Summary

Information governance serves to orchestrate the people, processes and

technology in the organization to align business and facilitate the creation

and leverage of data as a group-wide asset

Information governance serves to collect and distribute standardized

definitions and rules for data, with focus on data quality and data usability,

aligning data subjects across the group, and giving business “one view” of

data

Information governance provides a structured accessible facility to allow

all of business to own and govern their data

Analyst from Gartner along with leading financial institutions (2011) have concluded that:

• Risk calculations will need to become more pervasive and automated across the entire enterprise to stay effective

• Financial institutions without a mature data governance program will be vulnerable to severe regulatory penalties

Next Steps

• Re-appropriate/Appoint a head of information governance for the business area

• Divide the subject by identifying all functional and managed subject areas, which when looked at in an amalgamation will

describe the business subject. Align efforts to existing group standards and policies

• Create a subject repository to collect, align, standardize and store all data definitions and rules, and details on ownership,

stewardship and stakeholders.

• Identify the Executive decision makers who will act as guardians (business stewards) for each of the subject’s categories

or sections. These will form the IGO along with the head of information governance (subject steward) for the business

area. Between them they should be able to define/redefine/remove any data definition or rule included in the subject.

• Assign/Identify business owners to all information (data) elements, this will be the originators of the information, if the

information changes in its journey it will have a new owner (accountability).

• Identify all possible stakeholder and ensure they are included in the projects, the definition of elements and the creation of

quality rules. These are the consumers of the information.

• Assign/Appoint project stewards on all current and planned projects as guardians of the data subject

• Create policies and standards in conjunction with the CDO for the information subject in the business area.

• Define/collect all data elements in subject area by creating business definitions. Define quality rules for data elements

where required, and include in repository. Identify all reference and master data, and ensure proper ownership and

controls are in place

Global Information Governance Day, or GIGD, is an international holiday that occurs on the third Thursday in February. The purpose of Global Information

Governance Day is to raise the awareness of information governance. (Wikipedia 2013)

Papers and research

This presentation should be used in conjunction with papers published on my website:

http://igorswann.com/#information-governance-papers