The Cost of Ignoring Data Governance
The benefits of the cloud are many, but have also led to some serious challenges. Data sources are proliferating in the cloud, and easy access to that data has led to hyper-specialization of its usage. For example, look at marketing automation. Companies can take advantage of customer data, browsing and shopping habits and even promotional email access to tailor messaging and experiences. But to take advantage of this data, they often have to retrieve it from multiple systems.
Of course, the flip side of this equation is data protection. Breaches are occurring at ever-increasing rates. This has led to governments passing more and more legislation on data storage and stewardship, starting with SOX but now extending to California’s Data Protection Act and the GDPA in Europe. These regulatory requirements place a significant technology burden on companies.
Companies can’t simply ignore or discard data, though. As Jason Jennings pointed out, “It’s not the big that eat the small… it’s the FAST that eat the slow.” Staying competitive means better understanding your market and your customers. A recent Gartner survey found that nearly 80% of executives say companies lose competitive advantages by not utilizing their data, while 49% of those same executives acknowledge that data can be used to decrease expenses and spur new directions for innovation.
Access to data and business intelligence tools is critical, and that access must be self-service enabled. IT cannot be the bottleneck to data insights. At the same time, it's imperative that IT leaders set the tone for data protection. To do that, IT must have a firm grasp on what data they have, where it comes from, and who has access. Unfortunately, “More than half of organizations today told Gartner that they lacked a formal data governance framework and a dedicated budget.”
Delaying or outright ignoring data governance isn’t just risky. It’s also costly. Paying attention to your data governance now can save you time, business, and even penalties down the road.
One example of “pay now or pay later” data governance was an ERP migration project that Big Compass helped with. Going into the project, the company had little understanding of their data’s lineage: where it came from, how it was transformed, and where it went.
Easily half the project's cost was sunk into costly data discovery, cataloging, and transformation analysis across all of their systems. Had this process been completed previously, the ERP migration would have gone much faster with much less complexity and expense.
Worse, this wasn’t the first time this project was attempted or even the second. Previous attempts had been made, but the work was shelved without being shared or centralized. Each attempt was started from scratch and repeated unnecessarily.
Data governance could have reduced the time and money spent on migration. Proper governance, including a detailed catalog, reduces time to market, risk and enables businesses to be more self-service with their data.
It cannot be overstated that the sooner you start with data governance, the less painful your data projects will be, and the more you’ll be able to trust the data you have.
We saw this with a nationwide food client. They were simply unable to trust the data from their own enterprise data warehouse. The problem was so bad that on multiple occasions, they had to adjust their reported revenue. To investors, that’s always a bad look.
They needed to analyze their data and understand the lineage and transformation rules used on it. In the past, they had hired multiple firms to try and dig through the thousands of lines of SQL to gain this understanding.
In the end, we came in to help them with a large-scale archaeological dig on their data. Through reverse engineering, they were then able to understand what they were looking at and catalog it.
This client isn’t alone, as this is an all too familiar story for most companies. The USGS states, “Poor data quality, redundant data, and lost data can cost companies 15 percent to 25 percent of their operating budget.”
The ideal time to catalog your data and transformation rules is during your BI design. But if you haven’t done it yet, the next best time is now.
Customer and Patient Personal Information
Customer data protection is essential. Patient data protection is critical. Having worked with both retail clients and biotech firms, we’ve had a front-row seat to the concerns around customer and patient data privacy and the challenges in storing and managing personally identifiable information (PII) and payment card information (PCI).
In healthcare, companies are subject to HIPAA rules, which carry stiff penalties for non-compliance. These companies are required to have annual audits to determine compliance - a process that can be lengthy, impactful, and costly.
Having a centralized tool that streamlines this process saves time and money. Beyond hard costs, tools like this also free up technology teams to focus on business initiatives instead of audit requests. Moreover, the likelihood of penalties increases when you don’t fully understand your data where “52% of organizations believe a lack of data confidence increases their threat of regulatory penalties.”
A tool like Boomi’s Data Catalog and Prep helps with these challenges. PII data can be automatically recognized and tagged. Workflows can be established to protect the data from being used in projects and without approvals, ensuring data is adequately secured and simplifying the compliance process.
How to Get Started with Data Governance
Data governance must start with a mandate from leadership, but that alone won’t make it successful. Companies must use a combined top-down and a bottom-up approach.
For top-down, start by finding data champions - partners across the business that recognize the importance of data and can own the process of managing their “business nouns” - Employees, Customers or Patients, Products, Locations, etc.
Also, establish a data governance council that meets regularly. Initial meetings can be used to resolve existing data conflicts, defining systems of record, reviewing your data-breach preparedness, audit preparedness, etc.
Going bottom-up, find a technical data champion, or if you don’t have one, hire one. This can be a data architect or an enterprise architect, but for your governance projects to be successful, this must be someone passionate about data. This is because this individual will spend their days building awareness throughout the organization, building consensus, and generally driving the data governance program in collaboration with passionate business owners.
Next, you’ll need to gather the most useful metadata from your key IT systems. The best way to do this is to tie it to a major initiative that can benefit from it, such as an HR system upgrade or an ERP migration.
Establishing governance is one thing, but maintaining it is also crucial. Find a data management tool, such as Boomi’s Data Catalog and Prep. Your goal should be to centralize your metadata in a single place, making it easy and useful for the enterprise and reducing project data discovery efforts, costs, and risks from a customer or proprietary data loss.
Data governance is a little bit like being told not to think about a red car. Once you’re made aware of it, it’s hard not to see it everywhere. Use cases for data governance are in every corner of your business; you just may not have seen it yet.
Data discovery and data lineage is key to ensuring that your company can be nimble and can pivot quickly, a lesson that the COVID-19 era has driven home. Consider a major system implementation or upgrade - how much easier would it be if you already knew where your cost centers and GL codes were defined? Data governance can make that clear, as well as the related questions, like what the impacts to processes and systems are if you make a change.
Speed and agility also mean removing IT as a bottleneck. As part of governance, data cataloging facilitates self-service and keeps each business question from becoming an IT project.
Compliance becomes simplified, as well. Tagging your data as PII and PCI ensures you know which data is most sensitive and ensures you’re treating it appropriately.
If you’re just getting started with governance, we recommend taking a look at Boomi’s Data Catalog and Prep tool. It’s a solid foundation for a data governance initiative. If you’re looking for help or guidance on your data governance journey, remember that Big Compass is here to help. Reach out if you have questions on getting started, planning assistance, or other data governance initiative assistance.
ADOPTION & EXPANSION
+ Number of APIs
+ Business coverage
+ Number of contracted apps
+ API usage
+ API reuse
EFFICIENCY & COST SAVINGS
+ Number of APIs in each SDLC stage
+ Time spent in each SDLC stage
+ Cost and time to build an API
+ App development velocity
+ Number of launches per year
+ Number of defects
SECURITY & VULNERABILITIES
+ Security violation
+ Policy enforcement
+ Time since the last version was published
+ Number of throttling issues
+ Time to onboard
+ Number of deployments
+ Number of incidents
+ Percentage of customers impacted. per incident
+ Time to resolve incidents