Governance is becoming the topic “du jour” for 2007 in the field of information management (IM). Fortunately, it is also a hot topic in the “business user” corners of the enterprise as well.
Concerns for record retention, a tight regulatory environment and increased shareholder scrutiny have made businesses sensitive to, as we used to say in pre-digital days, “ticking and tying.”
This movement has even trickled into organizations and enterprises that are government related, non-profit, or similarly historically hidden from scrutiny. Whether this is the result of the
Internet, societal acceptance of digital intrusion or other factors is a topic for a future article. The fact is that consultancies that have used the term “governance” in their sales literature
for a number of years should be doing quite well.
In an environment such as this, you would think that getting a data (or information) governance program up and running would be easier than in the past. Anecdotal evidence (i.e., talking to
clients, prospects, peers and consultants) seems to indicate that the concept of IM-type governance is more accepted. Certainly, the interest from the business side is higher than it has ever been,
but the number of successful and sustainable efforts still does not seem to line up with the buzz and activity. Several missteps occur between the “go ahead” and “go live” status.
There are some very critical success factors (CSFs) in governance and IM efforts that continue to appear. These CSFs point to a series of themes that need to be embraced before governance programs
can be measured and confirmed as successful. The next few paragraphs will address these themes and, within the confines of this column, relate some discreet actions that need to occur to deal with
these thematic issues. Briefly, these themes are:
- Business cases for governance are not strong enough to generate passion or metrics to gauge success.
- The organizations and processes put in place to actually carry out governance tend to be based on convenience vs. engineering. The core processes of stewardship and ownership are not engineered
to resist the cultural backlash that companies experience with governance programs.
- Change management is addressed as a task, or sub-project, vs. a core program.
Frankly, the fundamental shift of attitudes toward tighter management of the information assets should make development of a solid business case for governance almost a “slam dunk.”
Typically a business case for governance will talk about “single versions of the truth,” “more accuracy,” etc. These are all good things but present subjective metrics. The simple definition of
a “solid” business case is one that describes a measurable impact to the business, such as “Improvement in Customer retention will result in a 3% increase in gross margin.” From a data
governance viewpoint, obviously customer data management is important. The prime benefit is that you can measure the increase in margin. Granted, the governance of customer data will not
be the only factor in achieving the gross margin increase; however, it will certainly be one of the factors that contributes to achievement of the full benefit.
In addition, there are new business benefits related directly to governance. For example, many organizations set aside reserves because they are not sure about future events. Insurance companies
are probably the most familiar example. If data governance is used to shorten information processing cycle times, or improve the quality of decision-making information, it is likely that reserves
can be reduced. This is a direct bottom line event. Finally, many companies pay for risk insurance. The premiums cover events such as fraud, executive legal problems and the like. Many underwriters
will be quite open to assurances, via an airtight data governance program, that an organization’s risk exposure is less. Therefore, premiums are reduced – again, a direct benefit.
Not coincidentally, the next theme picks up where the business case leaves off.
Organizations and Processes
Governance is more than a process to develop standards and designate data stewards. All too often an organization appoints stewards by subject area, or declares an executive an “owner,” only to
find out the executive then becomes the self-declared czar of content.
The governance organization is not a simple appointment of stewards. Data and information ownership is a complex issue. A sustainable governance organization is usually a multidimensional
organization, where a subject area actually has multiple stewards, depending on how that subject is used by a business function. The usage and context of a particular piece of information determine
who is to be the caretaker and definer of that information. For example, the owner of customer data might be the sales area from a sales standpoint, but the sales area will certainly not get
involved in accuracy issues in the order entry department. Therefore, there will be sales and order entry stewards. The most effective governance organization this writer has implemented was
actually a governance council, where several executives addressed governance issues together.
A formal analysis of all functions surrounding governance, who touches each function and who has accountability and responsibility, must occur. Often a RACI-type (responsible, accountable,
consulted, informed) analysis is used to build governance organizations.
Another common problem is around the processes required for application developers to manifest their “support” for governance. Adhering to standards has to start within IT. Often this is the
point of greatest resistance. An often overlooked solution to this issue is a formal effort to modify the IT department’s methodologies by adding the information management and governance
activities directly to their development methods. If these are nonexistent, there are bigger problems.
Years ago a famous guru was challenged in his keynote lecture by a question from the floor. The question was, “Assuming your ideas are correct in theory, how do I make my organization change how
it does things?” The guru’s answer was vague, and this vagueness has continued for many years across many new “things” in the information technology arena.
Culture is a word used in business to describe how an organization gets stuff done. Some places are collaborative, some autocratic. Some organization are tightly controlled from a central location,
others are virtual. Some organizations have unwritten policies if working long hours, or at least appearing to. All of these are characteristics of culture. All organizations have a unique
information culture. Governance cannot succeed unless this culture is understood and changes to the culture are carefully managed.
A brief but typical (source: W.M. Bridges) series of events for governance change management (cast in the light of governance) may look like this:
- Establish a successful foundation for change – Develop a clear understanding of the reason for change and the future direction. This means advertise the business case repeatedly and to many
- Determine capacity for change – Assess the ability for the organization to change and identify the resistance points. (e.g., application development resisting new standards).
- Consider all possible change solutions – There are many ways to invoke change, from warm and fuzzy to outright nasty. You need to develop solutions that address the problems/opportunities
inherent in the need for change.
- Conduct a thorough impact assessment – What can go wrong? How do you know it is going right? Evaluate possible solutions and present types and consequence of failures.
- Decide on the best change solution and design a detailed implementation plan – and don’t forget to identify change progress metrics.
- Implement the plan – Develop change material, (training, education, and outright marketing. Build the change “team,” and then proceed.
Hopefully, this brief review of common issues and themes that are barriers to governance has helped. The final point to make is there may be other barriers to governance success (tools, metadata,
etc.), but the ones covered here are also barriers to sustaining governance. If you can measure progress against a good business case, if you have a well-designed governance team that sees itself
as a productive function, and you mange change diligently and continually, you will increase your chances of long-term success.