Information Management & Governance Disciplines

Introduction

Today, enterprise-information architecture, management and governance, along with delivery, has become one of the most perplexing and confusing demands put on Information Technology (IT) divisions
and their business partners. Reasons for this are: merges and acquisitions, new regulations (e.g. Sarbanes-Oxley, HIPAA, Safe-Harbor), and the proliferation of technology that is available to the
business knowledge worker community and the constant changing business environment. From the IT view this has resulted in an architecture crisis: a profusion of technology and technology vendors
with incompatible products and little integration. That type of an environment has impacts companies in the follow ways: rising technology costs, decreased productivity, constantly dealing with
technology issues, and increasing productivity demands on IT. IT has the added burden of struggling with continuing maintenance of legacy information architecture of monolithic data structures that
are inflexible and cannot meet the rapidly changing demands required of today’s fast-paced global business environment. Add to this, the business intelligence environment that is constantly being
propagated in the business communities and you suddenly have an architecture environment that no longer reflects an architecture at all!

Vendors are attempting to answer the perplexity of information delivery through their specific solutions and approaches. Each vendor has various levels of architecture approaches, data integration,
and reporting capabilities. But, what seem to be solutions are normally only a small fix to a specific business problem. Why is this? Isn’t there a better way to architect the information needs of
an enterprise? Can IT management deliver on the promises of the vendor solutions? When confronted with multiple vendors, additional technical architecture component (hardware, software, and
network) options it is no wonder that many of the IT environments resemble a maze of technology and information structures that compound the overall IT architecture

Let me make a comparison to a famous house in San Jose, California. You may have heard of the Winchester Mystery Mansion.

In 1884, Sarah L. Winchester, a wealthy widow, began a construction project of such magnitude that it was to occupy the lives of carpenters and craftsmen until her death 38 years later. The
Victorian mansion is filled with so many unexplained oddities, that it’s known as the Winchester Mystery House. Winchester built a home that is an architectural marvel. Unlike most homes of its
era, this 160-room Victorian mansion had modern heating and sewer systems, gas lights that were operated by pressing a button, three working elevators, and 47 fireplaces. From rambling roofs and
exquisite hand inlaid parquet floors, to the gold and silver chandeliers and Tiffany art glass windows, one could not be anything but impressed by the staggering amount of creativity, energy and
expense poured into each and every detail.

Even though the Winchester Mansion is an architectural marvel, the functionality is somewhat suspect. There are doors that open into walls, and others that might drop you three floors. There are
staircases that lead nowhere and staircases that have stairs differing in width and height. How could such a thing happen? And, what occurred that made Sarah Winchester create such an architectural
disaster? Well, as the story goes people who were killed by her husband’s invention – the Winchester rifle – visited Sarah Winchester in the form of spirits. She was so distraught from these
visits that she sought professional help to have them go away. That assistance came from a medium. The advice she got was to build an addition onto her home so the spirits had some place to
live. In order to do this she brought in architects, carpenters and builders and started to add onto the mansion. All of this was done without a master plan or one key architect. Here are some
interesting facts about the Winchester Mansion:

• Cost: $5,500,000
• Date of Construction: 1884 – September 5, 1922 (38 Continuous years!)
• Heating: Steam, forced air, fireplaces
• Number of:
• —- Rooms: 160
• —- Stories: prior to 1906 Earthquake – 7; presently 4
• —- Acres: originally 161.919; presently 4
• —- Basements: 2
• —- Frames 1,257, approx. 10,000
• —- Doorways 467 approx., 950 doors not including cabinet doors.
• —- Fireplaces: 47 (gas, wood, or coal burning)
• —- Chimneys: presently 17 with evidence of 2 others
• —- Cars at her death: 2 (1 1917 Pierce Arrow Limousine & 1 1916 4 cyl. Buick truck)
• —- Bedrooms: approx. 40
• —- Kitchens: 5 or 6
• —- Staircases: 40, total of stair steps – 367
• —- Skylights: approx. 52
• —- Gallons of paint required to paint entire home: over 20,000
• —- Ballrooms: 2 (1 nearly complete and 1 under construction)
• Blueprints available: No, Mrs. Winchester never had a master set of blueprints, but did sketch out individual rooms on paper and even tablecloths!

Now most of us in IT are not visited by spirits, although some the architectures that I have run across over the years would make me think that some unnatural experience led some companies to
create the architectural marvels that resemble the Winchester Mansion. Also, it is rather interesting that blueprints were drawn out on paper and even tablecloths. Wow, does that remind you of
using napkins at the lunch table to draw out enterprise architectures! Some examples of information architecture marvels are:

• No clear architecture design between application, technical and data architectures
• No metadata environment
• Multiple reporting tools
• Multiple enterprise resource planning (ERP) systems
• Multiple business intelligence tools
• No common data / information architecture
• Lack of standards for acquiring architecture components
• Business unit driven solutions with no consideration given to the enterprise architecture
• Incomplete architecture design for migrating data from operational environment to analytical environment
• Lack of standards for data integration
• Multiple systems for the same business function (i.e., two accounting systems, two payroll systems, multiple claims processing systems)
• No overall governance framework that encompasses the enterprise

Furthermore, is the problem of defining how information will be delivered! Is it hard-copy reports, through the Web, dashboards or downloaded to PDA’s? Identifying an information governance
framework (IGF) is necessary to address the issues identified above as well as meeting the needs and challenges of a rapidly changing business environment. IGF is a long-term business and technical
strategy that is the fundamental foundation for enterprise architecture. IGF addresses architecture through a flexible and scaleable approach and can address short-term business tactical goals as
well.

Lastly, is the commitment from organizations to adopt a governance framework that establishes the boundaries for business, data/information and technical architecture that emphasizes flexibility,
responsiveness to business changes and the ability to support changes is a long-term strategy. This governance framework also defines the need for the capability to manage the information resource
as a corporate asset (i.e., where data came from, the meaning of data in business terms, rules for turning raw data into information). The ability to govern the data/information environment in this
way allows the business departments and IT to have the agility to address directional business changes as they occur. Also, through implementation of an information resource asset management
approach the ability to meet regulatory compliance initiatives like Sarabanes-Oxley is enabled.

Information Governance Framework


Purpose

The purpose of IGF is to define an enterprise information management and governance framework that has three important features; (1) depicts an architectural framework to deliver information, (2)
provides an ordered approach to the management of that environment and (3) defines management of the relationships between application – data, data – business need, and business and technology. IGF
is intended to be a blueprint for functional reference for the construction of an information management and governance architecture capability in the context of an open logical and physical
architecture. The IGF blueprint also becomes the foundation for an information delivery infrastructure and the processes, procedures, and guidelines to support the framework from formal
disciplines.

IGF Blueprint Disciplines

So, what is necessary to define the Information Governance Framework and delivery architecture at the enterprise level? There are three main disciplines. These disciplines support the entire life
cycle of information for an organization. The three disciplines are defined as; business information discipline, systems and network discipline, and information asset discipline. Each discipline
has a common make-up of people, process and technology. To complete the blueprint, each discipline is supported through a commonly defined metadata management strategy.

Definition of Disciplines

It is important to understand each discipline and its functional capacity. It is also important to implement each discipline and not attempt to short cut the implementation of these disciplines.

As an example most of the existing architectures that I have seen over 25 years in IT only address the information architecture from two of the three disciplines; the Business Information
Discipline and Systems & Network Disciplines. By only implementing two of the three disciplines there are miscommunications, misunderstood requirements, and an overall imbalance of the
architecture environment. It is much like attempting to sit on a two-legged stool, it can be done but it requires a lot of individual balancing. (Try it sometime – take a leg off of a three-legged
stool and sit on it!) Add to that the constant changes in general architecture and some companies have developed their own version of the Winchester Mystery House.

Recently I have run across examples where a company built products on a platform that could not support new clients. The platform was not scalable to the level needed to support the new client. Not
only that, but as an application service provider, they would borrow servers from development environment to run the client data when overload situations occurred. Another client had various data
modeling tools in house and has decided to evaluate modeling tools and just now decided that repository technology is important. Do they have a meta model identified? Do they understand what they
want from their data-modeling tool? Who knows, but they are moving forward! Another important question that needs to be asked is – do they have the necessary functions, processes, and procedures
defined to manage this environment?

The Information Asset Discipline is normally missing from these environments. The reason for this is a mystery – most organizations have spent millions on system and network discipline for larger
hardware, latest database management environments, and larger networks. Yet, there is no one responsible for managing information asset environment for the organization! This means there is
duplication of data, different systems managing the same data resulting in increases of reporting differences, much like the Winchester Mystery House.

The IGF Blueprint disciplines are made up of common components of People, Process, and Technology as mentioned before. The next section will describe each of the disciplines and their components.

Business Information Discipline (BID)

BID defines the view of data, information, and processes from the business viewpoint. This discipline focuses on all areas of the organization based on the information requirements necessary to
support the operational goals of a department, business unit, or division. BID is responsible for defining the data requirements, data definition, and the overall quality of data needed and the
desirable delivery of information from those requirements.

The roles and responsibilities with this discipline vary based upon the size of the organization. There are however, certain roles that are important and have common definition.

One role is the Business Information Steward (BIS). The BIS role varies with the size of the organization. Each department may have their own BIS role defined. As an example, HR may define a BIS
role that is responsible for stewarding HR data. These responsibilities include defining, and identifying who has access (create, read, write, update, and delete), and how human resource data will
be made available to the others (raw data directly from files and databases or from predetermined access routines). The BIS also defines, and is responsible for, the quality of the data content
within their defined area. The BIS defines the acceptable values, domains, and definition of codes. Stewards are defined in each of the major divisions / department / business unit(s) of the
organization.

System / Network Discipline (SND)

SND defines the system (application developers and DBAs) and network analyst roles regarding the information environment. This discipline has the largest concentration of technical resources
(application developers, production support, database administrators, network analyst) and each area has a level of stewardship responsibility.

The application analyst / developers are responsible for understanding and interpreting business requirements in to meaningful applications. This responsibility includes design of presentation of
information whether it is in the form of a hard copy report, or screen of data or to the Web. Each and every delivery vehicle has to be understood for the proper capture and display of information.

The network analyst responsibility for stewardship is ensuring that the network can handle the volume of data / information being requested. The network stewardship responsibility also defines what
is necessary to move data throughout the network.

The DBA stewardship responsibility covers the physical environment for data storage. Their responsibility is vital to the access and timely retrieval of data.

Production support stewardship roles evolve around the production environment and continued support for those environments. This role is a shared responsibility by the business and IT groups that
support the production environment but it is important to understand their role as a steward as well.

Information Asset Discipline (IAD)

IAD defines the organizational unit that has the responsibility and accountability for creating, maintaining, and delivery of information asset management for the organization. In the governance
model this organization is responsible for defining what and how the information will be accounted for in the organization. This organization outlines the governance implementation, the stewardship
roles, and general management of information. Governance from an information management perspective focuses on who has responsibilities for the content of data within each business area. Governance
and stewardship go hand-in-hand with each other. Governance defines the overall responsibilities and strategic focus while stewardship defines the specific responsibilities and tactical deployment.

This framework depicts the the high level strategic view for Information Management and is the foundation for the overall governance direction. As defined above, stewardship is defined in each of
the disciplines.

The IAD is responsible for metadata strategy for the organization and how that strategy will support both business and IT. The metadata strategy is defined in the next section of this document.

Metadata Management Strategy

The metadata strategy needs to define the enterprise needs for metadata. While implementation may be focused in one area (i.e., data warehouse) the strategy should support the enterprise need for
metadata.

Metadata has three fundamental components, which align with the three disciplines of the framework. Those components are: business metadata, technical metadata, and process metadata. According to
some there are three types of metadata strategies that can be implemented:

1. Centralized metadata management
2. Decentralized metadata management
3. Hybrid metadata management

Even though they have clearly defined each of these approaches, the strategy overall has to be aligned with the business and IT. These are more architecture approaches to metadata management and
that decision has to come after an understanding of what it is that is going to be addressed by the overall strategy for metadata.

Within the IGF, the metadata strategy clearly defines the responsibility of the three disciplines and the need for a model that shows the relationships between the three disciplines. This is key to
having a successful metadata environment that will support the business and allow IT to manage the knowledge driven from the data of the organization.

In closing, one can see that without a framework for information management governance organizations can quickly fall into the quagmire of the Winchester Mystery house.