Data Governance – Fiddling While Rome Burns
“Plataginet, I will; and like thee, Nero,
Play on the lute, beholding the towns burn.”
– William Shakespeare, Henry VI
Rome Burning – the Data Governance version
Data Governance frameworks, like any good governance system should have a set of principles and rules in place that cover the full data ecosystem. Fragmented data governance frameworks leave gaping holes in the ecosystem – ripe for a conflagration. Here’s a simple example to demonstrate the issue.
Let’s say you source contact and demographic data for individuals from a third party – maybe for marketing purposes or a know-your-customer exercise. The operations team is receiving this data every day and they notice it is full of errors and inconsistencies. Under pressure to deliver on their operational targets, they develop a systematic process for cleaning the data – identifying the discrepancies, feeding issues back to the vendor and chasing them for corrections. It’s a great process – a well run operations team will probably create a good quality approach founded on data governance best practices.
All good – we have a diligent operations team, taking their responsibility seriously. What’s wrong with that?
How about this question – should we be using this vendor in the first place with this level of quality issues? Did no-one escalate the issue up the chain of command, look at the bigger picture and explore alternative sources for the data?
Process is not enough
That wouldn’t happen, I hear you say. No-one could miss something that obvious.
You would think so, but here’s two reasons why this could fail to happen:
- First, this scenario is a classic ‘frog in boiling water’ situation. A correction process, which might have started as an incidental additional check, blows up to become a major part of the daily operation. If everyone is looking at the task right in front of them and not stepping back, it’s easy to miss.
- Second, timely escalation and remediation requires an operations manager whose paying attention to the badness, a higher level manager who is receptive to those escalations, a well defined business process and a company culture which encourages this sort of behavior. Although most businesses will have a process in place that looks something like this, politics and company culture often get in the way.
Where’s the Fire?
Lets assume you can humor me and accept this failure is more than a remote possibility. Still I hear you say, Rome is not burning. Some inefficiency maybe, but not a catastrophe.
You’re right. This is not the fire.
Daily operational quality issues as the visible problem the team dealt with. The invisible problem was that the vendor in question, in addition to poor operational quality controls, had poor regulatory control. A large chunk of the data was personal information subject to the European Union GDPR rules. Under the rules, anyone who uses that data is equally responsible for having appropriate GDPR controls in place. Breaches of the rules subject the offender to a find of up to 4% of their global revenue.
This is the burning fire. By the time the problem is identified (by the regulator) the reputational and financial damage to the company is already signed, sealed and delivered.
That’s what fiddling while Rome burns looks like.
Stop Rome Burning
How do we stop the fire? Usually this sort of crisis occurs because the wrong people are thinking about the wrong issues at the wrong level.
If the scenario above had played out in a well controlled and organized sort of way, it might look like this:
In this beautiful world this issue never materializes – the owner of the Vendor Selection process recognizes the ongoing element required in Vendor Selection and has created the connections into her ecosystem so she learns about GDPR early on – as well as getting feedback on quality on a routine basis from the operational and vendor monitoring processes.
No breach and thus no fine materializes in this scenario. Before this could even arise the company has recognized the significant issues with this vendor and moved on to another option.
Data Governance 101
Does the beautiful process make sense to you? Different types of reviews with different cadences, owned by different people, connected together.
Congratulations, we just designed our first governance framework together.
In the next post we’ll extrapolate this example to a more generic framework.
Will is a senior data executive with extensive experience across the spectrum of data management and analytics, and a deep understanding of what it takes to find, wrangle and incorporate data into your business decision making workflow. His previous roles include periods working at some of the world's most forward thinking firms, including Thomson Reuters and Bridgewater Associates, as analyst, data manager, data buyer, business owner amongst other roles. Will is a passionate data evangelist and happy to engage in a conversation anytime to talk about the opportunities and share war stories. When he's not got his geek hat on, you will find him on the tennis court or at the piano.