Data Governance Matters

I had a really good discussion today with someone about whether they were actually ready to implement a formal Data Governance program. What prompted it was my concern for their career and the program sponsor’s career. After all, starting a Data Governance program takes a certain amount of political capital. You’d like to go into the effort hoping for a positive ROI on that capital - not a political disaster.

Actually, this was a repeat of a conversation we’d had several times, but he didn’t remember that. It’s ok, we hear stuff when we’re ready to. And we’d been through a lot together, discussing what such a program would look like, and who would be involved, and what they would do. We’d also discussed several times before whether they actually SHOULD do it (after all, just because you CAN do something doesn’t mean you SHOULD.) Still, today he seemed surprised when I suggested putting the brakes on while they considered the political ramifications of starting and - gasp! - possibly failing.

He asked me to capture some of our discussion as conditions that need to be in place for a Data Governance program to be successful in delivering value. Asking whether they are in place is part of any Data Governance feasibility assessment; if the answer is “No, they are not in place,” then the conclusion might be to defer governance activities.

Following is an incomplete list of conditions.

1. A driving reason for Data Governance, supported by high-level sponsors.
Is there concensus about what needs to change, and why, and what will happen if it doesn’t? Are high-level stakeholders supporting the changes that will come with governance?

A sign you’re not ready: key stakeholders say they don’t see a need for Data Governance, and there’s no executive mandate to “trump” their opinion.

2. Political will.

The activities of data governance - setting standards, enforcing them, and resolving issues - are only needed because conflicts and disputes exist. What will happen if key data stakeholders insist that THEY don’t have to adhere to rules? What if they reject the rulings of roundtables, councils, or boards? Before you get to that situation, your Data Governance Sponsor should decide how they would react to stakeholders who reject being governed.

A sign you’re not ready: key stakeholders are not getting what they need from data, but they state they would not be willing to vote against a dissenter in a council meeting. Another sign: mid-level participants state they would not be willing to champion a standard unless their business sponsors provided “political cover” for them.

3. A commitment for participation.
Is there a commitment for time and support by those who will be triaging requests for support, setting standards, and resolving issues?

A sign you’re not ready: those whose attendance will be required at rule-making sessions are routinely double-booked or triple-booked, and cannot commit to being in attendance at required sessions.

4. Project Management/Documentation/Communication.
Someone has to “herd the cats,” facilitate sessions, create documents that summarize issues, draft rules and standards, and meet with stakeholders to mine their knowledge and address their concerns. Without this level of support, you’re likely to have a series of non-productive meetings.

A sign you’re not ready: You can’t get a commitment for enough hours from the right resource; instead, you might be assigned resources who can’t write well, aren’t strong faciliators/mediators, don’t understand the politics associated with data decisions, or are not regarded by participants as as politically-neutral, trusted brokers of information.

5. Knowledgeable data analysis.
Someone has to bring knowledge to governance sessions - knowledge about where data is, how it is actually used, undocumented but followed rules, and points of contact within the organization for understanding protocols, policies, and historical decisions.

A sign you’re not ready: If you can only assign a new hire to this role. Why? New resources (rather than seasoned veterans) are rarely successful in this role; even if they understand their discipline very well, they probably are lacking in tribal knowledge or even where to obtain it.

An important part of configuring a program is being honest with yourself about your organization’s readiness. Just because something is the right thing to do doesn’t mean that RIGHT NOW is the time to do it. 

We’ve come a long way, baby.

Back in 2003, when I started the Data Governance Institute, a Google search on the term “data governance” yielded just 67 hits. I could count on one hand the number of people I could call to have a passionate discussion about this obscure subject. But look at the difference seven years can make. Now, it’s not a question of whether organizations need data governance.  Duh. Do they have data that flows across multiple systems and processes? Of course. Do they want rules to specify how the  data should be structured, shared, accessed, and used? Of course. Do they want controls to enforce those rules? Of course. Do they want clear rules of engagement that show how stakeholders make decisions about those rules and controls? Of course. Now, in 2010, it’s a given that organizations of a certain size want and need some form of formal data governance.

Now, the question is more about how much governance, and what form it should take. The focus is on making it actionable. The concern is about demonstrating value. The skill is in avoiding bureaucracies and bottlenecks. The vision is seemlessly embedding governance into projects, processes, and practices.

In 2010, I predict we will see new emphasis on folding governance into business processes and on highlighting the governance steps hidden within data management practices. We’ll see a new attitude toward accountability, as it becomes acknowledged that just most business roles have fiduciary, administrative, and security responsibilities, so do they contain stewardship and governance responsibilities. 

And we’ll see new opportunities to bring clarity and understanding about governance to our stakeholders. I think we should take advantage of these opportunities. We should create ”teachable moments” out of news stories and events in our work lives. I’ll start.

Hey everyone. You know how everyone’s talking about the way President Obama tore into twenty high-level officials about their inability to connect data points and avoid the attempted Christmas day airline bombing? You know how the press is using the word “silos” to describe the collections of unconnected data that held the clues about the bomber? Here’s our chance! Let’s remind everyone that good intelligence - good analysis of good information - takes more than a new policy. The data has to be shaped and structured and standardized in certain ways to be shareable. And that doesn’t happen on its own - it happens as a result of the rules and controls that are part of data governance. But its not enough for the data to be in a shareable format. The groups that manage that data have to agree on processes and practices for sharing it and resolving any issues about the data - another part of data governance. Here’s the bottom line, world. Good data governance alone won’t result in good intelligence. But you’re not gonna get good intelligence without good data governance. So here’s what Obama needs to tell the intelligence community: Keep on managing all those silos of data - they need it. But start applying better governance to the extended data environment. Lives depend on it. 

Recently I had occasion to once again pass along advice to  “Consider removing some of the burden from management teams by utilizing a centralized, federated, or net-centric Data Governance Model.” 

This, as it often does, lead to a specific question and a general discussion. The question? “What does net-centric mean?” Here’s what Wikipedia says: Participating as a part of a continuously-evolving, complex community of people, devices, information and services interconnected by a communications network to achieve optimal benefit of resources and better synchronization of events and their consequences.”

I confess that when I first heard the term and read the definition, I didn’t totally get it. I was really focused on the idea of technology being at the center of the concept. But then I heard some elegant discussions that made be look beyond that factor. Net-centricity is the next logical step when you’re not optimizing components within a closed system or even a set of closed systems.  Rather, it acknowledges that sometimes you have to do your best to manage within “a network of networks.”    

Wow, is that true. And as we all know, networks can be messy, complex, and elusive. 

So what was the inevitable general topic that followed? A discussion of when to adopt a centralized model of data governance, when to design a federated model, and when to go for a net-centric model. That can be a long discussion, but one take-away had to do with the scope of impact you’re trying to make.

Sometimes your field of impact is simply within one department or group (local impact).  Sometimes it is across multiple groups within one organization. (enterprise impact) Sometimes it crosses two or more organizations (multiprise impact). Sometimes you’re aiming to change one little thing across the whole world (global impact).

The larger your field of impact, the more difficult it will be to suceed with a true centralized form of governance. Sure, it’s easy to make rules from a single spot. But it’s very had to follow up on them.  If you need feet-on-the-ground monitoring and reporting, a federated approach may be better for you. (It’s also the better choice if you care a lot about the end results of governance, but are able to tolerate a lot of “local variance” in how you get there.

With a net-centric approach, to Data Governance, you are not only giving up personal oversight. You’re recognizing that different networks have different ways of dealing with similar information, standardization approaches, processes, and protocols. You’re no longer claiming you have to have identical results. Rather, you’re focussing on reaching agreement about high-level goals and objectives and the conditions that need to be in place so you can be certain of addressing those as information moves from one network to another in an appropriate way, according to agreed upon conditions, meeting an agreed upon set of fit-for-use criteria. Of course, you’ll want to address detailed goals and objectives also, but your approach will recognize that collaboration may get exponentially more difficult the more detailed you get.

(Of course, there are exceptions to everything. Introduce the right technology and standards, and it may be desirable to adopt them in all circumstances. Voila! Easy governance!)

But usually, it’s anything but easy. Networks of networks may have too many parts to name. They are messy. Navigating them - much less controlling them - is hard. But it can be worth it when multiprise and global concerns are at stake. So welcome to the 21st century. It’s not for sissies. 

Yesterday, Thomas L. Friedman posted an interesting New York Times op-ed column entitled “From Baby-Sitting to Adoption” about U.S. policy in Afghanistan. No, I am not going to comment on that. But today I heard Friedman say something cool on TV about a totally different subject - he spoke about not letting other describe your problem, and he asserted that those who name a problem thereafter own it. He made some other great comments about the need to frame problems before you start the arduous process of trying to solve them. Suddenly he really had my attention, and I decided to look up yesterday’s column.

(For those of you who are trying to remember where you’ve heard Friedman’s name, he’s the author of ”The World is Flat: A Brief History of the 21st Century” and he’s won several Pulitzer Prizes.)

The metaphor Friedman uses is the different levels of commitment one brings to baby-sitting a child versus aogreeing to adopt the child. Friedman was talking about commitments between two countries - and I don’t want to go there in this blog. But I couldn’t help noticing how useful this metaphor could be to those of us who work with enterprise data assets.

We all face a similar framing situation on an ongoing basis, whether we’re asked to create/refine/review an enterprise data strategy, to implement a data governance program, to advise data stewards, or to help enterprise data management (EDM) or enterprise information management (EIM) programs build strategies, agree on tactics, prioritize efforts, or solve a particular problem.

Here are the questions inherent in all of the above situations as they have been historically framed: 

Who “owns” the data?    Who “owns” the problem?   Who “owns” the solution?

Two problems with this:

1. A conceptual problem - haven’t we all agreed, at least in theory, that the enterprise owns data with an enterprise impact (that is, Business owns data, not IT)!!!

2. A practical problem - even in organizations that agree to #1, I’ve still seen discussions grind to a halt as implications are explored. After all, there usually isn’t a budget line for “the enterprise.” Instead, one or more groups within the enterprise are going to get silo-slammed with negative impacts to their budgets, resources, applications, processes, etc.

So we have a natural tension here: a silo wants to “own” data when it’s to their advantage. But they don’t want to own every problem that is associated with that data. And you can’t blame them.

So the issue resolution framing metaphor of *ownership* is problematic when dealing with cross-functional data issues that impact one or more aspects of gaining access to usable information required to address business needs.

What about a *child care* metaphor?

What would happen if we posit that

• all data belongs to the enterpise

• certain data has been “adopted” by functional groups

• when that data “leaves the house to go to school or public areas, etc.” it is now part of additional systems & networks of activities and must agree to abide by their rules and  work within their protocols

• unless the journey has been “child-proofed” with strong controls, the data may require ”baby-sitters” in the form of data stewards, custodians, and others

• sometimes, additional facilitators are required for naturally chaotic environments such as field trips. (Now we’re stretching the metaphor to include issue resolution sessions, project prioritization analysis sessions, standards-building exercises, and the other types of “special events” that data governance teams get asked to facilitate.)

Now continue down the childcare metaphor path. As a parent, when I sent my children to school, or dropped them off at a babysitter’s house, I was not giving up my parental rights. I was expecting the school/babysitter to address issues that fell within the scope of their system, according to rights and responsibilities we had agreed upon. If an issue had a multi-system causes or impacts, then I expected to be apprised of it, and to be invited to a parent-teacher conference so we could agree on a solution that would have acceptable  impacts within all systems.

(yes, I know it’s more like networks than systems, and I really like the net-centric metaphor. but let’s save that for another discussion, ok?)

So… how would we address data-with-behavior-problems or data-we-can’t-find or data-that-won’t-answer-our questions if we were using a child care metaphor rather than an ownership metaphor?

What would we expect from ourselves and participants if we were invited (or invited ourselves) to take on the roles of 
those-who-plan-issue_resolution_sesions, or
those-who-align_and_prioritize-policies & standards & rules,
those-who-ensure-unbroken-chains_of_custody-for the child

You know, I’m going to have to give this a buncha thought.

- As a mom, I think I have a good idea of what good governance of my kids looks like.

- As an industry analyst, I get asked constantly by analysts/vendors/practice leaders/execs/program leaders/stewards/stakeholders  how we should be framing the next era of data governance in a way to make it operational and focused on performance and conformance and managing risk.

- As a practicing consultant, I know I’ve been willing to babysit other enterprise’s data, but I sure wouldn’t want to adopt it. I wonder if THAT is the sentiment I’ve been hearing from department/silo leaders who are hesitant about participating in data governance programs?  Hmmm…. 

Thoughts?

BTW, following is the quote from Friedman’s column that made me want to write this blog entry. I suggest you read it this way: change the topic under discussion (US levels of commitment within Afghanistan) with another topic (how should Data Governance help participants frame data-related discussions. Then let me know if you agree that we would be doing a service to mommy-and-daddy (the enterprise) if, before we accept a baby-sitting engagement, we ask them (or the silo leadership that has agreed to raise their data babies for them) the questions Friedman lists below.

“Before we adopt a new baby — Afghanistan — we need to have a new national discussion about this project: what it will cost, how much time it could take, what U.S. interests make it compelling, and, most of all, who is going to oversee this policy?” 

This past week the U.S. media have been abuzz about President Obama’s first-day-in-office efforts to bring transparency to government. And there are many stories around the theme of the balance of power between the three branches of the U.S. government. It’s fun to watch newscasters reminding viewers about the Legislative branch that makes laws, the Judicial branch (courts) that interpret rules, settle disputes, and deal with non-compliance, and the Executive branch that runs the government. They remind us that during our country’s first few administrations, the Executive branch wasn’t much bigger than the other two!

What does this have to do with Data Governance? Most programs I know have a three-part mission similar to the governmental model. One part of the program collects/makes/aligns rules (policies, standards, business rules, data definitions, etc.). Another governance mechanism deals with conflicts and non-compliance. And a third effort provides services to data stakeholders and works to embed rules and controls into business, IT, and data management processes.

It doesn’t really matter how big or small your program is, or what data you’re working with, or the ultimate goals of your program. Whatever your scope, you need to address all three missions if you’re going to create sustainable success.

Here’s a thought… do you think info-savvy President Obama just might “get” the concepts of Data Governance?

The Data Governance Institute is vendor-neutral. But we’re not tool-blind. It’s just that for a long time, there weren’t many tools that really addressed Data Governance and Stewardship needs.

This is changing, thank goodness. And I am LOVING IT! After all, building rules (policies, standards, business rules, DQ checks, etc.) into processes and controls is key to sustainable success. And having technologies that can be used by non-technical Data Stewards as well as IT staff are key to making substantial improvements to data.

The fine folks from ComputerWorld and Kalido have asked me to join them on January 28th at 11 AM EST (GMT-5) to discuss this topic. We’ll be focussing on three uses of technology - to capture/define rules, to build those rules into workflows/processes, and to track changes to data in an audit-friendly way. Cool stuff. We’ll also take a few minutes to talk about the DGI Data Governance Framework and Data Governance processes.

You can get more information on the Data Governance Institute website or at the webinar registration page.

I admit it. I’m old. At least I’m old enough that we didn’t have cell phones when I was in high school. (Or college, or for a bit after that…) Now I wouldn’t dream of leaving home without one. But even so, sometimes I pick up my phone, look at it, and think that it’s simply a miracle.

Had one of those moments today. Here I was, sitting in my sunroom in Florida, looking out the windows over my deck at the bougenvilla taking over the little building in my back yard, the brilliant orange fire vine creeping along the phone wires, the beautiful clear January sky behind my avocado tree. On the desk in front of me was my cell phone, on speaker.

On the line were Data Governance & Stewardship leaders in California, Minnesota, North Carolina, Virginia, other U.S. states, and even Scotland! How cool was this!

It was a weekly Knowledge Exchange of the Data Governance & Stewardship Community of Practice. The topic of the day was selling Data Governance to executives. What was interesting was that the dozen or so people talking came from a variety of verticals, but they all had the same challenges. And some of them had great tips to offer. (Topics: hard benefits versus soft benefits, story telling, making dollars quantifiable, measuring the value of work avoided, getting participants to go on the record.)

We’ve already scheduled a follow-up as well as a series of future discussions on organizing programs, setting roles & responsibilities, baking governance into processes, Data Governance communications, working in an SAP environment, and other topics. Probably some of the same folks will be involved, but we get a mix of folks, depending on the topic. Chances are, there will be multiple time zones involved in every discussion.

Me? I learn from every one of these I’m involved in. It’s cool to see what everyone has in common, as well as what makes one program unique, and another one especially successful.

And it’s waaaaay cool to have those moments where I realize I’m having a “small world” experience that was only possible on “Star Trek” when I was a little girl…

I hate it when words just disappear. Maybe they meet up with all those socks that go missing from washing machines. Anyway, somewhere there are a few hundred “brilliant” words written on this topic that have somehow disappeared from this post. I won’t be able to recreate them, but I’m writing something else in this space in their place…

As memory serves, I wrote an ode to my dear friend and colleague Anne Marie Smith, PhD, who has been pondering a question that I know many of us have been wondering about. What are our obligations, as people who manage and govern data, regarding the usage of that data?

Yes, yes, we’re supposed to make it fit for use. But what if our users want to do something with it that violates a corporate policy, or an ethical principle, or a standard, or a process. What if they (or others from the business) don’t understand ramifications, but we do? Is it time for Data Governance workers to serve in some sort of advisory role?

Anne Marie will be sharing her ideas during a “Meet the Expert” session of the Data Governance & Stewardship Community of Practice (www.DataStewardship.com) on Tuesday, Jan. 27, at 11:00 AM EST (GMT-5). It’s free, but registration is required. I hope you’ll join us.

I know I have a few questions for Anne Marie regarding potential roles for people in our field as the world works its way out of the economic crisis. And I know she has some thoughtful ideas about other ramifications of knowing what we know.

By the way, if you’re wondering if this is “the” Anne Marie Smith - yes it is. Principal Consultant for EW Solutions. Many leadership roles in DAMA. Editor of the  Real World Decision Support journal. Involved in the EIM Institute. Presenter at many many data-related events given by MIT, DAMA, Wilshire Conferences, etc. Highly involved in the Data Governance & Stewardship Community of Practice. One of the most thoughtful people I know. I’m sure this tough concept is gonna seem more traversable after she speaks.

Guest host, Reese Thomas

At every Data Governance conference I’ve attended, at the dinner tables, in the lounge and on break between  presentations and workshops, one question invariably pops up. It’s usually asked in the first person; some variance of “How do I sell Data Governance to our executive management.” Attendees are hungry to hear hints from the ‘I’ve been there’ people on this topic. I’ve even heard attendees announce after the resulting discussion, ” I’ve received more value from this conversation than from the rest of the conference put together.”

This is why I thought I might mention the up-coming Data Governance & Stewardship Community of Practice (DGS-COP) on-line event on this topic, coming up Thursday, Jan 22, 2009, 11:00 AM until 12:00 PM EST (GMT-5.)

This will be a discussion in the DGS-COP Knowledge Exchange series, and is one of the last events in this series open to non-members as well as members (available at no charge under the DGS-COP ‘Response to the Economy’ policy for events through January.)

I just looked at who’s registered to attend; I see several familiar names I know have a lot to contribute. Of course, Gwen will be moderating, she’ll chime in with some incites as well. If you are at all interested in developing your program’s executive support, I can’t urge you strongly enough to consider participating.

These events are limited in attendance, but as of this  blog posting, there are still some slots available.

BTW, if your organization’s policy restricts your participation in public forums, you are more than welcome to  email me at reese.thomas@datagovernance.com . I’ll be glad to ask your questions for you;  you can sit back and listen anonymously.

Here’s the link  for more information

So I took some time off from this blog to just… think. Clearly, Data Governance is entering a new stage. It’s no longer the obvious-to-a-few, confusing-to-many discipline that a few of us started evangelizing several years back. Now it’s a given that if your organization has any size and any technical/data complexity, you need to formalize governance as well as management of your information.

So now thousands of us are working within our organizations to establish governance. We’re doing the right things, although maybe not at the pace we’d like. We’re agreeing on common activities and responsibilities. Frameworks are being used to help people communicate and stay in sync. Things are good.

So why don’t I feel great?

It’s because of the world’s economonic crisis and what we all might have done while it was all brewing. Yes, I understand there is much that none of us could have changed. We’re not in a position to stop fraud and crazy Ponzi schemes. We’re not in a position to stop leaders from taking crazy risks. We’re not even in a position to stop corporate leaders from taking calculated risks that might just turn out bad.

But we are - or should be - in a position to help leaders and other users of information to understand how well they should trust the information they’re using to make critical decisions.

The truth is that many of us know - and have known for a long time - about problems with the data we work with. We know when the data is polluted, or incomplete, or just wrong. We know when data quality hasn’t been tested (meaning that all we have are assumptions about how good it is). We know when users of information have all validated data definitions - and when they haven’t and instead are assuming they know what a particular report field means. We know where streams of information from various sources converge into a big repository, and we know when those data streams have been carefully sorted into trusted sets of information and when, instead, we really aren’t sure what we have to work with.

We know so much. And yet we haven’t made sure that the people making world-changing decisions understand whether they’re basing decisions on trusted information or on assumptions.

And that’s just not right.

Yes, I understand corporate politics. (Believe me, I have the scars.) I understand how hard it is to push information up the executive ladder. I understand what happens to people who break protocol.

But many of us do have access to executive users of information. (Or we have the ear of those who have access.) I propose that 2009 be the year of Proactive Data Governance. Let’s use our voices to make sure that leaders understand key facts about the information they rely on when they’re making critical decisions.

I suggest that we keep our messages simple. Let’s all tell our top-of-the-foodchain data users the same thing until they get it.

Let’s tell them that they need to know the answers to 3 questions concerning their data, and that we as Data Governance leaders are ready to help them get answers. Let’s tell them that they should know whether the information they’re relying on

1) Comes from trusted and controlled sources
(or the alternatives: we know that the source is suspect, or that nobody knows because lineage hasn’t been documented and analyzed)

2) Whether it means what EVERYONE thinks it means
(or the alternatives: we know there’s confusion, or that the data definition validation work just hasn’t been done)

3) Whether the data quality is “good enough”
(or the alternatives: we know it’s not, or that it hasn’t been tested, or that rules haven’t been established to say what “good enough” means).

Maybe we can’t do anything about the situation that got us all here. But we can be part of the solution. We can make sure that decision-makers know the right questions to ask, and we can help them get answers. We can help them understand whether they are basing their crisis-recovery decisions on trusted data or merely assumptions.

Now let me stop a few of you who are thinking that my three questions are too simple - you could probably add another half dozen to the list. And you could add a bunch of words to the simple questions:

1- Trusted source?
2- Agreed-upon definition?
3- “Good enough” quality?

Yes, you could cloak these with techno-speak, use words like “profiling” and “lineage” and “metadata repositories” and “taxonomies.” And when you’re talking to techies, you might want to do that.

But if you make this too complex, you won’t get executive attention.

So here’s my suggestion:

Let’s all tell our leaders the same simple message, and let’s use simple, non-technical language to get their attention, and then (if they respond with interest) let’s help them make the decision to proactively do/fund what it takes to get the quality of information they need.

Let’s all send the same message:
If you have answers to three questions about the information you need to make critical decisions
(1-Trusted source?   2- Agreed-upon definition?    3 - “Good enough” quality?), 
   then you’ll know whether you’re basing your decision on solid data, 
      and you can be more informed about the risks you’re taking.  

Right now, around the globe, leaders of corporations, governments, not-for-profits, educational institutes, and other organizations are trying to decide how to react to the current economic crisis. They’re trying to decide how to be proactive, to avoid making future mistakes. They’re pulling report after report after report, looking at their data while they ponder critical decisions.

What do you know about that data? Even more important, what should THEY know about that data? What questions should they ask?

Let’s do what we can, troops…

In the spirit of Thanksgiving, I’m making note of some people working in the Data Governance field for whom I am especially thankful. Bob Seiner is one of them.

Back in the mid 90s, Bob and I worked for the same systems integration firm, CIBER. Although I was based out of Florida and Bob was based out of Pittsburgh, our paths crossed frequently as we consulted on national projects, contributed to the company’s infrastructure, and participated in communities.  

Bob and I discussed several shared interests other than data: parenthood, Knowledge Management, and publishing.  Bob, as many of you no doubt know, founded the amazingly successful TDAN (the Data Administration Newsletter) in 1997. In the late 80s, I’d co-founded a  magazine, so I was well aware of the workflows, stakeholder care, and information governance required to sustain a publication. It was fun to compare stories with Bob.

A few years later, Bob and I (along with Martha Dember, who also worked for CIBER at the time) joined forces to help bring formal Data Governance to a large theme park/resort in Orlando. Almost no one was doing formal Data Governance at the time, so it was great to have peers to exchange philosophies with as we helped this company address information governance, metadata, and data integration needs.

Since then, Bob and I have had many, many discussions about Data Governance. Generally we agree on guiding principles; sometimes we have different perspectives. But always, we’ve shared a belief in the value of good governance, and we’ve shared a passion for this growing field. I’m personally thankful for Bob’s countless contributions - articles, training, consulting, conferences. And I’m very thankful that for all this time, this cool guy has been my friend.   

If you’ve been to a Data Governance event in the past few years, you should thank Davida Berger. You see, there was no such thing as a Data Governance conference before Davida, along with Tony Shaw of Wilshire Conferences and his amazing team, decided the world needed one.

Now, thanks to their efforts, practitioners, academics, and thought leaders have many opportunities to come together to discuss the growing discipline of Data Governance & Stewardship. Davida and Tony collaborate on a series of conferences such as the Data Governance Conference in Europe, coming up in Feb. 2009, and the Data Governance Annual Conference in the U.S., which will be held again next June in San Diego. And since their initial successes, others across the world have taken up the banner, also. So there are now many opportunities to get under one roof with your peers to discuss the ins-and-outs of this growing field.

But it wasn’t always so. Back when Davida had the forsight and courage to be the first program director for the industry’s first Data Governance conference, there wasn’t even concensus about what DG meant - much less what it did, and what it could accomplish. But Davida saw a need, and she had an extensive series of discussions with those of us working in the field (thought leaders and early adopters) to get a feel about what was going on and where efforts were headed.

Sure, now there are studies that show that 80-90% of organizations say they have or need formal Data Governance. But in the beginning there were no surveys. There was Davida, researching everything there was about Data Governance & Stewardship on the web, and connecting in person with many many people to identify trends, drivers, and best practices.

But I shouldn’t put this in the past tense. Davida continues to be one of the hardest-working people I know. Maybe you know her, too. Or maybe you’ve attended one of her events and haven’t said hello. (Next time, say hi!) Or maybe you participate in a different set of seminars or events put on by others. Regardless, there’s a good chance that something Davida has done has helped get you there.

Here in the U.S., we’re coming up on our Thanksgiving holiday. One of the discussions that always comes up in conjunction with this is food, and specifically, potatoes. Mashed? (of course) Boiled with parsley? (maybe) French fries? (not with this meal!)

So now I’m thinking about my paternal grandfather, who emigrated to the U.S. from Wales in 1929, followed shortly by my grandmother, father, and aunt. (Yes, I’m talking about “Scotty the Welshman” from my book.) Grandpa and Gramma Thomas became proud U.S. citizens and lived over 50 years in their new country, but they always retained their Welsh identity and menu preferences.

Grandpa loved his fish and chips. He and Grandma would talk about how they had to eat broiled fish and boiled potatoes because of the rationing during World War I, and how nice it was to have fried potatoes any time they wanted them.

But Grandpa never called them fried potatoes or even french fries. They were chips. And when a young waitress at a lunch counter asked him if he wanted chips with his ham sandwich, he always said yes. It was Gramma who would have to call the young waitress back and explain that he wanted french fries, not Lays potato chips. You see, even if Grandpa had just had an extended conversation with the waitress about how much he wished they had “fish and chips” on the menu, but he’d settle for a “ham sandwich and chips,” Gramma just knew that the waitress probably didn’t make the connection.

I think about them sometimes when I’m embroiled in a metadata discussion about how much documentation is really needed and how explicit data definitions need to be. 

Yes, even with a holiday coming up, I’m still talking about data and metadata most of the day. The past few weeks, many of my discussions tend to be with members of the Data Governance & Stewardship Community of Practice, and there tends to be an ocean between some of us. (I mean this literally - how cool it is to hear my grandparents’ accents in some of our community members… )

The answer to “how much documentation,” it seems, depends in part on whether the users/beneficiaries of those data definitions all have the same cultural background. It depends on whether their frame of reference includes two continents and and ocean between, or just a lunch counter and some familiar red vinyl stools.

And it depends on how they would react if they ordered french fries and got potato chips, instead.

A lot of you may know the (true) story that when I bought the URL www.DataGovernance.com, a Google search only had 67 hits. But I was certain that Data Governance and Stewardship were disciplines that needed to become more formal, with practices that could make a real difference for the world. So the work of promoting Data Governance became a passion.

Along the way, I discovered others with similar feelings and great passion. One of the coolest things about my life in the last few years has been getting to know many of them. And so, in the spirit of Thanksgiving, I’d like to send some shout-outs to people in the industry that I’m thankful for.

I’m going to start with the inimitable Jill Dyche for several reasons. One, because she’s an amazing writer. Boy, can she crystalize a thought! I absolutely love reading her blog.

The second reason is because of a certain blog entry she did recently, in which she fessed up to a poetry mishap in her youth. It inspired me to put together a little verse in response. I left it as a comment for her, but then I thought I’d print it here, also. Just be sure you read her blog, too, folks.

And the third reason I’m shouting out to Jill Dyche first is because we share that special, special bond that only comes when one of you (it was me) says something incredibly embarrassing (it’s too bad to ever print. trust me) in a very public place (you don’t want to know) and the other one (her) hears it, enjoys it, and then actually doesn’t repeat it in print! So when we run into each other at conferences, we sometimes have a little tweak at each other.  I didn’t really get a chance to hang out with her the last time I saw her, so instead, I thought I’d send her this little poem.

I think that I shall never say

Some things as well as does Dyche.

Her use of metaphor, you see,

And pithy points, and simile,

Provide a smile, a chuckle, laugh

That business folks and IT staff

Can use to bond while they review

Ideas - some old, and some brand new -

That help them manage information

From acquisition (or creation)

Through a lifecycle, to that feat

Where info’s archived or delete

-d.

Ever have a situation where the difference between then and now kinda blows your mind? I’ve been having a series of them, tied to regularly-scheduled phone and web conversations I’ve been having with Data Governance practitioners from around the globe. I keep getting whiplash as I remind myself that yes, I’m actually talking with people from around the globe!

(I know, I know, I sound like my gramma when she talked about the first time she stepped onto an airplane and how miraculous it was. I heard that story several times, back in the 1970s.)

Which brings me to the topic of saying No. 

I came of age in the 70s, a time when double standards were being challenged and we young women were receiving very mixed messages. “Just say no!” was the conventional wisdom we heard from our grandmothers and others. On the other hand, we were told, in this modern age it wasn’t a requirement to always say no. It was our choice.

But both sides agreed that it was sad if a girl couldn’t say no. That was a sign of a real problem.

Fast forward twenty years. I was learning to be a consultant from a very wise, very practical,  and extremely ethical man. Tony taught me that a consultant should rarely say no. (He was talking about work requests, of course. Get your mind out of the gutter.) Instead, Tony said, a good consultant learns the art of saying “yes, if…”

Q: Can I have this early?

A: Yes, if you’re willing to either spend more money or give up some functionality/quality.

Q: Can we skip user testing?

A: Yes, if you’ll give me a written statement that you’ll hold us harmless from all defects, and that statement is validated by your boss.

Q: Can you do twice as much work in the same time?

A: Yes, if you pay for extra resources to do the work (and by the way, it will be more than twice the resources, because there’s additional costs involved in bringing them up to speed and coordinating efforts).

Q: Can I jump off the roof?

A: Yes, if you’re ok with breaking your leg when you land.

I thought about saying no several times this last month. At the Data Governance and Stewardship Community of Practice<, I’ve been facilitating a series of Knowledge Exchanges, and a topic that keeps coming up is whether your program should say no to requests for help - and if so, when and how.

One participant had some sad “lessons learned” to share regarding a program that kept saying “yes” although they couldn’t get the resources to complete tasks.  Some other participants shared guidelines for saying no.

Me? I was torn. Part of me wanted to pass along Tony’s lessons about saying “yes, if.” Another part of me was busy trying to remember the name of the character in the musical “Oklahoma” that sings the song “I’m just a girl who can’t say no.”

And now I have that song stuck in my head. Oh, well.

Feel like listening to it yourself? Here’s a YouTube of Amanda Palmer with the Boston Pops.

In recent posts, Reese Thomas and Tom Jesionowski, who share this space with me, make some good points about situations where strong data governance have aided organizations during the current financical crisis — and how inadequate practices have left others vulnerable.

Their discussion makes me think (for the hundredth time this past month) about things I wish I’d said more strongly. more loudly, more forcefully to corporate executives this past year.

Here’s what I wish I’d said in a way that everyone understood:

If you’re going to make critical business decisions based on information, then you’d better understand how ”fit for use” that information is. You should DEMAND good answers to 3 questions:
 
1. Do I know and trust the source of this data (that I’m using to make critical decisions)
2. Does the data mean exactly what everyone thinks it means?
3. Is the data “good enough” for what I’m using it for?

If you don’t have good answers to these questions, then you’re making decisions based on assumptions. So, if you still have decisions to make, then ask these questions. Demand answers. Don’t get distracted by the fact that answers may rely on complicated technology-centric efforts. Instead, maintain focus. Recognize where assumptions lie, and let your data management folks help you convert those assumptions to actionable knowledge.
 

In Data We Trust (But Wear Protection Anyway)

Reese Thomas

Tom’s latest guest post certainly raises the question of what part did data practices play in this current situation. Bad decisions can, and do result from many other factors than the quality of information available. Data Governance could be viewed as an organization’s immune system.

A fully implemented and mature Data Governance program certainly will not protect an enterprise from risky management decisions; the healthiest immune system will not offer protection for risky behavior such as unprotected promiscuous sex. A compromised immune system will make it much more likely that even a casual contact with a flue carrier will result in transmission, a healthy immune system will help minimize both the rate of transmission, and the severity of the infection.

It could be argued that in many of these cases, plenty of warning signs were in place, I don’t know if the extent that data practices contributed to any one company’s demise could be determined, or how much were just bad decisions. 

Still Tom, in many of the cases I suspect you are right, data practices were a major factor in bad decision-making, and even for the cases that the data was not the (or even a) major factor…

Any physician knows, the better the overall health of any patient, the better the odds of survival for any cataclysmic health event. And that’s certainly where governance comes in. 

In Data We Trust

Guest poster Tom Jesionowski, Prime Data Consulting LLC

These days you cannot open a news portal, magazine, or turn around without hearing about the markets and the crisis in confidence in our markets. I can’t help but wonder what went on behind the scenes and ask what role poor data governance played? Mortgages being bought and sold three, four, or five times, and the data associated with them being merged over and over. Each time details getting dropped or obscured by undocumented ETL and data movement processes.

At the end of the information chain, the data was merged and aggregated forming the foundation for the derivatives sold and resold in the market. At the end of the day (and the boom) ultimately it was in data that we trusted. Data that was so far removed from the real assets that it became nearly impossible to fully evaluate the risk of what was held in the portfolios. The true magnitude of the risk was hidden behind poor data governance.  If the current crisis in confidence doesn’t make the case for data governance then what will it take?

A few days ago Reese wrote a blog about a piece he’d read that got him fired up. The writer compared Data Governance to fighting “The War on Drugs” and seemed to have a poor opinion of those who served in Data Governance roles - as if their goal was to keep data users from “getting a fix.”

 I’ve been thinking about this a lot. Surely the guy didn’t mean it - I’ve never seen a program where the goal was to keep users from getting the information they needed. Rather, it was about the responsible use of information - making sure that info presented to the world as complete, accurate, and fit for use actually was.

And don’t get me started on “The War on Drugs” - just don’t. 

But I will say that if I were to use a drug metaphor to discuss Data Governance, it would be more about the controls that you’d expect to be in place in a hospital, where the movement of a pill from the pharmacy to the patient follows a controlled path. The mission is to get every patient every drug they need, with the assurances that no one gets hurt along the way.

 After all, what would you think of a hospital that dumped all its drugs in a pile in the lobby and announced “Come and get it!” on the loudspeaker? (Actually, that would make a funny scene in a movie, wouldn’t it?)

 But in real life, we have horrible lessons to learn from recent events where babies died because the wrong strength blood thinner was administered to them. The drugs were lawfully administered, but what was in the vials wasn’t what medical staff thought it was. Terrible harm came from this.

 Well, terrible harm can also come from using information that means something other than what you think it does. Should you be prohibited from accessing it? Possibly, possibly not. Should there be controls so that you (and the people you’re feeding it to) can trust what’s in it? Absolutely! Is it ok to give you a key to the cabinet with the caveat to “use at your own risk?” Maybe - that is absolutely situational.

The real discussion here is how we serve the needs of patients when there is no pharmacy building (or no data mart, or not the data you need in the mart as it exists now). Do you let the patient die? I don’t think so. Do you turn them away, to find what they need in the dark alleys of ODBC territory? Risky business, that approach. Or do you set up a booth in the corner of the waiting room, where folks who understand medicine can hook up users with what they need, while keeping them from killing themselves.

Again, if this were a movie, that would be a funny scene. ”Doc, Doc, I need to mainline some customer data! Give me a hit, stat!” The only question I have is… what kind of data would be those little magic blue pills? 

If your name is Steve Jordan, and if you don’t want a surprise spoiled, stop reading.

For the rest of you, Steve is one of my dearest friends, and I happen to be bringing him a little gift from London, where I’ve been speaking at the DM&IQ conference. His gift is a mug with the words Mind the Gap - a phrase you see all over the London Underground (subway system). It’s printed on the platform and announced on the loudspeaker to remind riders to avoid stumbling on the gap between the platform and the subway cars.

“Mind the Gap” is also the name of a 2004 movie  by Eric Schaeffer that members of Steve’s and my Sangha watched together a few years ago. It’s a quirky film with seemingly unrelated plotlines and characters that finally come together. Fun and also thought provoking.

Steve and his wife Johanna Jordan (who is special to me beyond words) have had many thought-provoking conversations. We joke that we’re all in the same business: he’s a child psychologist, she’s a family therapist, and I work in Data Governance. Many of our discussions have been about Buddhist psychology.

The phrase “mind the gap” has meaning there. For about 2,400 years followers of this psychology (the idea that it is a religion is a modern invention) have known what brain imagers and scholars in cognitive studies have just started validating: there is a tiny but noticeable gap between when a feeling arises and when a person makes a decision to act on that feeling.

The ability to recognize this gap can help one choose a path other than the default, unconscious choice -  a path that might reduce suffering in the world (or at least in an individual).

So what does this have to do with Data Governance? Over time, organizations and individuals have chosen responses to data-related triggers such as issues, conflicts over standardization or integration, and opportunities to define or align business rules. Over time, if an organization chooses the same response repeatedly, it builds up a sort of “muscle memory” and that response becomes automatic - even when conditions change and it’s no longer the best choice.

So one thing that Data Governance professionals do is learn to recognize those situations. We learn to identify  the gaps between triggers and responses, and we help data stakeholders prolong the gap so that thoughtful, mindful analysis of useful options can take place.

Of course, to be successful, these leaders have to be mindful themselves. After all, when dealing with stakeholders who have inherent conflicts of interest (and human personalities), feelings such as irritation and anger are bound to arise occasionally. We have to mind the gap within ourselves so we choose personal actions in response to those feelings that won’t result in new sets of suffering.

Yikes. Emotional, passionate Gwen is still learning this. Now I’m thinking I should have bought a mug for myself, also, so I can fill it with a nice cup of chamomile tea to take into contentious meetings. Hmmm… maybe I can order one over the Internet…