Chief Digital Officers drive change using data. But, more often than not, this CDiO struggles to get access to the most valuable data they need. Not because they don't understand what data they need and why. It's just that no one seems to be sure where the true copy of the complete data is, nor if the data it is even useable/lawful for its intended purposes. The latter issue is a more recent development in an increasingly data regulated world.
More often than not, the CDO struggles to identify what applications are collecting and processing data. Not because they don't intuitively know what data needs managing. It's just that no one has a good holistic understanding and record of the flow of data through the organisation and the rationale for its capture and for what purpose. The latter issue is a more recent requirement driven by the need for transparency around the processing of data to comply with data protection legislation.
Because the resolution of the Chief Data Officers challenges will, in turn, resolve the Chief Digital Officers difficulties in reliably sourcing accurate and trusted data. By providing an inexhaustible supply of valuable data assets, your Chief Digital Officer can avoid the frustration of not getting access to the right data when needed.
You can accelerate your organisation's digital journey by pro-actively managing the data friction that your key stakeholders encounter every day and create a more accessible and open data architecture to empower data users across the organisation.
1) Build Information Roadmaps - The foundation stone of any digital transformation
Match your Information Demand to your Data Supply - Ask yourself, are you managing and governing the right data to address the organisations information priorities?
Build and focus on your Data Supply Chain - The technical and organisational frameworks and safeguards, including metadata and data protection by design, to share and deliver sustainable data assets to your stakeholders.
It is that simple. Well, maybe not, but no matter the industry you work in or the complexity of your organisation, these are the most important steps you will take in your journey towards data supremacy because as the Chief Data Officer that's what is expected of you.
Imagine having sustainable, re-usable, high quality, lawful and compliant data at your fingertips with complete transparency about the processing/use of that data.
Imagine the Chief Digital Officers sigh of relief when the continuous burden of searching, bashing (figuratively speaking) and integrating the same data assets over and over again is removed.
Freeing-up the Digital Transformation team, the Data Scientists and Marketers to focus on the more important matters of how data-driven business outcomes produce value for the business is their purpose. Your purpose is to create the head-room needed to do this and to manage the data risks making these teams effective at creating value for your organisation and your customers. This blog is about how you can do that.
2) How data-driven business outcomes can produce value for your business
How do you unlock the information your digital and analytics programmes need, while at the same time maximising the opportunity to repurpose the data - and all the while ensuring the secondary uses remain compliant and lawful.
There are ways of achieving this through a collaborative process across the organisation using visual representations of your applications, data, process, risks and controls to understand and navigate your organisation's data flows.
The transformation of your organisation from a knowledgeable enterprise to an intelligent begins one with two simple questions:
Answering these two fundamental questions of all of your stakeholders, not just the Chief Digital Officer, brings focus and purpose to the information demands being asked of you. And, qualifying those requirements to understand, what data is needed (breadth and depth), the geographic scope, the security classification of required data, the data protection safeguards (policies) needed and the priority for delivery, frame the size of the prize and scope of the challenge.
3) Why make assumptions about what data assets are a priority?
Working and collaborating with your stakeholders to develop a rolling information roadmap helps you, the CDO, anticipate and navigate the complexities of the data supply chain to keep the data flowing. Translating this demand into requirements and actionable steps is the next stage, and this is when tooling makes all the difference.
Rationalisation of data demand into deliverables that benefit more than one stakeholder is the key to maximising data value and reducing time to market.
This is when metadata management solutions supporting the methods and techniques needed to frame the data demand and understand the impact on IT Assets, will cut through the complexities of the data requirements rationalisation process. Whereas a simple spreadsheet may suffice in the short term to collate the requirements, my own experience recommends having a metadata management solution in your sights from the start so requirements can be migrated to the tool more efficiently when the time comes. Which is usually a couple of months into this process. If you are fortunate you will have this capability established and available.
In advance of and post-GDPR enforcement, several tools have entered the marketplace supporting data management and compliance governance.
Many of these tools address the immediate organisational safeguards and primary compliance requirements of data protection legislation, e.g. Servicing DSAR (Data Subject Access Requests), DPIAs and RTBs (Right to be Forgotten). Still, they do not accommodate the governance of requirements, continuously sourcing, preparing, management and protection of data assets for secondary processing.
More often than not, this capability is overlooked by the tool vendors.
Why is this? Because they have not understood the multi-dimensional challenge of curating data that is Fit-for-Purpose, Accurate, Complete and Timely to drive Data Science, AI and Machine Learning.
To understand, with precision, the right source, quality and timing of data acquisition for data analytics requires a comprehensive understanding of how data is collected and managed across the business landscape.
This will help you clearly document and visualise the connectedness and flow of data.
These touchpoints represent where compliance with the principles of privacy by design is most relevant. It is at the juncture of where applications collect data, people touch data, where processes ingest data, where technology processes data that the security and privacy risks of data are greatest.
These pinch-points are where the practical application of data protection by design will drive compliance with privacy principles and demonstrate the effectiveness of the data safeguards that your organisation have put in place.
Connecting all these dimensions - People, Processes and Technology - to data and information assets is essential for effective data provenance and Big Data governance, a critical requirement for many regulations, not just the GDPR.
Gerry Rankin presented A Tale of Two CDOs – Leveraging EA to Excel in the Data Economy at the IRM Enterprise Architecture Conference in October 2020.
Gerry Rankin, formerly, Global Head - Privacy Risk Management at Anonos Inc, and former Head of Data Privacy, Security and Control at HSBC Global Banking & Markets for Big Data and Programme Director of Global Data Sharing for HSBC Group CDO. With 25+ years of cross-industry Data Management and Governance experience including Financial Services, Manufacturing, Telecoms, Advertising and Air Express, Gerry has a deep understanding of the challenges organisations are facing to accelerate the commercialisation of data that will drive greater value for their stakeholders and investors, but also the need to sustain demonstrable and transparent control of data and information in an increasingly regulated data world. He has led data governance and compliance programmes in large and complex organisations to drive greater data agility, helping people to develop and understand the changing regulatory landscape of data privacy risk and how this impacts the long-term digital transformation of their business.