What the data management industry needs is some jail time for high level executives, don't you think? Well, maybe I should back up and qualify that statement a bit.
You see, I do a lot of thinking about the state of data management and the IT profession. And lately I've been thinking about it with respect to regulatory compliance. You know what I'm talking about, but just in case you don't here is a link to ABA's regulatory compliance site. For those who didn't click through, basically regulatory compliance is all about making sure your company is following government regulations - like Sarbanes-Oxley and HIPAA.
I am a big fan of government regulations. I know, I know, many of you are not because compliance can generate a lot of additional work for you. But I like many of the regulations because my "point of view" is that it makes companies do what they should have been doing all along. Things like ensuring that your data is accurate and that proper controls are put in place to protect the data. That is just goodness to my way of thinking - and it is a shame that it takes governmental regulations to make corporations sit up and take notice of the issue.
Which brings me to the title of this little blog posting. We are accustomed to looking for the ROI -- the return on investment -- of our IT investments. That is, how long will it take for a purchase to pay for iteself. But when it comes to regulatory compliance investments ROI takes on a different meaning -- risk of incarceration. You see, some of these regulations have teeth in them (e.g. Sarbanes-Oxley) that can cause high-level executives to be incarcerated if they fail to follow the regulations. Basically, the Sarbanes-Oxley regulations make C-level exeuctives sign off on documents that assert that their organization's financial data is accurate and that proper controls are in place assuring that accuracy. We need more regulations like that!
So, as a data professional (I assume that you are if you are reading this blog), how comfortable would you be signing off on the accuracy of the data that you manage? Is it 100% accurate? Would you put your career on the line to vouch for the accuracy of the data in your databases? How about your personal freedom?
Actually, I doubt that many of you would - and not because you are wary of your technical prowess in terms of wrangling and taming data. Usually it is because of the lack of focus and resources given to the task of managing data and metadata. Here are some facts to consider as you think about this question:
- Data under management is growing at the rate of about 125% annually.
- And, according to industry analysts as much as 80% of that data (probably more) is inactive or infrequently accessed.
- According to data quality guru Thomas C. Redman, poor quality data costs the typical organization 20% of revenue.
- According to a recent survey of IT managers, 59% said they worried information was not up-to-date or accurate.
Taken collectively, these are some scary statistics. Yet, most executives, if asked, would say that they treat data as a corporate asset. There is a disconnect here. The disconnect is that data is rarely treated the way other corporate assets are. That is, corporate assets are modeled, defined, and carefully managed.
Think of your other corporate assets: finances are controlled rigidly by the comptroller and the CFO's office and modeled in your chart of accounts. If your bank deposits are even a penny off, you know about it, and fix it. Your personnel are modeled with organization charts and managed in hierarchies across lines of business and down to strategically aligned teams. Every employee is accounted for and you know when they are in the office, on vacation, or out sick. What about your products? They are modeled in bills of material, managed by product managers and sold by sales teams. Product is inventoried and accounted for. Let's face it, we treat our assets very carefully.
So what of data? Is every data element documented in your company? With a clear, concise, and agreed upon definition? Can you track the lineage of your data from inception to all of the places it is used? Yes, I even mean on that business user's desktop in an Excel spreadsheet.
Let's face it, the vast majority of companies live in the state of data anarchy. And this anarchy will continue until executives are forced to pony up the resources to tame it. IMHO that won't happen until someone, perhaps many someones, are prosecuted successfully and sent away. So keep your eyes open and on the lookout for the next high-profile regulatory compliance trial.
And, if you're like me, root for the prosecution!