110 Part I • Information Technology
much data history needs to be kept. Some data need to
be kept in active databases, while other data may be
archived to be used only when needed. Eventually,
data should be summarized, eliminated, and/or moved
to the data warehouse. Keeping data too long is not
only costly in terms of storage space, but the use of
out-of-date data can also bias forecasts and other
analyses. With the trend toward data warehousing, a
new mechanism exists to retain data to aid in organi-
zational decision making. Walmart, for example, has
been storing data in its data warehouse since the late
1980s. Although this might not be appropriate for all
organizations, Walmart is in the enviable position of
being able to examine and predict from over a
decade’s worth of buying trends. Every organization
should have a policy on data retention that is consis-
tent with the organization’s strategy and use of data.
11.Train and Consult for Effective Use Just because
data exist, they will not necessarily be effectively
used. What data are stored in databases, what they
mean, what presentation systems report these data,
and how they can be accessed in ad hoc ways all
have to be explained to business managers who
might want to use the data. This training might
include review of the contents of the corporate data
dictionary, with an emphasis on a particular user
group (e.g., consumer marketing), or the training
might be on how to use a statistical package (like
SAS) to access a database for decision support.Data Management Policies
The implementation of these concepts and processes for
data management occurs differently in each organization.
However, policies should be developed regarding data
ownership and data administration. These policies are typi-
cally developed from a process called data governance.
Data governance is an organizational process for establish-
ing strategy, objectives, and policies for organizational
data—that is, to oversee data stewardship, even overseeing
local data stewards responsible for similar activities for spe-
cific data subject areas or business units. Data governance
is a subset of IT governance, which will be reviewed in
Chapter 13. The goal of data governance is to create and
maintain an enterprise view of data through collaboration
and a common agenda. Data governance includes high-
level oversight of day-to-day data management activities.
Frequently data governance happens through a data
governance council, whose members come from IT and a
variety of key business areas, including data stewards.
This council meets regularly—it is not ad hoc—to address
high-level issues. The council sets standards by which
day-to-day decisions about metadata, data ownership and
access rights, data infrastructure and architecture, and
other areas can be made. The council communicates to
executive management about challenges and opportuni-
ties. The council gets its mandate from senior executives
who see the value of managing the data asset. The council
also communicates to data stewards, administrations,
project managers, and other internal information system
stakeholders about their decisions. The council may also
audit that policies and processes it establishes are being
followed and may review periodic reports about data qual-
ity to determine if new policies need to be established,
existing policies need to be better communicated, or
policy violators (particular data stewards, application de-
velopers or project leaders, business managers, and oth-
ers) need to be handled.
In today’s world, a data governance council may
have responsibility for insuring that regulations on quality
of financial reporting are supported by sound data quality
management practices. This means, in part, that policies
must be transparent, procedures for enforcement are well
established and consistently followed, and the policies are
effective to ensure accurate and reliable information.
Internal controls are a major focus of such regulations. The
data governance councils oversee that proper data integrity
controls are in place on databases and metadata reposito-
ries so that changes to data and metadata are properly
processed and fraud and security breaches are deterred.
Fundamentally, if proper controls are not placed on data, it
is very difficult to show compliance with financial report-
ing rules.
Now, let us review two of the key policy areas for
data governance: data ownership and data administration.DATA OWNERSHIP Business managers can become very
possessive about data, for both business and personal rea-
sons such as the following:- the need to protect personal privacy
- the need to protect trade secrets
- the requirement to allow only those with a need to
know to see sensitive business or product plans - the desire to promote internal competition and to
justify the use of scarce resources - the desire to show commitment to one’s job and
ownership of the data needed to carry out one’s job - the desire to use information as power for political
gain
This protectiveness is both good and bad. A commit-
ment to quality data, cost control of data management,
and use of data for strategic advantage are essential for