Chapter 4 • The Data Resource 111
obtaining the greatest benefits from managing the data
resource. On the other hand, possessiveness about data can
stifle data sharing, which can limit access to data (and,
hence, reduce the ability to answer important business
questions) and increase data processing costs for the whole
enterprise. The culture about data must be managed as part
of data resource management.
Acorporate information policyis the foundation
for managing the ownership of data. Figure 4.8 contains a
data access policy statement developed in late 2000 for a
large Midwestern manufacturer of truck parts. The presi-
dent and the chief information officer (CIO) developed this
policy after it was clear that many managers were not shar-
ing data useful to others in the corporation. The new policy
was communicated to all managers through a series of
written announcements and staff meetings. This policy
states that each manager has responsibility for managing
data as a resource for the good of the whole enterprise, not
just the gain of his area. Some policies will distinguish
among classes of data—such as personal, departmental,
and organizational—although the trend is to make all data
organizational.
As organizations and the markets they serve become
more global, issues of international regulations, standards,
and cultures relating to data ownership can have major
impacts on data management. One specific issue is
relevant in the discussion of data ownership—regulation of
the flow of data across international boundaries.
Transborder data flowsare electronic movements
of data that cross a country’s national boundary for pro-
cessing, storage, or retrieval of that data in a foreign coun-
try. Data are subject to the laws of the exporting country.
Legislation to control transborder data flows varies widely
from country to country. These laws are justified by the
perceived need to
- prevent economic and cultural imperialism, includ-
ing preventing the change of social values (a kind of
antipropaganda mentality) and preventing the
usurpation of local decisions by multinational head-
quarters outside the country - protect domestic industry, including protecting the
local computer hardware, software, and services
industry - protect individual privacy, including protecting indi-
vidual citizens against storage of personal health,
employment, and political affiliation data in databases
held in foreign countries - foster international trade, including measures to
make the flow of data easy during desirable interna-
tional trade and to promote the exporting of informa-
tion technology and services - Corporate data will be shared internally. Data are not owned by a particular
individual or organization, but by the whole organization. - Data will be managed as a corporate resource. Data organization and
structure will be planned at the appropriate levels and in an integrated fashion. - Data quality will be actively managed. Explicit criteria for data accuracy,
availability, accessibility, and ease of use will be written by the IS department. - Data will be safeguarded. As a corporate asset, data will be protected from
deliberate or unintentional alteration, destruction, or inappropriate disclosure. - Data will be defined explicitly. Standards will be developed for data
- Databases will be logically designed to satisfy broad business functions.
Data is a corporate resource. Much of our corporate data is stored electronically.
Excellence in data management is key to achieving many of our business goals.
The following statements constitute our electronic data access policy:
representation.
FIGURE 4.8 Example Data Access Policy