"An extraordinary thinker and strategist" "Great knowledge and a wealth of experience" "Informative and entertaining as always" "Captivating!" "Very relevant information" "10 out of 7 actually!" "In my over 20 years in the Analytics and Information Management space I believe Alan is the best and most complete practitioner I have worked with" "Surprisingly entertaining..." "Extremely eloquent, knowledgeable and great at joining the topics and themes between presentations" "Informative, dynamic and engaging" "I'd work with Alan even if I didn't enjoy it so much." "The quintessential information and data management practitioner – passionate, evangelistic, experienced, intelligent, and knowledgeable" "The best knowledgeable, enthusiastic and committed problem solver I have ever worked with" "His passion and depth of knowledge in Information Management Strategy and Governance is infectious" "Feed him your most critical strategic challenges. They are his breakfast." "A rare gem - a pleasure to work with."

Friday, 28 February 2014

Information Management quote of the week - 28/02/14

“Science is organized knowledge. Wisdom is organized life. ” 
(Immanuel Kant) 

Monday, 24 February 2014

Hunting for unicorns

The roles of the Data Scientist and Data Steward in a world of "Big Data"

An article on SearchDataManagement caught my attention this week. The broad premise of the article is that there is an unhealthy tension between the role of the Data Steward (“rigour good, indiscipline bad”) and Data Scientists (“freedom good, structure bad”), and that data governance gets in the way of delivering analytical value. The authorities quoted in the article all come from people that represent technology or services vendors who are in the ”data analytics camp” (Shawn Rogers from Enterprise Management Associates, Jill Dyché from SAS, Jonathan Geiger from Intelligent Solutions, William McKnight from McKnight Consulting). 

Now, call me a cynic (“You’re a cynic”), but don’t all these vendors all have a vested interest in getting the tools and projects deployed in the fastest time possible, and Devil take the hindmost?!

Well I’m not buying it.

As far as I’m concerned, the role of the Data Steward doesn't get set aside just because we're operating in the "Big Data" space, and in my opinion the article’s "straw man" perspective on Data Scientists' attitudes ("hands off, let the data speak") is naïve; indeed, in my experience it doesn't actually bear out in the real world.

Sure, the dynamics, speed of delivery and overall level of definitional rigour may change, at least in the short term. But applying good data stewardship principles to “Big Data” projects doesn’t need to mean slowing things down. Indeed, a general understanding of the semantics, interpretation and context of the data set is vital in order to derive any meaning from the data anyway. That cannot be done in isolation. In contrast to the “set aside” attitude offered by Dyché et al, I’d offer that bringing data stewardship to bear early in the process will enable more informed curation of the data set and provide a feedback loop to improve the overall quality of data set for the longer term (including the ability to think about and adapt the data to meet other business needs.)

The key thing is that there is a real opportunity for collaboration and co-operation. The data scientist brings tools, analytical and data processing expertise, the business data steward brings understanding of the value and utility of the data in context - which to my mind is a precursor to any data analytic task anyway Both are necessary, neither is sufficient.

The only way that the “do it fast, do it with the current data, don’t do any cleansing” approach can work is if you’ve got an individua who can offer both Data Scientist and Data Steward perspectives. And let’s face it, how many “unicorns” are out there who can genuinely offer both perspectives?

In any event, the business also needs to remain responsible for the data set throughout. And if opportunities arise to improve the data so that it is more fit for the purpose(s) that are required of it, so much the better.

Saturday, 22 February 2014

Information Management quote of the Week - 21/02/14

"The beginning of wisdom is the definition of terms".

(Attributed to Socrates

Thursday, 20 February 2014

Records & Information Officers’ Forum - "Top 10 Takeaways"

There were two full days of discussion, thought leadership and reflection on the topics of records keeping, information management and data governance at this week’s “Records & Information Officers’ Forum, hosted by Liquid Learning. (As well as chairing the event, I had the doubtful honour of introducing myself to give an expert commentary presentation on "The ABC of Data Governance".)

The event featured participants from both commercial and public sectors (though government agencies predominated), and featured contributions from Comsuper, Public Records Officer Victoria, Department of Human Services, Department for Health & Ageing South Australia, the Australian Sport Commission and Veda. Vendor and service provider contributions included presentations from Delib, HP Autonomy and Deloitte. Their though-provoking content provided stimulus for a highly interactive forum with some great debate.

A particular highlight was the keynote presentation from John McMillan, the Australian Information Commissioner, who addressed themes including data privacy, open data and cultural shift within both public and private sectors.

In addition to the “hot topic” themes for information management that I identified pre-conference (all of which were discussed and validated to a greater or lesser degree) and the issues I touched upon during my own presentation, some other factors were cropping up consistently throughout the various sessions. Here are my own personal “Top 10 Takeaways” from the conference:

1. Information Management Standards:
Standards are beneficial, valuable and worthwhile – as long as they don’t proliferate. Standards developed collaboratively are more likely to be of better quality and more pervasive. It is important to consider requirements and perspectives outside of the core mandate – however this takes courage.

Key standards for Information Managers to give consideration to include:  ISO16175 (Principles & Functional Requirements for Electronic Office Environments), ISO15489, (Records Management), ISO30300 (Management Systems for Records), ISO21281 (Metadata for Records),  ISO26122 (Work Process Analysis for Recordkeeping), ISO13028 (Implementation Guidelines for Digitisation of Records), ISO9000 (Quality Management), ISO31000 (Risk Management), ISO27001 (Information Security) and the forthcoming AS5478 standard for Recordkeeping Reference Metadata.

See also www.adri.gov.au for more information.

2. Information Privacy Implications:
With 78 different pieces of legislation within Australia that have a bearing on data privacy, the challenge is to ensure that everyone is aware of their obligations. Policies, procedures, education & ongoing updates are all necessary.

With respect to the new Australian Privacy Principles (APPs), APP #8 is likely to be the most impactful (accountability for data in cross-border transfers). With a diverse stakeholder group, regulatory change looks more like cultural change. (See also this article on SearchDataManagement.)

Note that the legislative standard of obligation for organisations is that “reasonable steps” are being taken to protect personal information, not “ensure” that privacy is protected.

3. Developing the Information Culture:
“Transparency is an idea whose time has come.” With recent legislative changes, the default policy position within Australian government is now “open access by default” (e.g. per Principle #1 of the Open Public Sector Information Principles). The language shift from “Government Information” to “Public Information” reflects this. There are new opportunities created for improved efficiency and effectiveness of government services, based on proactive publication and open data (e.g. NSW Open Data Policy,  the Victorian Data Directory, the South Australian Declaration of Open Data and the continuing expansion of the International Open Government Partnership).

There are still practical limitations, however. Accessibility, Open Data licensing, metadata standards, de-identification and compliance with the Australian Privacy Principles all need to be addressed. The move to a culture of “open by default” also needs active leadership and promotion (and hasn’t yet been fully embraced).

4. Inter-organisational co-operation and information exchange:
The establishment of “Single Main Contact” roles creates a focal point for inter-organisational co-operation. Such roles enable filtering of non-compliant information requests at source, as well as ensuring the scope of inter-agency information requests are properly controlled.

Information sharing agreements are becoming more prevalent.

5. Information Security: Information Security is all about managing risk – the degree to which you will act depends upon your appetite for risk. Even in the face of proliferating data sources and devices, the biggest exposure to information breaches are still people – you need to keep educating.

Four key tools are required to support a functional Information Security regime: 1. System/Info Asset Register 2. Identity Register 3. Risk Register 4. Incident Register. A basic three-step approach applies to developing Information Security controls: 1. Catalogue the inventory 2. Classify the contents based on sensitivity & privacy risks 3. Treat any exposure to data leakage.

6. Managing Data Breaches:
The Data Breach Policy, Information Security Policy and Whistleblower Policy all need to align and support each other.

A standing response team should be established, working to a four-step incident management protocol:

1. Report the breach 2. Keep information relating to the breach 3. Assist investigation 4. Monitor the situation, including root-cause analysis and remedial action.

7. Information As An Asset:
Building upon the requirement for a Systems Asset Register to support Information Security process, there are four key steps to establishing the vision of information as an asset (and the associated information services):

1. Map the key Information Domains 2. Map the Information Subject Areas. 3. Map the Information Containers 4. Map the business usages of data.

Only populate the data warehouse with well-modelled, cleansed data.

8. Key “non-IT” skills for the Information Governance team:
Skilled resources to look for include Data Scientists, digital archivists, Information Managers, legal professionals, linguists, social anthropologists.

Also reference the SFIA model for additional guidance.

9. Building the Information Management Business Case:
There are three factors that underpin the basis a Business Case – fear, faith or fact. (We can aspire to have business cases that are fact-ish…)

Build the narrative up front before embarking on a project:
Assess the current state > Establish a target vision > identify a compelling event > link to and leverage any strategic objectives > identify influencers and detractors > measure the ROI.

10. The concept of “Dark Data”:
Up to 69% of data stored by organisations is “dark data”; human readable, unstructured, unindexed, unmanaged and inactive. As such, it has no real business value and should be candidate for defensible disposal.

Do these issues resonate with you? What action are you taking to enhance the utility and value of information within your organisation? Please share your stories….

Thursday, 13 February 2014

Information Management quote of the week - 14/02/14

A new feature on Information Action - the Information Management Quote of the Week. For Valentine's Day, here's a thought in information and love from Frank Zappa: 

“Information is not knowledge.
Knowledge is not wisdom.
Wisdom is not truth.
Truth is not beauty.
Beauty is not love.
Love is not music.
Music is THE BEST.”

Tuesday, 11 February 2014

Gazing in to the Information Management Crystal Ball

Looking ahead, ahead of the Records & Information Officers' Forum

In finalising my preparations ahead of chairing of the 5th Annual National Records & Information Officers' Forum, I thought I should put down a few thoughts and observations ahead of the event and make note of some of the key issues to which I expect the industry to return, not just at this particular event, but during 2014 more generally... (I've decided to make do with a crystal ball as my divination method of choice this year; goat's entrails are more traditional, but it tends to upset the children and always make such as mess...).

Hot Topics

Privacy & Information Security
With all the debate last year about the NSA, PRISM, Edward Snowden etc., as well as the European Union's exploration of new, tougher Data Protection Standards, Information Privacy was high on the "talking point" list in 2014 (indeed, Dictionary.com made it their word of the year). I anticipate that 2014 to be the year where we move from talking about privacy to actually doing something about it. And I expect the key drivers to be based on it being good business, rather than being about regulatory compliance. Businesses will need to address their customers' concerns about privacy and security of their data (or at the very least, be seen to be doing something), or risk the reputational fallout that will follow.

Information Value
Regular visitors to this blog will know that identifying demonstrable business value (ak.a. "benefits" or "outcomes") is a continuing theme of mine where Information Management and Data Governance are concerned. Correlation of business process and the information consumed by the process is vital. It encourages me to see that others are starting to come to the same realisation and I'm pretty hopeful that in the coming year, the technology vendors will actually start selling their solutions based on business outcomes rather than on technical features, scaremongering and "next big thing" hype. "Value" has even started appearing regularly in the pick-list of "Big Data Vees", although the tech megavendors like IBM  and Oracle seem to be slow to join the party...

"Big Data" is a fact of life
Sorry, but I do have to go there. Yes, I hate the term. Yes, I wish we could have a proper, nuanced conversation about the nature of data and its utility within specific values, rather than resorting to this ugly, meaningless shorthand. (And yes, I recognise that in continuing to rail against the phrase "Big Data", I'm trying to turn the Cnutian tide, close a stable door after the prize filly has galloped headlong into the neighbouring county and re-moor a particularly large ocean-going liner that has a full head of steam). But on the plus side, I think we're starting to see a shift towards real and repeatable solutions for complex analytics using high volumes of input data. During 2014, I expect that just as has been happening within healthcare, further business use-cases that can properly exploit the tool-kit will start to move from being niche hand-built solutions to become more pervasive packaged applications.

Records-keeping is dead...
Controversial statement I know, given that I'm about to chair a conference for records and information officers! The fact is that technologies and tools such as Enterprise Search and eDiscovery are now sophisticated and pervasive enough to render traditional librarianship capability nigh-on redundant. (If not right now, then soon). Compliance is not a motivator. So what I'm looking for is a mindshift. Recordskeeping people will need to re-think, re-group and re-position themselves as enablers of business outcomes, facilitating and communicating the value inherent in the information holdings that they curate. Curiosity, insight, analytical thinking, narrative, engagement, influence - long live the Records-keeper!

Data Governance and the rise of the CDO
Given that I'm also contributing an expert commentary session to RIOF, as well as charing the event, I thought I'd better finish by mentioning Data Governance! For me, the Data Governance capability provides the catalyst to pull together all of the above issues into a coherent approach, particularly when faced with the prospect of increasingly distributed treatments of data. Data Governance also provides the focal point for other complementary requirements and capabilities e.g. Metadata management, Information Asset Management, Ownership & Stewardship etc.). As the industry continues to mature, I expect to see that the emerging role of the Chief Data Officer will encompass and build upon the progress that we've made in establishing Data Governance as a required organisational competency, so that the organisation finally gets a true end-to-end Information Service capability. That is a prospect that I'm really looking forward to.

What do you think? Have I got the key themes right? Are there other pressing issues that need to be addressed in the Records and Information space? What questions would you want to ask the RIOR expert panel? I'd love to hear your thoughts.

Sunday, 2 February 2014

Share the love... of Data Quality

A distributed approach to Data Quality may result in better data outcomes

A recent news article on Information-Management.com suggested a link between inaccurate data and “lack of a centralized approach.”

But I'm not sure that "lack of centralization" is the underlying issue here; I'd suggest the challenge is generally more down to "lack of a structured approach", and as I covered in my blog post “To Centralise or not to Centralise, that is the Question”, there are organizational cultures that don’t respond well (or won’t work at all) to a centralized approach to data governance.

When you then extend this to the more operational delivery processes of Data Quality Management, I'd go so far as to suggest that a distributed and end-user oriented approach to managing data quality is actually desirable, for several reasons:
  • Many organisations just haven’t given data quality due consideration, and the impacts can be significant, but often hidden.
  • Empowering users to thinks about and act upon data challenges can become a catalyst for a more structured, enterprise wide approach.
  • By managing data quality issues locally, knowledge and expertise is maintained as close to point-of-use as possible.
  • In environments where funding is hard to come by or where there isn’t appetite to establish critical mass for data quality activity, progress can still be made and value can still be delivered

I also observe two trends in business, that have been consistent in the twenty-plus years that I've been working, which are contributing to make a centralised delivery of data outcomes ever-more difficult:

1) Human activity has become more and more complex. We’re living in a mobile, connected, graphical, multi-tasking, object-oriented, cloud-serviced world, and the rate at which we’re collecting data is showing no sign of abatement. It may well be that our data just isn't "controllable" in the classic sense any more, and that what's really needed is mindfulness. (I examined this in my post "OpeningPandora's Box" )

2) Left to their own devices, business systems and processes will tend to decay towards a chaotic state over time, and it is management's role to keep injecting focus and energy into the organisation. If this effort can be spread broadly across the organisation, then there is an overall cultural change towards better data. (I covered aspects of this in my post "Business Entropy - Bringing Order to the Chaos")

Add the long-standing preoccupation that management consultants have with mapping "Business Process" rather than mapping "Business Data" and you end up in the situation that data does not get nearly enough attention. (And once attention IS payed, then the skills and capabilities to do something about it are often lacking). 

Change the culture, change the result - that doesn't require centralisation to make it happen.