IBM Bolsters The Case For Information Governance

IBM recently staged a coming of age party for information governance. Information governance is nothing new for the company, its latest announcement simply heightens its growing emphasis. IBM, along with some other vendors, is increasing the drumbeat for a very good reason: governance is critical to leveraging information as effectively as possible. Since many enterprises are still unclear on what information governance is--let alone its benefits and how to do it--putting an information governance strategy in place is not intuitively obvious. But before we discuss the subject more fully, a little history lesson is appropriate to put in context how we have come to the need for a formal information governance strategy and program.

Putting the Use of IT for Decision Making in Perspective
In the dawn of modern data processing, when mainframes were synonymous with computing and the term "data processing" as an organizational name was not considered sufficient, IT organizations were often called management information systems (MIS). However, the reality was that those business systems (we are not examining the scientific track), such as accounts payable, accounts receivable and bill of materials, were clerical information systems and not management information systems. They implemented critical operational processes, but were, at most, used only indirectly for making management decisions. So MIS was shortened to IS and then later to IT to give a broader perspective.

But even though business applications have exploded far beyond structured (database-residing) transactional processing to include both semi-structured information (such as e-mails and word processing documents) and unstructured (bit-mapped) information, their emphasis still, for the most part, is on day-to-day transaction processing.

However, there has always been a parallel track to traditional business systems that tried to aid the management decision-making process. That track incorporated a small fraction of IT focusing on very narrow projects through the use of operations research (economic lot size, regression analysis, simulation modeling), decision support systems (DSS) and executive information systems (EIS). Those projects had very targeted objectives with the use of targeted sets of data.

The next step forward--data warehousing--involved a major leap of faith. Huge amounts of transactional processing data that had only been used for operational purposes was now collected, transformed in a number of ways, and stored in a large repository called a data warehouse. The leap in faith occurred because all of the uses of the data in the data warehouse could not be predicted a priori so it was not certain that the large investment in data warehousing would pay off.

Overall, though, taking that leap of faith seems to have been rewarded because at the same time the sophistication of analytical tools, such as data mining and multidimensional cube analysis, came into play. The whole field of business intelligence (BI) has evolved rapidly since then.Now we are moving into a new IT era that includes concepts never dreamed of years ago, such as social media. One of the most powerful trends is that computers are now being integrated more and more into things, such as cars, appliances and power grids. These computers have software intelligence that process operational data, such as monitoring the tire pressure on cars. That requires sensors and other infrastructure components, such as RFID tags. Although the resulting data is typically used locally for operational purposes, in many cases data is sent over a network to a central site for analysis, such as managing supply chain processes moving products to the right store at the right time.

All of these new sources of information, plus finding new, productive uses for existing streams of information lead to what is sometimes simply called "analytics." As these analytics move more into the core of the business, decision-making can be improved, leading to added value. Improvements may range from a supply chain process that cuts costs to a targeted marketing campaign that results not only in more revenue dollars, but also more overall average profit per customer, or improved quality of health care through pattern detection on real-time physiological data that can predict emerging infections up to 24 hours in advance. The first two examples are traditional examples that affect the bottom line of businesses. The third illustrates that "business" applications are moving into areas far out of the old spectrum. Even though cost savings may come into play (such as lower hospitalization costs), improving quality of service also improves customer satisfaction, which can result in more business for a particular health care organization.

Information Governance as a Way to Create Order Out of Information Chaos
Now using data for better decision-making is fine, but what has that to do with information governance? Well, the IT infrastructure in any enterprise is typically built piece-by-piece over time with each piece justifying itself. The end result--as might be expected--is likely to be unsightly. One would like to use data for decision-making, but not if the quality of data is poor or untrustworthy. Moreover, external factors, such as compliance and eDiscovery, are putting new demands on the IT infrastructure that were unanticipated, and therefore difficult or impossible to accommodate.

Information governance, a.k.a. data governance, is about creating order to the extent necessary and possible out of the existing information infrastructure chaos with the goal of aligning people, processes and information to achieve better use of information.

For example, the role of information governance in data protection is critical. Data protection is not only about the ability to restore data from a backup but also touches on compliance, eDiscovery and data privacy. That means an organization has to know "what" data is has and "where" that data is. An organization has to have a formal data retention policy in place not only to make sure that it does not run afoul of what is mandated, but also to avoid the risk and cost of storing and managing no longer useful data. All this is not going to happen on its own volition; a formal process, i.e. information governance, has to be put in place to do the job. (Please see my book, Data Protection: Governance, Risk Management, and Compliance, for a more detailed discussion of the need for data governance in conjunction with data protection.)IBM States the Case for the Value of Information Governance
However, information governance for data protection is something a company has to do or run risks, ranging from public embarrassment to legal exposure. IBM understands the value of information governance. The company's recent launch is both about presenting the value case for information governance, as well as the products and services it offers to support related processes.

IBM used a recent study by the IBM Institute for Business Value to demonstrate the value of information governance. The study surveyed nearly 400 business leaders worldwide in August 2009 about their use of information and the application of business intelligence. IBM then compared the information practices of top- and lower-performing organizations. Among the findings were that top performers were three times more likely to have high-quality information, 3.2 times more likely to have a strong decision support toolset, and 2.5 times more likely to foster a keen focus on driving business change. Most importantly for this discussion, top performers were three times more likely to use sophisticated governance systems than lower performers. Cause and effect are not necessarily correlated between data governance and top performers, which means we cannot conclude that having sophisticated data governance leads to top performance in companies. Still, it is a very positive sign.

IBM Sees the Coming of Age of Information Governance
Even though IBM calls its latest announcement a launch, the company has been prominent in information governance for a number of years as exemplified by its support of a customer-driven Information Governance Council, formerly the Data Governance Council. One of the key contributions of this group is a maturity model. The original version seemed to be modeled after the famous Carnegie-Mellon software maturity model, but the latest incarnation compares business operational maturity against information and analytics maturity to create a business analytics and optimization maturity model.

Personally, I find this new model very insightful, thought-provoking and useful. The model gives the name to the game at each stage of maturity and essentially demonstrates how to achieve additional value as an enterprise moves through different stages of maturity (and don't try to skip stages of maturity). The name of the highest stage--Breakaway--is enticing. Information governance is necessary for moving along the stages of the business model. (By the way, it also offers the CIO and the IT organization a strong raison d'etre, i.e., long-term, guaranteed full employment.)

IBM also takes the point of view that there is an information supply chain analogous to the flow of materials through a physical supply chain. IBM views that information governance is necessary to optimizing the information supply chain.So finally we come to what IBM is offering in the way of products and services:

When large vendors, such as IBM begin to emphasize something new and evolving, such as information governance, they recognize that they do not have all the product and service bits and pieces in-house. They therefore buy what they cannot make in a timely enough matter. IBM just announced the acquisition of Initiate. However, it has also acquired companies, including Guardium, Exeros and Lombardi that should help flesh out its information governance products and services.

My Take
Information governance is a cross-discipline in enterprises. That means both IT and line of business people have to be deeply involved and committed. It requires money, discipline and formally adopted processes and strategies. In addition to the ongoing commitment of senior executives, the mindset and efforts of individuals have to go beyond the boundaries, not only of their formal job descriptions, but also the roles for which they are paid. Monetary, cultural and internal political considerations are all challenges for successfully executing an information governance strategy.

To top it off, information governance is a "vision thing" whose nature and processes can be sometimes painfully subjective. Personally, although I recognize the pain, having been involved in discussions on the meaning of "customer" at a Fortune 500 company, I believe the gain of information governance is well worth the discomfort. So the efforts of those vendors who play a leadership role in information governance, such as IBM, are to be commended. Yes, successfully implementing information governance well is likely to be a struggle, but the value of moving up through the stages of the maturity model may well be worth it. Can your enterprise afford to bet otherwise?