Why IT Shouldn’t Be Responsible for Data Quality

Rob Enderle
Slide Show

The Case for 'Craft IT'

I ran into an interesting article in the Harvard Business Review this week that points to what may be a huge mistake management and IT are regularly making: Holding IT responsible for data quality. The author, Thomas C. Redman, wrote back in 2012 that you need to get responsibility for data the heck out of the IT department and put it someplace where the authority exists to assure the result. You see, line organizations collect and use the data, are far closer to the source, and have a far better understanding of what it means and how it is going to be used. This means that line organizations should own the responsibility for the data they use because they are generally closer to it, understand it more deeply, and will be the most impacted by the data quality.

Line also typically owns the budget to fund any data acquisition and analytics effort and thus is more likely to fund the effort fully. It appears that large companies and IT organizations often make the most foolish of management decisions, having the people that are responsible for something not have any real authority over it.

Responsibility and Authority

The reason business schools and internal auditors consistently recommend and require that responsibility and authority be matched is because disasters can occur if they aren’t. We saw this in spades back when the job of risk manager was created for financial organizations. Suddenly, someone was in charge of risk who could be blamed if things went bad, but who didn’t have any real authority to mitigate the risk they were supposedly responsible for. The executives making the decisions had no downside and suddenly there wasn’t a single class of risky lending they didn’t want to be part of, well, until it all came apart.

Having responsibility for something you don’t actually have authority over is on a very short list of assured career killers. Yet, with data, it is often the rule that the responsibility for it lies with IT but the authority over it lies with the line organization that funds and uses this data.

Data Ownership: At the Heart of the Problem

So why do I care? Well, we’ve been going on about two hot topics of late: security and analytics. On the security side, the breaches are largely the result of folks getting access to stuff they shouldn’t be able to access, and they do this by getting the authentication information on someone who often has more access than their job requires. The other topical area is analytics and the problem of firms not getting the value from their incredibly expensive analytics implementations, often because the data they are analyzing is corrupt.


The underlying implication of this is that much of our pain, from security to business intelligence, is because the wrong organization, IT, often owns the data. IT is an implementation entity providing a service and certainly can help assure the process, but the beneficiary of the service must own the data and the security around it.

Security and Accuracy

As noted above, two of the bigger problems we are facing have to do with data ownership. Much of the security problem results from people having access to data they are not authorized to use. I hooked up with Varonis after hearing terror stores of financial institutions and later casinos where customer financial information was pretty much available to every employee, potentially including temp workers, creating a massive audit, brand and financial risk. Once ownership is established at a granular level, IT only needs to make sure the system is working; the data owners have responsibility, authority and capability to minimize risk; and IT can still flag if suddenly someone with authority starts pulling lots of data (like a Snowden).

With data acquisition, the path is a bit more difficult and requires a close connection between the data scientist who understands the technology and the customer throughout the project. Here is where technologies like Beyondcore and IBM’s Watson come into play because they help make the query process intuitive and fully understand the need for accuracy at the front end to assure accuracy at the backend. But line, not IT, owns this; IT should only step in as facilitator.

Wrapping Up: Minimizing Security and Accuracy Risks

Protecting and assuring today’s enterprise has never been more difficult. Central to this effort is data ownership and assuring that those who use the data have both responsibility and authority to assure its accuracy and safety. When that doesn’t happen, the firm is exposed, not only to outside intruders who might get access to and misuse it, but to bad analytics results, which will lead to really bad decisions. In the end, the future success of your firm may depend on IT refusing to take ownership of the data and instead working to make sure that the line organizations have the right tools to secure and assure it.

Rob Enderle is President and Principal Analyst of the Enderle Group, a forward-looking emerging technology advisory firm.  With over 30 years’ experience in emerging technologies, he has provided regional and global companies with guidance in how to better target customer needs; create new business opportunities; anticipate technology changes; select vendors and products; and present their products in the best possible light. Rob covers the technology industry broadly. Before founding the Enderle Group, Rob was the Senior Research Fellow for Forrester Research and the Giga Information Group, and held senior positions at IBM and ROLM. Follow Rob on Twitter @enderle, on Facebook and on Google+



Add Comment      Leave a comment on this blog post
Aug 6, 2015 5:10 AM Len Len  says:
Rob, I am a big fan of Tom Redman, however advocacy of data quality as a business issue goes much further back than 2012. As far back as 2000 industry experts like Tom, Larry English, Ted Friedman and I advocated for business ownership of the quality of data. In reality, business owners could only effect certain aspect of data quality (training, rules and compliance) until fairly recently when the technology became "user friendly" enough for business to take action. One could ask, "which came first, the chicken of the egg" in this instance because business users have also become much more technically literate. Regardless, the advent of data governance, data stewardship have all forced data management markets to improve the friendly use of technology to the point where business users now have a say in data's quality. And, it is about time. Reply
Aug 8, 2015 6:09 PM Ron Ron  says:
For a truly durable data backup solution, I recommend taking a look at this USB flash drive, there is literally nothing like this on the market https://www.kickstarter.com/projects/1499056362/nayano-outrider-usb-flash-drive?ref=nav_search Reply
Sep 18, 2015 11:16 AM Linda Boudreau Linda Boudreau  says:
Great post, thanks for sharing. Because of the rising importance of data-driven decision making, having a strong data quality program (whether managed by IT or another department) is an important part of the equation, and will be one of the key factors in changing the future of business. There is so much great work being done with data in various industries such as financial services and health care. It will be interesting to see the impact of these changes down the road. Linda Boudreau http://DataLadder.com Reply

Post a comment

 

 

 

 


(Maximum characters: 1200). You have 1200 characters left.

 

 

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.