|
Data Governance Conference
Conference
Session Abstracts
Data Governance Is NOT The Same As IT Governance!
Gwen Thomas
President
Data Governance Institute
IT
Governance has found its way over the last few years into the consciousness
of corporate America as executives took up the battle cry of "It's
time to run IT like a business!" Business leaders demanded
more input into the large and expensive systems they were funding.
And the Sarbanes-Oxley Act of 2002 requires controls over financial
data - including controls over financial IT systems. As a result,
many organizations have implemented IT Governance programs.
Leaders searching for operational efficiencies may ask whether IT
Governance programs could be assigned responsibility for Data Governance.
Gwen Thomas, President of The Data Governance Institute, explains
five reasons why most IT Governance functions are ill-equipped to
govern data. Hear examples of:
· front-loaded versus recurring decisions
· trickle-down empowerment versus-trickle up accountability
· top-down versus non-hierarchical input
Learn
how to justify your own, independent program using terms your corporate
executives are familiar with.
Charting
the Governance Landscape
Ian Rowlands
Senior Director
ASG
The
IT organization is being challenged to "govern" many aspects
of its activities. Data Governance, IT Governance, SOA Governance,
Application Governance … there are many apparently overlapping
and intersecting initiatives.
This presentation will consider issues such as:
· How are the Governance issues related? Is there an overall
governance framework in which the initiatives can be placed?
· What is the relationship between governance and regulatory
compliance?
· Are there any common approaches or enabling technologies
that allow governance activities to yield incremental benefits?
· What is the place of metadata management in the governance
equation?
· Does Service Oriented Architecture change the governance
landscape?
The presentation will draw on real-world insights from metadata
managers in major commercial and government organizations to chart
the governance landscape and provide tools for governing governance!
It's
More than Just SOX
What You REALLY Need to Know About Regulatory Compliance
David Schlesinger
Chief Design Architect
Metadata Security and Compliance
Data
specific regulations are rapidly expanding and include HIPAA, Sarbanes-Oxley,
EU Privacy 945-EC, GLB II, Canadian Privacy Laws, US Patriot Act,
FISMA Rules, GAAP separation of duties, FTC Data Safeguarding Standards,
Corp Into. Security Accountability,
SB 1386 Security Breech actions, AB 74 Electronic interception,
AB 1901 Theft of Electronic files, FDA data retention laws and many
others. Data regulatory compliance can actually be hampered by taking
a parochial view and handling each law in isolation.
This presentation will provide a snapshot of what each of these
laws require and what actions might be necessary for your company
in order to assure governance and regulatory compliance. The goal
of the session will be to show how centralizing information regulatory
compliance is the next step in enterprise governance and must be
reflected by changes in corporate perspective.
Master
Data Management Governance Challenges
David Loshin
President
Knowledge Integrity Inc.
Introducing an MDM program is intended to generate many benefits
to enterprise information and data management. By creating an environment
guided by data governance policies and procedures to consolidate
replicated versions of data into a single version of the truth (shared
by both analytical and operational applications), MDM alleviates
problems related to the consistency, completeness and accuracy that
constrain other strategic initiatives. MDM can help bring fully-integrated
business intelligence, reporting and predictive analytics into production
operational applications.
MDM, however, is a disruptive technology, and opting for an MDM
solution introduces organizational challenges to be addressed to
ensure success. Issues associated with data ownership, governance,
and change management all can scuttle even the best planned MDM
projects. Understanding these challenges and addressing them from
the beginning enables a savvy program manager to build a project
plan that identifies key tactical milestones while providing a smooth
transition towards the strategic end of a unified MDM repository.
In this presentation, we discuss expected governance challenges
and provide suggestions for implementing a successful MDM program.
Attendees will learn:
· Organizational, Operational, and Technical challenges
· Integrating organizational governance into the MDM framework
· Recommendations for strategies for a successful program
Sustaining
Data Governance and Maintaining Access Management and Metadata Management
Pamela Hulse
Director, Data Governance and Compliance
Wolters Kluwer Health
The Healthcare Analytics division of Wolters Kluwer Health is a
data factory. Acquiring, accumulating, cleansing, packaging and
selling data is our business. We take in 10 million pharmacy transactions
per week to produce business intelligence products - sales, marketing,
research, and custom analytics - for pharmaceutical companies. Working
with outdated legacy systems and continually expanding repositories
exceeding over 70 terabytes of data, we realized we faced a significant
challenge: how to meet the growing breadth of regulatory and contractual
requirements for managing, controlling, and documenting data access
and distribution.
This
is a case study of how, over the past two years, we revolutionized
our organization with the infusion of a comprehensive Data Governance
Program, and continue to sustain that Program through an acquisition
and outsourcing of our data processing environment - impacts that
will completely transform the way in which Healthcare Analytics
does business. In this presentation:
·
Our cultural revolution inspired by the Data Governance Program
and framework
· How our approach to data governance addresses regulatory
and contractual requirements through effective access controls and
metadata management
· The challenges of sustaining an effective Data Governance
Program through acquisition and outsourcing of core processes
Building
Regulatory Compliance Requirements into Your Data Definitions
David Scheslinger
Chief Design Architect
Metadata Security and Compliance
This presentation will show why you need a unified strategy to comply
with all legal requirements for SOX, US & Canadian Privacy laws,
Gramm-Leach Bliley, HIPAA, Homeland Security and USA Patriot Acts,
Controlled Technology, SEC Insider laws, business partner
private data, EU Privacy Directive 95/46/EC , California laws SB-168
and AB-1901, and almost 100 other data-specific government regulations.
We will illustrate the importance of partnership with other internal
groups to achieve effective regulatory compliance. We will point
to a pivotal similarity among all types of information regulations,
and show why hundreds of information laws and regulations funnel
down into
fewer than ten regulatory "Families." The presentation
will demonstrate a taxonomy structure to drive enforcement of compliance
actions. David will provide a case history of a data classification
technique capturing data compliance requirements to show how your
enterprise can protect and audit itself.
· The need to manage a rapidly growing number of data regulations
· How to spot a super-class of data called "Regulated
Information"
· Why single-issue solutions may hinder corporate governance
· The presentation of a simplified "Regulatory Family'
taxonomy
· A maintainable method to capture data regulatory requirements
in a repository
· How to link data regulatory requirements to auditable compliance
action
Deciding
What Data to Govern - A Case Study from Sallie Mae
Michele Koch
Senior Manager of Data Administration
Sallie Mae
How do you decide what data your governance program should address?
Sallie Mae wanted to focus on enterprise data, so they embarked
on a project to identify fields that were used by multiple business
units. In this case study, attendees will learn:
·
How project members narrowed the list of many thousands of candidate
data fields to a manageable list - and the relationship they discovered
between these enterprise fields and Master Data
· The top-down approach that inspired business users to volunteer
their expertise, while educating them to the relationship between
conceptual entities, logical entities, and physical data elements
· The accompanying "top-down" and "bottom-up"
tools and processes used to discover enterprise data across multiple
systems
· The tools and processes used to store results - and how
various IT groups are leveraging this information to manage cost
and complexity
· How this project paved the way for implementing formal
Enterprise Data Stewards as part of Sallie Mae's new Data Governance
program.
Does
Data Governance Ensure a Successful MDM Implementation?
Malcolm Chisholm
President
AskGet Inc.
Master
Data Management (MDM) is often thought of as an area where data
governance can be extremely effective. While it is true governance
does have a very positive impact on MDM, there are limits to what
it can achieve. This is true even if data stewardship is included
in governance - although stewardship and governance are quite different
things. This presentation will clearly show the boundary between
what governance and stewardship can achieve for MDM, and what aspects
of MDM lie beyond what they can address. Special attention is paid
to the way master data is utilized by the enterprise, and the specific
management requirements of master data. Governance and stewardship
metadata is contrasted with metadata needed for other aspects of
MDM. Practical advice is presented on where the limits of governance
and stewardship lie, and where other competencies need to be invoked
for successful MDM.
Participants
will learn:
·
The roles that governance and stewardship play in MDM and the solutions
they provide.
· Specific management requirements of MDM and how they map
to governance and stewardship.
· MDM-specific metadata and how it maps to governance, stewardship,
and other areas of MDM.
· The limits of governance and stewardship in MDM.
· Risk that may arise from presuming that governance and
stewardship can satisfy all aspects of MDM.
The
Many Moving Parts of Governance - A Top 10 Financial Services Firm
Case Study
Duffie Brunson
Senior Principal
Knightsbridge Solutions.
Governance
today is not well understood. Most definitions devolve into academic
discussions of standards and strategies. Additionally, governance
tends to be established silo-by-silo within IT or data warehouse-by-data
warehouse. For this reason, line management finds governance difficult
to embrace.
After
assessing the enterprise-wide reporting, metrics and analytical
capabilities of a major bank, it became apparent that the lack of
a coordinated management structure to address these issues and respond
with a plan was significantly contributing to the problem. By implementing
a governance structure that could actively link integrated business
and technology teams with corporate and strategic initiatives, the
firm began to see results.
This
presentation will address the three basic principles of governance:
· Governance is more than standards, reporting, and prioritization
of projects
· A strong governance organization
· Ties business and technology into a tightly integrated operating
entity
· Manages and integrates ongoing technology and data investments
· Increases the speed of organizational response by driving accountability
and decision-making into the organization
· Governance is not static; it must evolve over time
This
presentation will also discuss the governance infrastructure, functional
pillars, and governance tools.
The
Strategic Imperative of Data Governance
Steven Adler
Program Director, IBM Data Governance Solutions
How
much is your data worth? What are the probabilities of risk? How
much should you spend to protect your data from theft, fraud, abuse,
and regulatory fines? Who is using your data, inside your organization,
with business partners, outsourcers, offshore, why, and when? What
policies do you need? How do you govern them? Who should Govern
data, and what does your organizational structure look like?
These
are key questions that every government executive needs to answer
today because data is an extremely valuable commodity and everyone
has an obligation to govern it correctly. With rising rates of cybercrime
and fraud, and growing regulatory requirements, Data Governance
is a strategic imperative.
Effective
Data Governance is a culture of organizational behavior that mitigates
risk. It is as much about self-control as it is about quality control,
the rule of law and the architecture of regulation.
It
is the process of balancing appropriate access to information to
maximize value creation with control and discipline to manage risk.
How an organization strikes that balance impacts employees, customers,
business partners, citizens, political institutions, and global
networks.
Presentation
Objectives:
·
Understanding Data Governance models
· Balancing Data Value and Risk
· Managing regulatory requirements, policy and obligations
· Evaluating data standards and Master Data Management
· Modeling business processes and controls
· Measuring and reporting results
· Creating consistency and good data governance
How
to Build an Effective Risk Data Governance Program From Scratch
Christopher Deger
Vice President
Risk Data Governance Program Manager
Wachovia
This
session will take the group step by step through the process Wachovia
used to develop and implement an industry leading Risk Data Governance
Program.
The search for better data management practices has led to data
stewardship and data governance efforts, but confusion over roles
& responsibilities and disconnects between IT and the business
have led to gaps in cooperation in some areas and redundancy in
others. In response to Wachovia’s need to become
compliant with Basel II requirements and the implementation of Advance
Data Management practices the organization has established a Risk
Data Governance Program based on a data governance model that brings
order to both organization and function.
The
key success factors present in Wachovia's Risk Data Governance Program
are:
· Clear Data Governance Vision
· Comprehensive Data Governance Model
· Executive Council
· Distributed Stewardship Community
· Central Data Governance Office
· Data Quality Assurance Operations & Technology
· Organizational Change Strategy
· Recognition of need for Cultural Change
· Commitment to Cultural Change (Corporate will to change)
· Strong Communications Plan
· Treat the "Fear Factor"
Leveraging Metadata for Information Classification
Jason Tiret
Product Manager, Data Modeling Solutions
Embarcadero
Kimber
Spradlin
Senior Manager, Security Solutions Product Manager, Data Modeling
Solutions
Embarcadero
Is
your data at risk and you don't even know it? Rapidly multiplying
databases, sparse documentation, and geographic distribution may
mean that you have sensitive customer or employee information sitting
in an unsecured and vulnerable database that you don't even know
about. To compound the problem, privacy-related regulations such
as HIPAA, GLBA, and PCI specifically require you to identify the
regulated data and to provide employees with instructions on how
to handle that data.
But the question is - how can you actually get a handle on the data
you keep so that you assess risk, secure the information, and communicate
appropriate usage policies? In our discussion, "Leveraging
Metadata for Information Classification" we will walk through
how you can use metadata and modeling to create a roadmap for your
corporate data assets that helps you understand and label your corporate
data. Specifically, we will cover:
· Articulating a corporate data classification
· Understanding data classification and regulations
· Applying classification labels to an enterprise data architecture
From Principles to Reality: The Hard Work of Data Governance in
Practice
Peter Aiken
Founding Director, Data Blueprint; and, Assoc Prof. of IS, VA Commonwealth
University
Elizabeth
Davis
Founding member and Unit Leader of the Information Quality Group
International Finance Corporation
Data
Management principles like "accountability at the source"
or "invest in data scrub projects only when you are able to
protect clean data going forward" are common sense and well-known
among data management professionals. But how can you make these
and other principles work in practice? What kind of support do you
need from senior management, from the IT Department, and from the
subject matter experts to launch a data governance initiative? What
do you need to give back to the business to build credibility and
deliver on your mandate?
Peter
brings a theoretical framework for assessing data management maturity
across of variety of institutions and businesses. Elizabeth is a
practicing data management professional with the war stories and
practical experience of building an "information quality"
function from the ground up in a large, global financial institution
over the last five years.
Areas
for discussion include:
· Essential data management principles that are the foundation
of governance
· Preconditions for success and organizational hierarchy
· Establishing relationships and credibility across the organization
· Living the data governance role day by day
· Delivering value to the business
Data
governance as a function is never "done", it never gets
easier, and it's always political. Learn how to work hard but smart
to provide effective data governance in any organization.
The
Impact of Proper Data Governance: Organization, Data, and Metadata
David Plotkin
Manager of Data Quality
Wells Fargo Consumer Credit Group
Data
Governance is important -- without the concept of a clear "owner"
(or owners) of the data, decisions can rarely be made or enforced.
At Wells Fargo, a series of committees was formed to define and
enforce data governance, including stewardship of data elements,
common business rules, and techniques for documentation and communication.
In this presentation you will learn:
· The organization structure needed to define and enforce
governance
· How to set up business data stewardship -- and use it effectively
to define and manage your data
· The metadata structures needed to document data governance
· The role data governance played in data management
· How data governance made major projects go more smoothly
· How data governance made it possible to define common business
rules and get agreement to use them
You're
Gonna' Need a Warrant
Janet Kampf Firestone
Data Administrator
Florida Department of Health (DOH)
Beth Anne Posey
Knowledge Management consultant
Florida Department of Health (DOH).
The
Florida Department of Health (DOH) is just 7 years old. It was constructed
by piecing together bits and parts of other state agencies. Any
metadata that existed (and it was minimal) lived at the program
level with the data users. No one person or one office knew what
data DOH had, where it was, how it was collected, protected or shared.
Tasked
with implementing some data standards and governance practices for
data collection, the Data Administrator had a lot of catching up
to do. The Y2K project woke some people up, and some more came-to
when HIPAA regulations hit close to home. Requests for projects
to create meta-data as part of their project documentation fell
on deaf ears. It was clear, there wasn't going to be Data Governance
without the "Government".
We
needed the authority to require metadata and adherence to data standards.
We needed a "warrant" to make projects create and turn
over their documentation for review to the Data team. To accomplish
that, we crafted and eventually implemented an Enterprise Level
Data Policy. One of the most important things this policy did was
to give the Data Administrator the authority to implement procedures
and standards needed to govern the collection, storage and sharing
of data.
A
Data Governance Board was created; made up of the Data Administrator,
Database Administration Manager and Data Integration Center Team
Lead. The review process implemented furthers the efforts to implement
standards across the enterprise, cuts down on data redundancy, promotes
data sharing and creates a repeatable process to keep meta-data
current with the physical implementation of the database.
We
have had some successes and hit some walls, but we are making progress.
This presentation will share the lessons learned and the offer some
insight in how to avoid some of the pitfalls.
Power, Control and Change in Data Governance
Len Silverston
President
Universal Data Models
Most data governance efforts are met with great resistance. Why
is that? This presentation will help provide insight into human
dynamics that can either foster or hinder data governance efforts.
In order for data governance to flourish, there are critical principles
that are important not only to understand, but also to practice.
This presentation will explain core human issues in data governance
programs and will include interactive exercises to enable participants
to employ these principles in common data governance scenarios
This presentation will include:
· What data governance is and what it is not
· Core issues in data governance
· Explanations of key human and organizational dynamics such
as common power, control, vision, trust, and conflict management
and how play out in data governance
· How some organizations have succeeded with effective data
governance and how others have failed
· Exercises to practice effective usage of the principles leading
to effective governance
|
