Where Do You Draw The Lines Between Business And IT Ownership Of Data And Information?

I get many questions on this subject and it often turns into almost a religious debate. Let's throw some structure into it. Here's a decision-to-raw-data stack.

  1. Decisions
  2. Strategy
  3. Policies
  4. Objectives (e.g., clear understanding of what is driving revenue performance)
  5. Goals (e.g., achieve x% income growth)
  6. Calculated metrics (any combination, variation of the standard metrics or KPIs)
  7. KPIs (e.g., profitability, liquidity, shareholders value)
  8. KPMs (e.g., enterprise value, trailing/forward price/earnings)
  9. Metrics (e.g., fee income growth %, non-fee income growth %)
  10. Dimensions (part of MDM, e.g., customers, customer segments, products, time, region)
  11. Pre-calculated attributes (standard, cross-enterprise metrics, KPIs, and KPMs)
  12. Pre-built aggregates (used to speed up reports and queries)
  13. Analytical data (DW, DM)
  14. Operational data (ERP, CRM, financials, HR)

Obviously, it's never a clear-cut, binary decision, but in my humble opinion:

  • 1-6 should emphasize business ownership
  • 10-14 should emphasize IT ownership
  • 7-9 is where it gets murky, and ownership depends on whether metric/KPI/KPM is: 1) standard and fixed, 2) fluid and changes frequently, 3) different by product, line of business, or region.

What did I miss? Thoughts?

Comments

Ownership of data

At the highest levels where it matters most, which is evident in the genius of the U.S. Constitution, IP law and others, the discussion should begin with the individual's ownership of knowledge, which is only then converted to data when he/she is compelled to share.

Illegal torture techniques notwithstanding, intellectual contributions are voluntary, and motivation to share supersedes even contractual law, which the minority who retain the most intellectual horsepower are fully aware, so the continual corporate ownership of data with value depends largely upon motivation, incentives, and alignment of interest.

What so many of our friends in the legal and competitive intel career paths often forget, not to mention a fair portion of corp execs, is that the vast majority of good data they are consuming represents the past. Indeed many if not most of their corp structures are designed to protect the past, rather than optimize the future.

That said, IT doesn't own data -- the corporation does. Many IT professionals are confused about this relationship (with notable exceptions in CIO business leadership), and their place in the organization -- the resulting turf protection and petty internal power battles so common in large organizations do tremendous harm, create data silos, and enable systemic crises.

One important reason so many business decision makers are circumventing what has too often become a commodity infrastructure, instead of an opportunity to optimize human capital. The latter is also a problem with many enterprise SW vendors. Pretty easy to forget that the quality of the data being visualized depends almost entirely on the quality of the humans responsible for it. .02-MM

Of course, the corporation

Of course, the corporation owns its data. My question is who governs and controls it.

business is the corporation

Well actually in the subject line the question is:

Where do you draw the lines between business and IT ownership of data and information?

Now I realize that this represents commonly understood jargon in large mainly for profit public corporations, but that only serves to make my point about the confusion in the culture. That is, business and IT represent two different departmental units and function, but shouldn't when the topic is "ownership" of data. Note you did not say control in the question, which are two very different issues even if again they shouldn't be-- turf battles have killed many people and resulted in trillions of dollars in losses.

In for profit companies, the business leader should be and often is the CEO representing the corporation, and as the charge of the board has ownership and should have control of all data. IT's job is to serve the mission of the board, which includes protecting the data-- and that presumes control, but is quite often misinterpreted in my experience more often than not to be "power over" or "ownership"-- the latter of which is abused at the highest levels of the IT industry apparently in an attempt to motivate and hold accountable, but it is nonetheless improper, creates confusion, often with catastrophic results.

Towards more business ownership

To me, the point is that the lines are moving towards larger ownership of the business, while IT's mission is to facilitate this movement. It is a bit like the principle of black belts (the full time experts) and green belts (the business user) in six sigma : the higher the number in your list, the less the business is mature to become as a green belt, but the maturity is evolving. And IT has to drive this learning curve.

As an example, I believe that business would like to own point 10 and in fact, some business people reached the right maturity level to do that. Typically, we see that in controlling where businesses wants to be autonomous to manage for example charts of accounts , including their reconciliation in case of heterogeneous processes and systems. And IT should empower them with proper EPM systems and Analytical MDM systems to to that by their own. Some business domains are much less mature.

In the case of point 13, I feel that some business users, or at least some "power users" working at the lines of business, are eager to build "ad hoc data marts", just like you can see in retail, where the responsibility of replenishing the shops or the shelves can be shifted to local teams.

While I am sympathetic to the

While I am sympathetic to the distinction that you are drawing, I think that the answer is that only 14 is data owned by IT. The question that I think is worth asking is "who is the data for?" Operational data is for IT - in relation to that data IT is the business! But for all of the rest, it seems to me that the business is - in a strong sense - the owner.

more on "ownership"

Boris, fascinating angle from a legal perspective in regards to ownership. I believe the real challenge lies in how we can make BI more effective by clearly defining roles and responsibilities between the BI development and support community and line of business (LOB) users. It raises other questions, such as: How much control and oversight does IT need to enforce and assure overall data quality, governance and security? How should that be implemented, and by who?

It may help to put some context around “data and information.” Let’s assume we can narrow the scope to BI business and performance data, which only slightly reduces the breadth of the problem for CIO’s and their organizations. Today’s IT organizations are challenged with providing data and information so every department can run efficiently, while at the same time, they’re held responsible if the data they make available is compromised or misused. No wonder many would rather just lock down all data access through information prohibition. But that didn’t work with the 18th Amendment and certainly isn’t going to work for information today.

What we have seen as best practices in our customer base is where transactional output and operational Data Store data is validated, reconciled and maintained by the IT organization. That data is then provided to LOB managers under application and direct access security. That security is a shared responsibility between the LOB departments and their IT support groups.

The LOB users then have the ability to create new reports, charts, calculated fields and “dimensional” views of the data. The most successful approach appears to be when greater self service is provided to the LOB community without compromising the integrity, lineage and security of the source data.
- Dyke Hensen, PivotLink