DGIQ and Top Two Discussion Areas

In the second of the series on DGIQ-East 2023 I am going to discuss the two biggest discussions topics of last week’s conference: Organizational Structures and Maturity Models.

Before I cover these topics, I wanted to put in a plug for a charitable act by the Philadelphia Eagles that is supporting Children’s Crisis Treatment Center (CCTC) Children’s Hospital of Philadelphia (CHOP). CHOP is a former customer of mine.?

I am a lifelong Green Bay Packers fan, but since the 1970’s as a kid I had an affinity for the Eagles. While all the other kids were jumping on the Cowboys and the Steelers, I always liked the Eagle’s for some reason. The Eagles linemen released a holiday album. I particularly like the remake of Fairytale of New York originally done by the Pogue’s and performed by the Kelce brothers, Fairytale of Philadelphia: Philly Special Christmas Album. Please note:? I am not a Swifty. Consider a purchase for great causes.

Organizational Structure

In multiple sessions and keynotes there was focus on people last week. A very good thing. In a way I find it amusing as it is a long-standing topic that we always discuss and definitely nothing new. The main part of this was where should data governance teams or data offices reside within an organization. Fourteen years ago when I was doing interview for my mixed methods study in data governance it was one of the main discussion areas. Of the original set of 27 interviewees running data programs at mostly enterprise organizations ($10B+), about half were aligned to IT and about half were aligned to business functions with 3 running in this place between IT and Business organizational structures. This novel approach to keeping data outside of the business or IT was viewed as the only way to make things work due to things such as: (1) IT vs Business Conflict; (2) Shadow IT/Rogue IT/Phantom IT; (3) Stewardship Models. In the following sections we will discuss these three areas.

Business vs. IT

The notion of a battle between business and IT is one that has been going on for years, and really needs to stop. No one benefits from this; About 20 years ago I was working for a firm which had a CEO that rose from CIO and didn't have that problem. I learned how much benefit you get from alignment and execution. Yes, for those of you who know me Alignment is my favorite data governance word.

When we drill into this conflict it often starts with software companies who are looking for an alternative way to sell into shops where the IT organization have said NO, or they are trying to skirt around the rigor that IT has when introducing new tools. It also comes up when CIO's lose sight of what is really important. I learned in my career that CIO's are not IT leaders per se, they are really individuals who represent the business needs and organize their technical resources to address those needs. CIO's that look at themselves as leaders for the business have the greatest success in Business and Technical initiatives.

IT folks have a tough job, it is tougher when organizations don't have clear remit of what IT is doing, where there isn't great partnership, and where folks aren't working together. Cloud computing and SaaS applications didn't start these conflicts, they are just the latest incarnation of it. I remember once at an organization who tried to put controls on finance operations to stop new technology from coming in without appropriate IT approval. We learned "That Doesn't Work" you need to partner rather than control.

I will dive into the benefits of having IT more involved not less involved in the following section, but the following questions are ones that I love when trying to get folks to consider how to make this Business vs IT challenge go away:

• What is IT?
• What is its remit?
• What is IT good at?
• What does IT need to be better?
• What does the business want from technology?
• Where is time wasted in rolling out new technology?
• How can business needs and IT align to be better together?

Bringing these answers together can get organizations to a better place and stop this IT vs. Business debate. Remember, working together using the capabilities of subject matter experts decreases risk and increases the probability of success.

Shadow IT/Rogue IT/Phantom IT

Shadow IT: In the session I led on Tuesday I did an interview and Q&A session with Rene Rubio DG Leader from Hilton. He shared how at AFLAC he wasn't getting the most out of analytics, so he went down the Shadow IT route, he built out with his team the tools, capabilities, and process to be successful. Once things were up and running, he partnered with IT and transitioned that function back to IT for them to run for the long-term. Which was hugely successful. He demonstrated teamwork to build the capability and then let the Run be done by other resources so he could reap the benefits to drive things forward and move on to the next big thing. This was a great story.

Rogue IT: This is the idea where business functions try to do it all themselves, and get themselves into trouble with auditors, regulators, senior leadership, and ultimately boards. Some software vendors will try to position the idea of selling their wares to the business and keep IT out of it. This has been going on for 20+ years in my experience. They don't want to talk with the security, privacy, or infrastructure folks until they absolutely have to. Often they run into challenges and the negativity between IT folks and business sponsors gets everyone made and everyone else. This can be better when you don't go rogue, but include those other groups as you go through the decision making process. Use the experience of IT for its benefits. The smoother the acquisition and implementation is the faster go-lives happen and the greater the ROI is achieved. I view 12 weeks as the optimal target for getting SaaS software up and running. I have seen this with data platforms, salesforce, data visualization, and customer success tools. Great things happen when people work together for a common good.

Phantom IT: This is a term that gets used by a small number of firms where a special tiger team is formed that has people from business, IT, and GRC roles and they focus on a rapid selection and implementation. There are key goals and a pre-established transition plan on what happens during buy, implement, adoption, and mature of these capabilities. This is sort of like the software company focus of Land-Adopt-Expand-Renew but more aligned to the business needs and remit of other groups. By having a focused group implementing that is cross-functional the result is better, faster, and cheaper.

Stewardship Models

As we have these discussions about where things should align, the stewardship models come up, as they did last week. In those discussions I shared my perspective that I owe David Plotkin for. We talk a lot these days about federated stewardship, but I always like to start with two ideas: (1) Stewardship doesn't have to be a job, it is often best served when folks do data stewardship as one persona inside a bigger role; (2) Stewardship Roles Plotkin discusses in his book Data Stewardship: An Actionable Guide. I often speak of three types of stewards.

• Business Data Stewards - those highly worthy souls who do the hard work of data from creating/maintaining/deleting data; identifying more data needs; curating metadata; answering questions; managing the DG Inbox, and playing the role of data psychiatrist at treating the mental health of data users who are struggling. The last one is no joke, it is what good business data stewards do.
• Technical Data Stewards - nearly all don't want to be referred to as one but play the role of data custodian, data platform administrator, tool developer, and great partner to the business data steward. The best ones hear what isn't working and find ways to fix it.
• Enterprise Data Stewards - the 1 or 2 folks in an organization who are the right hand of the CDO or Data Sponsor. They know the data strategy, the corporate strategy, the best business data stewards, the SMEs, and the technical folks. They get stuff done. In my view this is my favorite DG role to do myself when I get the chance.

Corporate and Data Strategy

At DGIQ West in San Diego last June, John Ladley did a data strategy workshop and talked of the benefits of having data not just in a Data Strategy document, but in the corporate strategy. Many firms put tons of time into a data strategy document, and never executed to it, and suffer in silence, while others have data as part of the core corporate strategy and make it so they look to data for every initiative and work together to build a corporate strategy.

Novel Ideas

In summary, a novel idea is to give up on this whole IT vs Business conflict, get to know your people, needs, and ambitions and organize in a way that makes sense for your organization. Those three firms I spoke with nearly 15 years ago had it right for their organizations, find out what is right for your organization. Focus on building bridges, and drive things forward.

Maturity Models

The other topic that kept coming up last week was maturity models, and I hope someone does some good research on all the models that are out there and speaks to it at DGIQ next June in San Diego. Note: Call for Paper is open (hint, hint): https://dgiq2024west.dataversity.net/

A couple of key themes came up last week:

1.??? Everyone has a maturity model. DCAM, DAMA, every reputable consultancy, and many software firms have their own, some to build business and others to prove a point. As one former customer of mine asked "Which one do we use" - I am not going to try to answer that one today.? This is an area that needs more mindshare as we move forward as an industry.

2.??? Each different maturity model is built for a different purpose, the phrase I kept hearing was, figure out what you are trying to assess and then find the maturity model that fits, or like I have done in the past build one that works for you.

3.??? Leverage consultancies that have a maturity model that meets your need, and build out not just some maturity model score, but what are our next steps for success.

The last area of maturity models that I want to share is that in data governance build a model that hits all the areas that we talk about all the time:

• People - do you have: (1) Stewardship; (2) Roles & Responsibilities Defined; (3) Communication In-Place; (4) Appropriate Councils; (5) Sponsorship; (6) Others as needed?
• Data Architecture - do you have the right tools, models, capabilities, administration, and focus to be a base for a successful data program?
• Data Quality - do you have DQ Dimensions, Alerts, Tools, Reports, Dashboards, and Advanced Capabilities available for success?
• Data Privacy - do you have the classifications and privacy categories established, policies and enforcement in place, and educational programs available to meet the ever-increasing set of privacy regulations?
• Data Security - do you have alignment between the office of the CISO, data stewards, data analysts, and knowledge workers to meet the needs of security?
• DataOps - do you have the processes, procedures, standards, models, trained staff in place for efficient execution to drive things forward?
• Compliance - do you have the oversight function in place, is the appropriate level of enforcement in-place, and are you set up for efficient and acceptable audit alignment?
• Data Enablement - do you have the capabilities in place to enable all on how to use data, how to get the most benefit, and how to be successful in the long run?

There are many other areas such as data culture and literacy to be concerned with, and a good maturity model should help identify where you are and provide data to figure out what's next.

Summary

There are many things we talked about last week but the people and maturity model topical areas I heard the most of as I was participating in events last week. Getting people and organizational models right is vitally important.

?