As many blog posts, papers and articles have described, data strategy is the process of planning and creating ways to manage corporate data. A data strategy can include how the data is created, processed and used across the enterprise, as well as platform and storage requirements for the data. The objective is to have a socialized and practiced guideline for managing all of the enterprise data assets.
So how do data strategy and compliance work together for success? Let's first take a look at what it means to have an enterprise data strategy.
Data strategy for the enterprise
An enterprise data strategy involves a variety of components, which can include:
- A data governance plan to protect vital customer data and account information as it's used in operational processing. This could include financial processing and compliance with mandates like IFRS 9 and CECL, for example.
- Master data management so you will understand where data is created or mastered for usage and propagation throughout the enterprise.
- Platforms used for enterprise data assets like Hadoop, Oracle, DB2, Teradata, SQLServer, NOSQL, etc. A data strategy should address questions about which platform works best for transaction processing versus long-running analytics or predictive modeling, and which works best for analytics and reporting. Some organization choose to understand how each of these platforms can play a vital role in successful data usage.
- Data management principles, like metadata creation and usability (both technical and business). These principles help us identify redundancy and issues with definitions. Technical metadata can help identify which data is used across the enterprise and in what processes.
- Data redundancy guidelines that help minimize reuse (misuse) of the data across the enterprise.
- Data quality guidelines that help ensure the consistency and validation of your enterprise data assets.
- Data modeling standards that describe an enterprise data model, subject area modeling and solution data modeling differences. The standards should also describe techniques and methods needed to meet corporate requirements.
And then comes compliance
So, where does compliance fit in the mix? Compliance is the act of or process of doing what you have been asked or ordered to do (per Merriam-Webster). Let’s think of financial compliance as an example.
Regulatory compliance is conforming to a policy, rule, standard or law. So, after having been told that you have to do something – and establishing a data strategy enabling you to do it – you then have to answer this question: How do we prove that we've followed the requirement perfectly?
I ask this question every time someone says we have to meet financial compliance requirements. Some organizations have addressed the question by creating a compliance data store that's used for compliance reporting. To address compliance requirements, the following processes need to be written to this data store:
- All processes involving data that's used in a calculation whose results are used for financial reporting.
- Any process that propagates data from one data store to another. By including these processes, you can ensure accuracy of the data. Consider record counts and possibly a summarization of dollar amounts by customer.
- Other processes that may be required by your financial compliance department.
Some organizations require an approval by the compliance department that guarantees a specific process is completed the same way, every time.
Consider a document with many diagrams showing the flow of data as well as its manipulation, calculation, etc. You may want to consider using software that includes this metadata information. Sometimes, you may have the option to include just parts of the above methods to prove financial compliance.
How did your organization choose to meet financial compliance requirements?