“Data! Data! Data! I can’t make bricks without clay.”
— Sherlock Holmes, in Arthur Conan Doyle’s The Adventure of the Copper Beeches
You should by now have a solid understanding of the growth of and history of data, data challenges and how to effectively manage them, what data as a service (DaaS) is, how to optimize data using both internal and external data sources, and the benefits of using DaaS. In our final post of the series, we will discuss the top six things to consider when creating a Data Services strategy.
Let’s break this down into two sections: 1) pre-requisites and 2) the checklist.
We’ve identified four crucial points below to consider prior to starting your data services strategy. These will help frame and pull together the sections of information needed to build a comprehensive strategy to move your business towards success.
1: View data as a strategic business asset
In the age of data regulation including BCBS 239 principles for effective risk data aggregation and risk reporting, GDPR and others, data, especially that relating to an individual, is considered an asset that must be managed and protected. It also can be aggregated, purchased, traded and legally shared to create bespoke user experiences and engage in more targeted business decisions. Data must be classified and managed with the appropriate level of governance in the same vein as other assets, such as people, processes and technology. Being in this mindset and appreciating the value of data and recognizing that not all data is alike and must be manged appropriately will ultimately ensure business success in a data-driven world.
2: Ensure executive buy-in, senior sponsorship and support
As with any project, having executive buy-in is required to ensure top down adoption. However, partnering with business line executives who create data and are power users of it can help champion its proper management and reuse in the organization. This assists in achieving goals and ensuring project and business success. The numbers don’t lie: business decisions should be driven by data.
3: Have a defined data strategy and target state that supports the business strategy
Having data for the sake of it won’t provide any value; rather, a clearly-defined data strategy and target state which outlines how data will support the business will allow for increased user buy in and support. This strategy must include and outline:
- A Governance Model
- An Organization chart with ownership, roles and responsibility, and operations; and
- Goals for data accessibility and operations (or data maturity goals)
If these sections are not agreed from the start, uncertainty, overlapping responsibilities, duplication of data and efforts as well as regulatory or potentially legal issues may arise.
4: Have a Reference Data Architecture to Demonstrate where Data Services Fit
Understanding the architecture that supports data and data maturity goals, including the components that are required to support the management of data from acquisition through distribution and retirement is critical. It is also important to understand how they fit into the overall architecture and infrastructure of the technology at the firm. Defining a clear data architecture and its components including:
- Data model(s)
are required prior to integration of the data.
5. Data Operating Model – Understanding how the Data Transverses the Organization
It is crucial to understand the data operations and operating model – including who does what to the data and how the data ownership changes over time or transfers among owners. Data lineage is key – where your data came from, its intended use, who has/is allowed to access it and where it goes inside or outside the organization – to keep it clean and optimize its use. Data quality tracking, metrics and remediation will be required.
Existing recognized standards such as the Global Legal Entity Identifier (LEI) that can be acquired and distributed via data services can help in the sharing and reuse of data that is ‘core’ to the firm. They can also assist in tying together data sets used across the firm.
Checklist/Things to Consider
Once you’ve finished the requirements gathering and understand the data landscape, including roles and responsibilities described above, you’re now ready to begin putting together your data services strategy. To build an all-encompassing strategy, the experts suggest inclusion of the following.
1: Defined Data Services Required
- Classification: core vs. business shared data and ownership
- Is everyone speaking a common language?
- What data is ‘core’ to the business, meaning it will need to be commonly defined and used across the organization?
- What data will be used by a specific business that may not need to be uniformly defined?
- What business-specific data will be shared across the organization, which may need to be uniformly defined and might need more governance?
- Internal vs external sourcing
- Has the business collected or created the data themselves or has it been purchased from a 3rd party? Are definitions, metadata and business rules defined?
- Has data been gathered or sourced appropriately and with the correct uniform definitions, rules, metadata and classification, such as LEI?
- Authoritative Data Sources for the Data Services
- Have you documented where, from whom, when etc. the data was gathered (from Sources of Record or Sources of Origin)? For example, the Source of Origin might be a trading system, an accounting system or a payments system. The general ledger might be the Source of Record for positions.
- Who is the definitive source (internal/external)? Which system?
- Data governance requirements
- Have you adhered to the proper definitions, rules, and standards set in order to handle data?
- Who should be allowed to access the data?
- Which applications (critical, usually externally facing) applications must access the data directly?
- Data operations and maintenance
- Have you kept your data clean and up to date?
- Are you up to speed with regulations, such as GDPR, and successfully obtained explicit consent for the information?
- Following your organization chart and rules and requirements detailed above, are the data owners known, informed and understand they are responsible for making sure their data maintains its integrity?
- Are data quality metrics monitored with a process to correct data issues?
- Do all users with access to the data know who to speak to if there is a data quality issue and know how to fix it?
- Data access, distribution and quality control requirements
- Has the data been classified properly? Is it public information? If not, is it restricted to those who need it?
- Have you defined how you share data between internal/external parties?
- Have the appropriate rules and standards been applied to keep it clean?
- Is there a clearly defined process for this?
- Data integration requirements
- If the data will be merged with other data sets/software, have the data quality requirements been met to ensure validity?
- Have you prioritized the adoption of which applications must access the authoritative data distributed via data services directly?
- Have you made adoption easy – allowing flexible forms of access to the same data (e.g., via spreadsheets, file transfers, direct APIs, etc.)?
2: Build or Acquire Data Services
To recap, are you building or acquiring your own Data Services? Keep in mind the following must be met and adhere to compliance:
- Data sourcing and classification, assigning ownership
- Data Access and Integration
- Proper Data Services Implementation, access to authoritative data
- Proper data testing, and data remediation, keeping the data clean
- Appropriate access control and distribution of the data, flexible access
- Quality control monitoring
- Data issue resolution process
The use and regulations around data will be constantly evolving as will the number of users data can support in business ventures. We hope that this checklist will provide a foundation towards building and supporting your organization’s data strategies. If there are any areas you’re unclear on, don’t forget to take a look back through our first five blogs which provide more in-depth overviews on the use of data services to support the business.
Thank you for tuning into our first blog series on data management. We hope that you found it informative but most importantly useful towards your business goals.
If you enjoyed our blog series or have questions on the topics discussed, write to us on Twitter@FRGRISK.
Dessa Glasser is a Principal with the Financial Risk Group, and an independent board member of Oppenheimer & Company, who assists Virtual Clarity, Ltd. on data solutions as an Associate.