How to Apply MDM to Policy Management
Interview with FX Nicolas
Data policy management often a scattered and disjointed affair with no real cohesion taking place around the organisation but Master Data Management (MDM) help?
What does MDM offer in terms of improved governance, compliance security and control?
In this interview Francois-Xavier (FX) of the “Evolutionary MDM” solution providers Semarchy, shares some insights into how MDM can help with policy management, he also dispels some of the myths surrounding MDM and data governance.
Dylan Jones: When we hear of MDM in the press it’s often related to some kind of customer or product type mastering success. What are we missing? What other scenarios can MDM support that people often overlook?
Francois-Xavier: Historically, MDM was about customers and product data. This is why we find on the market many highly vertical products (mainly PIM – Product Information Management, CDH – Customer Data Hub and CDI – Customer Data Information) focusing on these two entities.
There is one issue here: Master Data conceptually represent the “subjects and objects” of the corporate world. We cannot restrict the world to “customers and products”. Master data must include today “suppliers”, “employees”, “locations”, “assets”, “cost centers”, etc.
In addition, we have to relate these “subjects and objects” together: For example, “employees” have specific skills related to “products”, and “customers” owns “products”.
When you have these relations at hand, you can quickly find the best employe to help a customer on a critical case. Having employees, products and customers is separate systems no longer makes sense. This is why today, multi-domain MDM solutions create real value.
Dylan Jones: What is it about an MDM approach that lends itself particularly well to policy management and control?
Francois-Xavier: Most of the time, people think about MDM as a “storage for master data”. This assumption is a mistake.
MDM includes master data storage, but is also about creating, accessing, managing and more generally “governing” this master data. Governance is a business thing, and re-thinking data governance is a long process.
I always tell end-users that 80% of the work in an MDM initiative will be paperwork and meetings to “take formal decisions and implement changes around your data”, for example:
How should each master data entity or attribute be structured?
How will it be controlled?
What security policies and procedures are necessary?
How will the data be used, created, modified, deleted and archived?
Who owns the data and how will decision rights be determined?
I think that the best approach is to answer most of these question in a “declarative” way as much as possible, because this is what human beings understand better.
The idea is to express answers as “rules” or “policies” that the business understand quickly.
Dylan Jones: Can you give an example?
So I express “data quality” as statements, such as:
“A Customer should have an email or phone number”
and not as processes:
“Check the email, If it is null, then check the phone number, if it is null then issue an error”
The first sentence makes more sense to a human being. I use models, flows or other technical graphical artifacts only when they are the best expression method (for model or workflow, for example).
In this approach, I also try to keep things together. When working on “Customers”, I will keep and design at the same place all the policies, rules, models for “Customers”.
For example, if I decide to create a new “Twitter Account” attribute for a customer, with this approach, I will have to immediately consider the new policies and the impact on existing policies for this new attribute: “How does this impact my Customer creation process? What are the credentials to view this attribute? Can it be empty? When is it checked? What about the legal issues?
The big problem appears at implementation time – which should take 20% of the time. The rules span across several data-related technologies including (among others) data modeling, data integration, data quality, data profiling/monitoring, security, data access (UIs), processes and workflows.
In most cases, the implementation team ends up with five or seven different tools for implementing the rules, policies, models, etc that I have stated in a single place for the business. This implementation issue is frequently overlooked, but critically impedes the success of the MDM initiative. I am a big advocate of metadata centralizing, particularly when it comes to Data Governance and MDM.
Dylan Jones: What would a typical transformation process look like for companies moving down this path? How would they get started?
Francois-Xavier: Companies moving does this path have to take an holistic vision for data governance, not thinking about data in terms of letters, numbers and storage space, but in terms knowledge, asset and value.
They have to be convinced that governing their data will create more value and a real competitive advantage.
They have to clearly understand the amount of work hidden behind the simple “governance” word. I always advise people to get started on finding the low hanging fruit first.
Start small, with a small domain and few highly motivated people, but think large: The data governance organisation and infrastructure will have to scale if the project succeeds.
Then go iterative and agile. Each project iteration must meet the business expectations and drive more people into the initiative.
Dylan Jones: So you’ve got the business sold on “MDM Policy Management” but how do you convince executive leadership? What kind of levers can we use to get board level commitment from an initiative like this?
Francois-Xavier: Well, they do not speak the same language, or have the same consideration as the other folks.
You must convince them using their terms: turnover, compliance, revenue, profitability margin, customer satisfaction and so on. They do not care about number of duplicates or data loss, but about the margin reduction or legal issues.
This has to be taken into account at every stage. You need to convince the leaders, and keep them convinced by talking their language in every communication targeting them.
Dylan Jones: If you look at regulatory directives, particularly in the banking and finance sector, regulators are not just looking to check their data, a lot of the focus is now on examining their policies, frameworks and processes to see if they meet some very stringent requirements – do you see firms waking up to the need for MDM as part of the policy management process from a regulatory requirement?
Francois-Xavier: Definitely. They do not want at the beginning to get data straight, but want data, and everything around this data to be “compliant”. These use cases mandate a very broad vision on data management, including security, processes, privacy, lineage, retention, and so on.
This type of projects require to take into account not only master data, but most types of data.
This is why compliance-driven initiatives tend to enter in the larger “Data Governance” scope, which includes of course MDM. In these initiatives, having highly centralized metadata and governance data is even more important, as a holistic and synthetical view is required at a certain stage (COBIT style).
Dylan Jones: Finally, I know a lot of people still believe MDM is essentially just a tool, a smart hub that integrates, matches and dedups records across the organisation to create the mythical “Golden Record”.
Can you explain why statements like this are misleading?
Francois-Xavier: I truly dislike the “Tool” term as it is extremely reductive. If MDM was only about match/merge in a hub, there would be no MDM issue as data quality products already solve this issue.
We must understand that MDM is “Governance for Master Data”. Master Data Governance is not simply about cleansing and merging dirty records into golden records. It is about governing master data to create value for the company.
First, governance. It is not an “action” or a “process”. It is an end-to-end initiative that involves taking decisions based on assessments, defining rules and structures, enforcing them with automated systems or human processes and finally controlling their impact through metrics. It is the “path” leading to the “goal”.
Second, the goal. The “mythical golden record” is a technical concept (an utopia, by the way) and not a business finality.Creating value (higher revenue, reduced cost, higher compliance, increased employees happiness, etc) is the real goal. Practitioners should always strive for creating value for the company with an MDM initiative. They have to think and go beyond the golden record.
About FX Nicolas
François-Xavier “FX” Nicolas is vice-president for Semarchy, responsible for managing the Semarchy product and marketing strategy.
Mr. Nicolas was formerly Principal Product Manager for Oracle Fusion Middleware, in charge of the Data Integration product portfolio. Prior to Oracle, he was Product Manager and one of the early adopters of Sunopsis, a leading provider of integration software acquired by Oracle in 2006. Prior to joining Sunopsis, he held various positions of expertise for software vendors. Mr Nicolas holds a Master Degree of Engineering in Computer and Information Technology, INSA Lyon, France.