Compliance and good corporate governance are easy concepts to grasp; putting them into practice can, however, be a difficult exercise littered with complexities. A primary issue is the lack of understanding regarding how to prepare the organisation – its data, its operations, its technology systems and its people – to sustainably meet compliance and governance requirements.
Master Data Management (MDM) is an important first step.
MDM provides the controls, tools and processes to manage reference data within an organisation, so ensuring the rules around data use – how it is collated, updated, integrated, distributed and applied – are consistent and will drive business optimisation as well as facilitate compliance and ensure good governance.
Says Gerrit-Jan Albers of RDB Consulting, a database and Operating System outsourcing and consulting company: “Embedding compliance and governance policies into the processes and technologies of a new business is a reasonably easy task. However, the reality is that the majority of organisations, especially larger organisations and public sector entities, have a plethora of systems, tools and databases that need to somehow be incorporated into a comprehensive compliance and governance framework.
“In addition, the politics that surrounds data ownership, specifically the reluctance to share that data or allow others to add to or change it, needs to be factored in. Clearly this is not a simple undertaking.”
Examples of what can happen when technologies and systems across an organisation are not integrated and data is inconsistent – i.e., when there is a lack of control and oversight in terms of IT enablement of processes — are easy to imagine in the public sector. Take the Unemployment Insurance Fund (UIF), which falls under the Department of Social Development, for instance.
Says Albers: “If the Cape Town and Gauteng pisions of the service ran different ERP systems, the data of a person registered for UIF will need to be recaptured if they relocate from one province to another. It also means that someone staying on the outskirts of Gauteng can register for UIF payouts in two provinces and receive benefits from both with little chance of being caught out.”
Or consider how complex it could become – and how inconsistent national data would be — if the SA Police Service had different technologies and applications installed in the various provinces to enable specific processes. Says Albers: “Take the reporting of stolen vehicles or other major crimes, for example. With different systems in place a vehicle reported as stolen in the Free State may easily be brought to Gauteng where it is unlikely to be identified as stolen. Similarly, perpetrators on the run may not be listed as ‘wanted’ in neighbouring provinces, making eluding the law an easy task.”
A MDM approach can resolve these challenges. Says Albers: “Master Data Management is not just about reporting; it’s about centralising data and enabling systems to talk to one another. For example, we were recently approached by a mine to provide an MDM solution. Here the need was to combine the information from related systems – HR, bonus and shift productivity applications – into a single place as it was simply taking too long and requiring too much manpower to access each system manually to pay out bonuses and assess performance of workers.”
However, before an MDM solution can be put in place, business rules need to be created, he emphasises. These govern how, where and when records in various systems are updated, he explains.
“While it’s entirely possible to programme the systems to automatically update other related systems, this could have a significant business impact.
For instance, changing the status of an employee may prompt a change in salary. Thus, checks and balances need to be applied.”
There are two common ways of achieving this, notes Albers. “Information from myriad systems may feed into a single front end or database that is used by everyone; or the inpidual (say HR) system may continue to be used by the department and information only updated after new data has been confirmed as correct.”
For organisations looking to implement MDM, there are a few simple considerations. Says Albers: “The first step is to identify the needs of business, be it ISO compliance, compliance with information security regulations or legislation, or the need for financial governance. The next step is to work toward creating a single information access point with the identified business rules in place.”
It’s important that these rules are applied and all understand the impacts of failure to abide by these rules, Albers points out. “In addition, standard practices like cleaning the information (ensuring it is accurate and conforms to the necessary data entry formats) and appointing an authority on compliance and governance to enforce these measures, is vital.”
He concludes: “Compliance and governance are non-negotiable if the organization is to maintain its credibility. MDM offers clear business benefits and can provide a framework or foundation on which to build robust and reliable processes that meet compliance and governance requirements. and it’s a sure way to enhance the quality of business outputs to boot.”
Service Delivery Manager
Tel: 011- 807 7663
Cell: 082 893 0925