Chapter 5
Information Management Maturity and Principles
Imagine a retail manager with no record of his store’s inventory. Or consider a CFO who has no general ledger that records her company’s financial assets. Or an HR executive with no company directory, employee ratings, or compensation data. Ridiculous or even impossible, right? Well, a lack of inventory about what information assets exist throughout the organization epitomizes the unfortunate state of information management in most organizations today.
Business leaders and IT executives increasingly wax about how their company’s information is one of its most important assets. Research from Gartner and others has shown how significantly investors and financial analysts favor information-savvy and information-centric companies. However, information is not recognizable as a balance sheet asset, and therefore never managed like one.
This lack of formal accounting recognition manifests in most organizations that collect, manage, deploy, and value their information with far less discipline than they manage traditional balance sheet assets. Valuation experts and even accountants lament the challenges in valuing a company today without any data on its data. Recently, the head of information strategy for a major government military institution proclaimed to me, “We have a better accounting of the toilets throughout [this building] than our information assets. And for the ‘business’ we’re in, that’s a really, really sad state of affairs.”1 In fact the head of data management at one energy client I visited claimed, “We don’t have a data directory because we only track our major assets like our generators and transformers.” Yet after the meeting there they were: inventory tags on each precious “porcelain asset” in the men’s room.
Many companies have information management practices that pale in comparison to the rigor and process and discipline with which actual balance sheet assets are managed. Only in the past few years have we seen the emergence of an executive role specifically for tending to information: the chief data officer. It is now sixty or seventy years since the rise of the chief financial officer, thirty or so years since chief human resource officers started appearing, and about twenty years since chief risk/security officers started being installed. Yes, chief information officers have been in place for decades, but their purview has been tilted toward the management of enterprise technologies. Information’s role seemingly has been relegated to an input and an output—at worst a byproduct, and at best a resource.
Digital business and the information’s emergence as a real economic asset, however, makes information ever more vital to the organization, intensifying the need for effective enterprise information management (EIM) initiatives. Yet data and analytics leaders such as the chief data officer (CDO) struggle to improve the organization’s EIM maturity—that is, the capabilities that make possible a program for continuous EIM improvement.
As James Price, managing director with the Australian information strategy firm, Experience Matters, said to me, “We absolutely must take the justification for information management initiatives out of a case-by-case mentality and IT purchases, and put it into the domain of a diligent program of measurable long-term improvement.”2
The rapid rise and proliferation of the CDO role is an indication that organizations are getting serious about just this. It’s also an indication that within the framework of EIM exists a need for approaches to information asset management (IAM). Still, CDOs like Charles Thomas at Wells Fargo see their biggest challenge as data evangelism. And Stan Christiaens, co-founder of the data governance solution provider Collibra, claims he sees a significant “grass roots movement to bubble-up a data authority, even where no CDO yet exists.”3 Indeed I also see CIOs, data architects, non-executive heads of information management, data scientists, business analysts, and even CFOs, CEOs, and other business executives, assuming increased levels of business authority—as scattered and siloed as they may be.
The fatuousness and ignorance of some executives seems to be rooted in a refusal to recognize the importance of information as a legitimate economic asset. Tom Hogan, former director of data architecture and Big Data for a major health insurance company, recounted how when he was making the case regarding the importance of valuing the company’s information assets as a precursor to managing them better, one executive argued, “We don’t need to know the value of our data. We don’t need to concentrate on the data. It’s just data.” Fortunately for Hogan, he is now with a new company whose management is asking instead, “What else can the data provide?”4
Stewart Buchanan, Research VP covering IT finance and workforce management at Gartner, believes that this is because other senior executives and business leaders have a vested interest in IT and the information it provides, but would rather be a beneficiary of its business benefits than acknowledge information’s value as an asset in its own right. He contends this is a fundamental enterprise governance issue.5 Ultimately, nobody in the organization is rewarded or punished based on changes in the return on information the way they are for the return on other assets.
If information were held with the same regard as other traditional assets, we wouldn’t see the epidemic of nonchalance and negligence in caring for it, enabling it, and leveraging it. The epidemic infects every industry, companies of every size, and organizations in every geography. It’s true that several organizations are innovating with information, as we saw in part I. Often these are pockets of success, targeted functional advances in decision-making or operational performance, and pseudo-accidental innovations. Very rarely do enterprise information assets beget enterprise transformations and a move towards a more structured approach to infonomics. More often these transformations manifest in new industries and are instigated by upstarts.
This disconnect between senior executive understanding versus the nonexistent formalized practice of information accounting is perhaps at the core of the problem. Until senior executives, and boards, go beyond merely talking about information as a key corporate asset, information will continue to be a second-class business resource. Ultimately what this comes down to is the question: Why don’t organizations manage their information with the same discipline as their other, formally-recognized enterprise assets? After considering this for a minute, seriously ponder another question: What if a company managed its other assets with the same lack of discipline as our information assets? Answer: The executive team would get sacked and replaced due to gross negligence.
The Information Management Maturity Model
Enterprise information management cannot be implemented as a single project. Instead, organizations must implement it as a coordinated program that evolves over time.6 EIM can be adopted in support of a small business unit, where individual data and analytics programs need to be aligned, or it can be adopted across the entire enterprise. Thus EIM is an enterprise-class program model, and maturity can be monitored along various dimensions.
Gartner’s EIM maturity model enables organizations to identify what stage of maturity they have reached and what actions to take to reach the next level. The maturity model entails seven dimensions or building blocks Gartner has identified as essential to EIM maturity (Figure 5.1):7
- Vision
- Strategy
- Metrics
- Governance
- People
- Process, and
- Infrastructure.
Organizations should assess their level of maturity for each dimension as a starting point for a sustained, systematic effort to improve concurrently in all seven dimensions in support of an EIM program. Moreover, you should assess their maturity periodically to ensure consistency among different areas of the program and identify successes and lagging areas.8
Figure 5.1
Gartner Information Management Maturity Model
Levels of Information Maturity
The maturity levels and indicators themselves are aligned with current and near-term capabilities of enterprises across industries and geographies:
- Level 1 organizations are typically in the lower 10 percent of those we advise. They are generally aware of key issues and challenges, but lack the budget, resources, and/or leadership to make any meaningful advances in EIM.
- Level 2 organizations represent approximately 30 percent of those we come across. They generally operate in a reactive application-centric mode, waiting until information-related problems manifest in signifi-cant business losses or lack of competitiveness before addressing them.
- Level 3 organizations represent the approximate 40 percent of those that are more or less mainstream today in terms of their information-related capabilities. They have become more proactive in addressing certain areas of information management, and have started to put the “enterprise” in information management. Some programs are operational and effective, but there is little leverage or alignment across programs and investments.
- Level 4 organizations represent approximately 15 percent of those that are clear leaders in their industry with respect to managing and leveraging information across more than two programs. They take a decidedly managed approach to information management, comprising enterprise-level coordination throughout the organization, with effective people, processes, and technologies.
- Level 5 organizations are few and far between, representing fewer than 5 percent of those throughout the world. They are typically model organizations frequently cited for information-related superiority that have optimized many (if not most) aspects of acquiring, administering, and applying information as an actual9 enterprise asset with high-functioning organization structures, top talent, and using leading-edge architectures and technologies.
Just assessing your maturity level won’t alone help you improve EIM in your organization. To develop an effective information management practice that manages information as an actual asset we’ll take a tour of how other industries and disciplines manage their assets including supply chains, ecosystems, IT, human resources, and financial asset management methods. By tapping into their best practices, we can develop a program for bringing effective information management to every organization. Additionally, using existing business frameworks can aid in your efforts to obtain leadership and organizational buy-in, support and funding. In essence, behaving as if information is an asset evangelizes and inspires others to come along for the ride. Before we explore these auxiliary practices over the next couple chapters, let’s examine the range of challenges in information management that span many of the EIM dimensions.
Impediments to Maturity
When we conducted workshops, the broad concerns of the leaders who participated were about EIM leadership, priorities, resources, and corporate cultures that frustrate EIM advances (a list of all the challenges cited by the workshop participants appears in appendix A). To learn more about how infosavvy you and your organization are, visit gartner.com/infonomics.
These concerns emerged from the attendees’ acute awareness of their present EIM capabilities. The vast majority of these leaders described their respective organization as either:
- “Aware”—aware of information availability issues but unable to make significant progress to overcome them, or
- “Reactive”—responding to information problems, with steps toward improved information availability hindered by a range of causes.
In both cases, information leaders are responding to the dictates of circumstances, which repeat themselves because leaders cannot or do not devote the time needed to change those circumstances. In both cases, information leaders can be confused, uncertain, or frustrated in attempting to break free of inertia and habitual approaches.
John Hershberger, VP of enterprise analytics at USAA, recounts how even IT shops traditionally have not been concerned about the things he and his team had to do to identify, extract, repair, format, and integrate data to generate value from it. “It was abundantly clear to me that the constituents I supported were interested in the output but not in the back-end. They wanted to do analytic work but not fund any of the data management necessary to make it happen.”10
Typically, workshop participants felt more confident in their organizational structure and roles, and quite satisfied (if not overwhelmed) with the level of technology at their disposal. On the other hand, many felt they had not addressed information-related metrics or information lifecycle issues at all. While no organizations represented by these workshops seem to have achieved the highest levels of maturity in any dimension, participants did appreciate the characteristics represented by Level 5 maturity as an aspirational target.
Many challenges with managing information as an asset span multiple EIM dimensions. These typically relate to issues with leadership, priorities, resources, and culture.
Leadership Issues
Leadership issues range across all seven of the EIM maturity dimensions. IT and business leaders, even with the same organizations, are on “different pages” with different strategies, priorities, and goals. There is often no adjudicator for such conflicts. Leadership is lacking to establish initiatives, such as enterprise-level metrics to measure EIM effectiveness and progress, or a common consensus on the importance of measurement. There is no ownership, hence no leadership, of information lifecycle management. Key EIM elements, such as information architecture, remain undefined. The CDO role, which in theory brings information into the heart of business planning and processes, often does not exist. Sometimes, the CIO may actively oppose creating such a role for fear that it exposes their own limitations or lack of authority in managing information as an asset.
Della Shea, head of privacy and data governance with the Canadian financial processing firm Symcor, has witnessed firsthand the difference it makes when those leading both operations and governance are aligned in terms of how to approach information management: “When corporate goals and objectives set by the CEO appropriately connect with the role that information plays in achieving those goals, we are able to move forward with approval and funding for EIM related initiatives.”
The absence of leadership is especially felt in the EIM maturity dimensions of vision, strategy, and organization and roles, but it is manifest in the other dimensions, too. Workshop participants link this challenge to other stakeholders’ lack of business vision, cultural resistance, competing priorities, clarity and definition of strategy, and high-level support for the CDO role.
IM Priorities Over Which You Have Control or Influence
Effective EIM for the digital business requires clear priorities that have the backing of an array of stakeholders, not just one business function. Priorities derive from an EIM strategy, which in turn derives from the EIM vision. Vision is acquired only through a recognition of the most important outcomes or innovations that the business pursues.
Information leaders repeatedly describe as challenges: competing priorities, lack of business vision, differing and unresolved business unit opinions, fear of losing control, disagreement over approaches, and knowing where to start. Again, this class of challenges spanned all seven of the EIM maturity dimensions. These challenges rob decisions and actions of purpose, direction, and effectiveness, thereby reinforcing a reactive mode of operation where one’s environment seems subject to forces over which one has little control.
Resources Needed to Advance EIM Capabilities
The lack of resources for advancing EIM capabilities is both real and perceived. Information and analytics leaders express frustration over a lack of experienced or knowledgeable staff resources, funding, domain-specific know-how, a dedicated CDO (seen as an EIM resource), influence of data architects, and life-cycle processes. These resources are either inadequate or totally non-existent.
Information leaders often cite lack of knowledge as a common challenge, sometimes for these leaders or their immediate organization, but also for the larger organization. They claim knowledge was a scarce resource regarding: what data is available, metrics, the cost of data quality issues, the role of information governance, the importance of IM, when and how to centralize or decentralize key roles, the data lifecycle, and keeping current with technologies.
Negative Cultural Attitudes About EIM
Negative cultural attitudes have a perverse effect on EIM progress, creating enormous (but hard to identify) inertia. Data and analytics leaders repeatedly identify culture as a serious obstacle in many of the EIM maturity dimensions.
Lack of cultural acceptance is an explicit problem for both the EIM vision and strategy dimensions, and for governance. But cultural attitudes, both within the data and analytics organization and the larger organization, are implicit in other dimensions. In EIM metrics, for example, basic concepts such as relating metrics to business processes and tying actions to metrics are proposed as “remedies” precisely because there is no “culture of measurement.” In the EIM lifecycle, issues such as lack of lifecycle ownership, lack of understanding of the concept of a data lifecycle and its importance, and unawareness of or ignorance of relevant standards also reflect ingrained cultural attitudes.
Stuart Hamilton, senior hydrologist with Aquatics Informatics in Vancouver, British Columbia, believes the problem is deeper than just attitudinal: “Information neglect is one of those things that you see every day but you don’t see it because it is so much like bland wallpaper that covers everything. Once it is explained, so that you can see it as a business pathology, it resonates in many ways.”
The Barriers to Information Asset Management
In addition to Gartner’s ongoing research on the topic, a few years ago I stumbled across a groundbreaking research paper by James Price, founder and managing director of Experience Matters, and Dr. Nina Evans with the University of South Australia. Price and Evans researched and authored an academic paper, “Barriers to the Effective Deployment of Information Assets: An Executive Management Perspective.”11 Their findings also illustrate how executives readily acknowledge the existence and importance of information assets within their organizations, but fail to put in place hardly any mechanisms for the management or government of information—as an asset.
Price and Evans slot the challenges to managing information as an asset into five broad categories:
- Awareness: no recognition of a problem, lack of formal training, limited on-the-job training, and organizational immaturity.
- Leadership and Management: a lack of executive support, mistake intolerance, tolerance for workarounds, no system of rewards or punishments, a lack of vision, IT seen as a panacea for information asset management deficiencies, and resistance to change.
- Business Governance: a lack of accountabilities and responsibilities, responsibilities assigned at the wrong level of the organization, technology-focused IT leadership, and a lack of measurements.
- Enabling Systems and Practices: imprecise language about information, insufficient accounting practices, technology shortcomings, and poor IT reputation.
- Justification: lack of a catalyst (such as a crisis, business changes, or new compliance requirements); compliance and risk are burdensome; other prevailing priorities; unknown cost, value, and benefits of information assets; intangible and intertwined benefits; a strict process view; rewarding inefficiencies; and information not being an interesting provocative topic (such as digitalization or artificial intelligence).
As a profession, it seems we information management folks have been whining about these barriers and challenges for decades. Long before I met him, one of my mentors and former colleagues, Hayward Schwartz, was on the 1960s IBM team that developed the DB2 database. As “old school” as he seemed to the rest of us in the 1990s, his eye was always on the future: “New generations of information techno-wizardry and techno-wizards come and go,” he once said to me. “With all these shiny new technologies and shiny new consultants, do you ever wonder why we’ve made little advancement in the way information is actually managed?”12
It took me years to understand the wisdom and hope embodied in Hayward’s question. And it took me years more to realize that all around us are other assets which have been managed for centuries or millennia, not perfectly, but certainly with greater mastery than we exert today over our information assets.
Generally Accepted Information Principles
Like a world traveler who gains an appreciation for different cultures, bringing home and embracing the best of each, let’s look at what we can “bring home” to the land of information management from the world of asset management. Over the next couple chapters, we’ll be exploring asset management standards, principles, and methods we can borrow from a variety of other disciplines, including: physical asset management, supply chain management, IT, and software asset management—and from records management, intellectual property management, and even library science, among others.
For framing a set of information asset management doctrine, let’s turn to yet another standard: the U.S. accounting set of Generally Accepted Accounting Principles. The framework includes a set of principles based upon basic assumptions and tempered by a set of constraints. Although GAAP provides guidance for preparing financial statements, I believe the framework provides a useful way to express a concise set of Generally Accepted Information Principles.13
So as to not take them lightly, this suggested set of information assumptions, principles, and constraints are gleaned from:
- Key aspects of asset management principles from other domains,
- Reviewing hundreds of information strategy–related documents and speaking with thousands of clients during my tenure at Gartner,
- My years as an information practitioner, and
- The countless luminous publications and ideas produced by my colleagues and other associates.
Assumptions
Assumptions are agreed-upon basic beliefs about information. They guide our understanding about how information assets can and should be perceived, managed, and deployed.
| 1. Asset Assumption | Information is an asset, because it meets each of the criteria of an asset.14 |
| 2. Proprietorship Assumption | An organization’s information assets include all forms of data and content of discernible identifiability for which it can claim ownership and/or exclusive control.15 |
| 3. Appraisal Assumption | Information has realized, probable, and potential cost and value.16 |
| 4. Dominion Assumption | The practice of internal information “ownership” limits its potential value to the organization, and thereby the performance of the organization itself. |
| 5. Benefit Assumption | Information has uses well beyond its original purpose, does not deplete when used, and can be used simultaneously for different purposes. |
Constraints
Constraints are generally agreed-upon information regulations, confinements, or bounds. They acknowledge the limits of how well or precisely information assets can be monetized, managed, and measured, and therefore restricts how absolutely the principles which follow can be applied.
| 1. Specificity Constraint | The groupings of data or content that comprise an “information asset” will vary from one organization or use case to the next. |
| 2. Recognition Constraint | Information cannot be represented in auditable financial statements, nor be capitalized as other assets (per current accounting standards).17 |
| 3. Jurisdiction Constraint | The provenance, lineage, ownership, and sovereignty of an information asset may be difficult to determine or legally establish. |
| 4. Valuation Constraint | Valuation and other measurements of an information asset will be inexact but useful, just as are valuations of other kinds of assets. |
| 5. Resource Constraint | Tradeoffs among information asset quality, availability, and accessibility are inevitable. |
Principles
Principles are generally agreed-upon axioms that dictate how information assets should be managed, and lead to more detailed guidelines, policies, procedures, and standards specific to the organization.
| 1. Relevance Principle | Information assets should be managed with at least the same discipline as other recognized assets. |
| 2. Inventory Principle | Information assets should be cataloged, described, classified, related, and tracked. |
| 3. Ownership Principle | By default, information assets belong to the organization, not any application, department, or individual.18 |
| 4. Authorization Principle | The quality requirements, access, use, protection, and other rights and responsibilities for any information asset, even within the organization, should be contractually established by or with a sanctioned and empowered trustee.19 |
| 5. Assessment Principle | The quality characteristics, cost, value, and risks of any information asset should be knowable at any point in time, and used for prioritizing and budgeting information-related initiatives. |
| 6. Possession Principle | An information asset should be acquired or retained only if its actual or planned value is greater than its cumulative cost, or as required by laws or other regulations. |
| 7. Replicability Principle | An information asset should be duplicated or derived only to improve its utility or availability, and only if doing so also increases its net value. |
| 8. Optimization Principle | The business is responsible for optimizing the usage and understanding ofinformation; the information management organization is responsible for optimizing information’s availability and utility; and IT is responsible for optimizing information’s accessibility and protection.20 |
These assumptions, constraints, and principles can be adopted by and adapted to just about any organization. They can form the basis for an enterprise data strategy, for a new information management organization, for defining the role of a chief data officer, or as a framework for a data governance function.
Beyond Overarching Challenges and High-Level Principles
Bracketed by the common information-related challenges examined at the beginning of the chapter and these proposed Generally Accepted Information Principles, let’s now turn our attention to what specifics we can extricate and apply from a variety of other asset management approaches. Comparatively, the discipline of information management is new. Other kinds of assets have been managed with some rigor for centuries or longer. And even some IT-related disciplines have exceptionally detailed standards and methodologies that can be related easily to managing information as an actual asset.
Indeed, throughout your career, no doubt you have heard people (probably consultants or us analysts) casually refer to information supply chains or ecosystems. Well, let’s first dispense with this nonchalance, and explore what it would really mean to apply supply chain and ecosystem concepts to information assets—and how we can advance as a profession from doing so.
Also, in the following chapters, as we truly concentrate on information as an asset, note that I will be making a subtle shift from talking about “enterprise information management” to that of “information asset management.” EIM remains the overall program framework and set of key capabilities, while IAM is more of a new information-centric approach and mindset.
Notes
1 Actual name of the building redacted so as not to identify the particular military institution.
2 James Price, discussion with author, 10 January 2017.
3 Stijn Christiaens, “The CDO’s Platform for Success,” presentation, MIT CDO IQ Symposium, 12 July 2016.
4 Tom Hogan, email to author, 15 January 2017.
5 Stewart Buchanan, email to author, 29 December 2016.
6 Andrew White, “Strategic Roadmap for Enterprise Information Management,” Gartner, 17 March 2015, www.gartner.com/document/3008417.
7 Douglas Laney, “Gartner’s Enterprise Information Management Maturity Model,” Gartner, 02 March 2016, www.gartner.com/document/3236418.
8 A self-assessment with similar questions and discussions to those presented in the workshops can be found in “Toolkit: Enterprise Information Management Maturity Self-Assessment,” Douglas Laney and Michael Patrick Moran, Gartner, 13 June 2016, www.gartner.com/document/3344417.
9 By “actual” or “formal” asset, I’m referring to assets recognized and reportable on balance sheets.
10 John Hershberger, interview with author, 09 September 2016.
11 Nina Evans, and James Price, “Barriers to the Effective Deployment of Information Assets: An Executive Management Perspective,” Interdisciplinary Journal of Information, Knowledge, and Management, Volume 7, 2012, www.ijikm.org/Volume7/IJIKMv7p177-199Evans0650.pdf.
12 Some like to blame technology vendor marketing for distracting us from the real issues and management solutions, with their shiny new technologies and silver bullets. But I think it’s more abstruse than that, relating more to information not being recognized as a formal asset.
13 In his book, Making EIM Work for Business (Amsterdam: Morgan Kaufmann), John Ladley offers a set of Generally Accepted Information Principles meant to align with actual Financial Accounting Standards Board statements. As such, they provide guidance on dealing with information-related expenses and valuation, more so than the management of information assets.
14 It is (can be) owned and controlled, is exchangeable for cash, and generates probable future economic benefits that flow to its owner.
15 For some public sector organizations, its information assets may be part of the public trust.
16 For some public sector organizations, value may be determined in terms of benefits to the community it serves, rather than the organization itself.
17 Exceptions include purchased (not licensed) and acquired customer lists, and content that may be copyrighted or patented.
18 In some public sector organizations, information assets may be part of the public trust.
19 Or “fiduciary.”
20 In many enterprises, an “information management organization” is still part of IT.