Tip Doctor, Insider Learning Network.
This tip was taken from “Optimize Data Management in All Phases of Your SAP Implementation” by Gerry Miller, Darwin Deano, and Lindsey Berckman, which was posted to the GRC Expert knowledgebase in June 2010.
Effective data management promotes the establishment of quality foundational data, development of robust policies and standards geared towards data maintenance, and compliance with regulatory requirements. At the outset of any new system implementation, or a major change to an existing system (e.g., merging in a new business), design of both the data and the data management processes need to be performed with a view of the data life cycle (Figure 1).
Figure 1 Value of data over its life cycle
When the proper attention is placed on data design, data quality, and data management processes during the implementation, the business is in a better position to benefit from a more focused and effective staff (as they should be spending less time chasing issues and resolving data quality problems) and enhanced system performance. Unfortunately, ma
ny organizations underestimate the amount of effort that is needed to prepare the data and data management processes. This usually results in lower business process capabilities and higher long-term costs. These implementations set the stage for operating reactively, the lowest level of data management maturity as shown in Figure 2.
Figure 2 Level of data management maturity
Organizations that have a high level of data management maturity (in the Orchestrating box in Figure 2) set enterprise data objectives and coordinate data analysis and actions across businesses and business processes. Organizations at this level of maturity are in a much better position to gain substantial benefits in terms of business process capability and low-cost use and maintenance of data. As shown in Figure 2, there are intermediate levels of maturity, and, while it is most effective to orchestrate data management from the beginning of the implementation, some organizations mature their capabilities over time.
Orchestrating data management also includes establishing proactive risk detection and prevention capabilities to facilitate effective data security. Recently, widely publicized data loss events have reignited the focus on proactively managing data security risks. In fact, according to a recent Gartner study in Infrastructure Protection Research, the cost associated with data loss, data breaches, or unintentional disclosure of intellectual property more than justifies the need for a well-defined data security process, one that prote
cts data where it is stored and while it is being used.
To fully protect data, you must consider both internal and external threats. Data masking (i.e., the practice of obscuring data elements within a data store) and database monitoring technologies are common techniques to help protect an organization from internal threats. However, external threats can be mitigated by encryption technologies at database end points. Regardless of the source, threats to the system must be proactively managed and monitored. You need to make every possible effort to remediate data security weaknesses before they are exploited.
More Compliance information, tips and advice are available on Insider Learning Network's Compliance Group.