Modern, data-centric companies generate enormous amounts of information, and the smart ones analyze that data to streamline operations and improve services. But they often overlook the potential data analytics goldmine contained in compliance records management processes, according to frequent SearchCompliance contributor Jeffrey Ritter.
In a recent webcast, Ritter discussed how companies can discover new sources of data analytics revenue by integrating information governance and compliance processes. Here in part four, he provides strategies to help businesses realize the data analytics and business revenue potential of smart compliance records management.
Editor's note: The following is a transcript of the fourth of four excerpts of Ritter's webcast presentation on the relationship between information governance design and compliance functions. It has been edited for clarity and length.
So, where's the money? How does this connect to the economic opportunities we discussed at the beginning of this webcast? The money is found in this truth: Big data is emerging as an enormous force of change in industry today. But big data does something simple: It compares data drawn from vastly disparate sources in order to identify trends, patterns and connections that allow companies to be more efficient, either in their marketing, their production or in their sales execution. The bottom line is to make more money by gaining greater efficiency. We do that by looking at lots of data that historically has not been considered of value to the business.
What big data analytics strategy requires is that the data that's being ingested into these analytic engines has to be functionally similar. You cannot process oranges with apples. For big data analytics strategy to succeed, the data that is input has to be comparable. In each case study, the information that was being designed and governed was essentially creating a new potential product, a product that was the data itself that, when aggregated, could produce a new revenue stream for the business.
By making business data subject to compliance obligations that are consistent with industry standards and the regulatory rules, the companies make the data comparable to similar sources of information from other industry participants, even competitors. In doing so, the economic mandate from the C-level to create wealth is being achieved.
Webcast: Aligning governance and compliance processes
See other excerpts from this webcast presentation on information governance and compliance functions:
To succeed with this strategy of taking compliance records and generating income, the rules for information governance -- the compliance requirements, the technical rules for data classifications, semantics protocols, preservation controls -- have to be assembled and somehow given context. They must be created in this unified structure that all of the business functions of the company can reference when designing either innovations of new information technology systems or adaptations of existing systems that better integrate compliance records management with the governance of the business's data assets.
One possible tool for doing that is something that I've developed over the last several years called the "unified rules model." At the top is what I call the public layer. These are the formal laws regulations and principals such as the right of privacy that make up our understanding of the rule of law.
But the next layer is the one that's most vital to everything we've been talking about in this webcast, and that's the implementation layer. These are the rules that businesses author or adopt to do business within the context of what the rule of law permits. These could be contracts, these could be policies, procedures, corporate documents, or technology rules.
Whether they're dealing with the integrity of electronic records or the security of the network, all of these rules get embraced by the business as a structure within which they construct the more refined specifications and requirements for their systems and the information itself. That's what's done at the execution layer -- these are where the rules themselves are mandated. These rules are specific, the rules are detailed.
The unified rules model is not a scaled representation. In fact, if we look at the number of rules that are in the execution layer, particularly those that are actually expressed in software code, we'd know that on a volumetric basis that orange layer is enormous compared to what we know as the policies, procedures and contracts in the implementation layer, or the actual rules and regulations that make up the rule of law. When we look at this model, it's almost a parent-child relationship. We begin with what the law permits, we then implement what is permitted within those boundaries, and then we start setting in place the actual execution layer protocols.
When we do it that way, we're actually able to structure our records so that they not only meet all of our business information governance rules, but we can connect those to the compliance rules that are expressed in the public layer. Ultimately, business benefits by having an authentic, reliable reference point for what's occurring in the company. It also makes the arguments and the processes easier to navigate when companies are in disputes with regulatory authorities.
With that in mind, let's bring this webcast to back where we started. The objectives of this webcast were to acquire a new strategy to overcome executive resistance to investing in compliance. I hope you are walking away from this realizing what this strategy is. By bringing the compliance requirements, particularly at the public layer and the implementation layer, to the front-end of the IT design lifecycle to partner with information governance, we can create information assets that actually serve as a source of revenue in the business marketplace for data. Information governance can achieve those revenues, and we can apply those governance principles to compliance records and be able to make more money while still also improving compliance.
What a wonderful story to tell at the executive level: What we are proposing for new compliance funding will not just reduce our risk of fines and sanctions, but actually create a valued resource of information that we can use to create new revenue and better insights in to our business.