Do different parts of your organization seem to have completely different views and understanding of the data within your organization? There are striking analogs to lunch in a large cafeteria with different food stations. With multiple options at each station, what each person has for lunch will indeed be different. Similarly, it is natural you receive a different answer about what piece of the data pie each part of the organization feels it has chewed off.

The underlying data is indeed being generated, processed, and used in service of common overarching objectives for the organization. The organization as a whole carries the risk associated with improper use or loss of data. As leaders accountable for the data and associated risks, would you prefer a full Data Map instead of just one or two flavors that different parts of the organization have focused on?

As Wendy Riggs had mentioned, teams often concurrently develop partial views of the overall data footprint based on just their perspective. Efforts to address privacy-related impacts focus on just personal information (PI) and how it is collected, processed, used, and shared. A security-oriented effort might result in a detailed map of the security controls in place for each system. Analytics and BI teams might focus on how key insights can be obtained from data without other considerations. Similarly, a more traditional IG approach might tend to focus on retention and disposition. Legal hold might be an aspect that would be well understood by just the legal teams within the organization.

This brings us back to which flavor of the Data Map are you interested in?

Ideally, all these different views should be combined to get a better and fuller picture. Unfortunately, when done in a piecemeal fashion, the sum of parts does not equal the whole. This is because of the fundamental differences in the approaches used by different parts of the organization to develop these partial Data Maps. While the partial Data Maps have some overlap they also differ around key definitions and metrics. These cannot be combined to get a holistic view of data, data flows, and risks Independent and often competing for efforts that result in partial products are clearly inefficient. More importantly, the organization can misunderstand the risk profile around data based on these efforts.

In our experience across many companies and multiple industry segments, there are two critical drivers to successfully develop a holistic view of data. The first is a scalable technology platform that can leverage the expertise of the many groups involved and harmonize the different views. The platform should be capable of showing the different perspectives around the data and be able to both scale up or drill down as needed. It should use technology smartly to keep the Data Map evergreen by automating aspects of the Data Map that can be automated. A common platform also helps in the alignment of key terms and metrics and enables the whole organization to speak the same language. The Data Map platform should provide full visibility of key metrics and progress.

Equally important is ensuring the overall accountability around Data is appropriately assigned and different stakeholders clearly understand the parts they are responsible for and how they fit together.

So, coming back to lunch, which flavor should you choose - chocolate or vanilla? Well, how about a big fat scoop of vanilla ice cream drizzled with a warm, silky, chocolatey hot fudge sauce? Yum…! Simple, and delicious. By the way, do you know that vanilla makes chocolate taste better? Vanilla apparently enhances the flavor of chocolate and is used to make chocolate ice cream….So it was probably never a choice between the two!!! This is indeed true even with data.