Chocolate or Vanilla?



Do different parts of your organization seem to have completely different views and understanding of the data within your organization? There are striking analogs to lunch in a large cafeteria with different food stations. With multiple options at each station, what each person has for lunch will indeed be different. Similarly, it is natural you receive a different answer about what piece of the data pie each part of the organization feels it has chewed off.


The underlying data is indeed being generated, processed, and used in service of common overarching objectives for the organization. The organization as a whole carries the risk associated with improper use or loss of data. As leaders accountable for the data and associated risks, would you prefer a full Data Map instead of just one or two flavors that different parts of the organization have focused on?


As Wendy Riggs had mentioned, teams often concurrently develop partial views of the overall data footprint based on just their perspective. Efforts to address privacy-related impacts focus on just personal information (PI) and how it is collected, processed, used, and shared. A security-oriented effort might result in a detailed map of the security controls in place for each system. Analytics and BI teams might focus on how key insights can be obtained from data without other considerations. Similarly, a more traditional IG approach might tend to focus on retention and disposition. Legal hold might be an aspect that would be well understood by just the legal teams within the organization.


This brings us back to which flavor of the Data Map are you interested in?