Transcription
Data Quality Assessment - ModelsBarbara J. Timm, U.S. EDSTATS DC 2010STATS-DCBethesda, MD – July 28, 2010Session III - F
Purpose Review some models of organizations Review best practices for data quality So that you can conduct self assessments ofprocesses and systemsData Quality Assessments - Models2
Premises Imposing management controls Internal controls Control self-assessment GovernanceData Quality Assessments - Models3
Control Self-Assessment (CSA) A generic term that covers risk self--assessment (RSA),control and risk self-assessment (CRSA), and otherprocesses wherebyh b an organization'si ti ' personnell evaluatel ttheir own risks and controls with the help of facilitators fromthe internal audit department. Assessments can be performed through a series ofworkshops or meetings or through questionnaires and can beapplied to projectsprojects, processesprocesses, business unitsunits, and functions -basically any area of a company. Whatever format is used, the ggoal is the same: to helpporganizations assess the likelihood of achieving theirbusiness objectives by using the knowledge of the workersresponsible for meeting themthem.Data Quality Assessments - Models4
Agenda COSO Internal Control ModelCOBIT Weibord’s Six-Box ModelData quality attributesData Quality Assessments - Models5
What is COSO? Control environmentRisk assessmentControl activitiesInformation and communicationMonitoringgData Quality Assessments - Models6
How might you use itComponentControlenvironmentRisk assessmentC t l activitiesControlti itiInformation andcommunicationMonitoringEvaluationEveryone understands the mission –useable data for decision makingMonthly risk meeting with “real” participationECRB tto approve changeshWeekly meetingsShared access to documentsWeekly review of escalated ticketsMonthly PIMS performance measuresData Quality Assessments - Models7
Resources - FreeData Quality Assessments - Models8
Resources - FreeData Quality Assessments - Models9
Resources - FreeData Quality Assessments - Models10
What is COBIT ?How to achieve business objectives using ITresources (people, applications, technology,facilities, and data) Planning Implement – Build or acquire Delivering services – Supporting the ITsystems MonitoringData Quality Assessments - Models11
How might you use it?Planning – Manage IT investment Budgets to manage financial resources Owner of the budget Control spending based on budget Cost/benefit justificationsj Alignment with business strategy Asset managementData Quality Assessments - Models12
How might you use it?Implementation – Managing changes Change request process Changes assessed for impact on the system Integrated into configuration management Automated pprocess to track requestsq Emergency change process Documentation updated as part of processData Quality Assessments - Models13
How might you use it? Process to analysis, implement, and follow-upon all changes requested Identification of changes CategorizeC ti andd prioritizei iti Impact assessments Change authorization Release management Business process designData Quality Assessments - Models14
Resources – Free and some Data Quality Assessments - Models15
What is Weisbord’s Six-Box ModelData Quality Assessments - Models16
How might you use it?Purpose Formal– Govern, Acquire, Validate, Improve Usage InformalI fl– Extent of support and understandingData Quality Assessments - Models17
How might you use it? Structure– Formal - How is the work organized– Informal – What is actually getting done Rewards– Formal – salary, promotions– InformalI fl – growth,th recognitionitiData Quality Assessments - Models18
How might you use it? Relationships– Types People to peoplep to technologygy People– Connections Interdependenciesp Build in conflicts Conflict managementData Quality Assessments - Models19
How might you use it?Leadership Defining purpose Embodying the purpose into programs Defending institutional integrity Managingg g internal conflictData Quality Assessments - Models20
How might you use it?Helpful mechanisms Formal – What is established?– Budget– MeetingsM ti– Records– Activities,A ti itiffor example,l on-boardingb di Informal – Are they used?Data Quality Assessments - Models21
Resources - Freewww.marvinweisbord.com ·Data Quality Assessments - Models22
Data quality attributesData Profiling (determining what we have)2 Data Monitoring (communicating what2.problems we have)3 Data3.D t ClCleansingi (fixing(fi i theth errors we hhave))4. Resources (defining our organizationalcommitment)5. Data Governance ((settingg the rules))1.Data Quality Assessments - Models23
Data quality attributes6. Data Stewardship (accepting responsibilityfor the data)7. Metadata Management (managing the dataabout the data)8. Data Usage (putting the data to work)9. Data Currency (getting the data at the righttime)10. Education (teaching everyone about theirrole in data qquality)y)Data Quality Assessments - Models24
Data quality cornerstonesData Quality AssessmentData QualityImprovementpProcessData ProfilingData CurrencyData MonitoringData CleansingMetadata RepositoryData Governance andTTransformationfti ManagementMtMetadata ManagementData UsageData GovernanceResourcesData StewardshipEducationData Quality Assessments - Models25
Data Quality Assessment – ModelsSTATS-DC 2010Bethesda, MD – July 28, 2010Control Self-Assessment (CSA) A generic term that covers risk self--assessment (RSA), control and risk self-assessment(CRSA), and other processes whereby an organization's personnel evaluate their ownrisks and controls with the help of facilitators from the internal audit department.Assessments can be performed through a series of workshops or meetings or throughquestionnaires and can be applied to projects, processes, business units, and functions -basically any area of a company.Whatever format is used, the goal is the same: to help organizations assess the likelihoodof achieving their business objectives by using the knowledge of the workers responsiblefor meeting them.COSO Internal Control Model COSO is recognized the world over for providing guidance on critical aspects oforganizational governance, business ethics, internal control, enterprise risk management,fraud, and financial reporting. www.coso.org www.gao.gov Standards for Internal Control in the Federal Government (AIMD-00-21.3.1,November 1, 1999)COBIT The comprehensive IT governance framework that addresses every aspect of IT andintegrates all of the main global IT standards /Downloads.aspxWeisbord Six Box Model “For several years I’ve experimented with “cognitive maps” of organizations. These arelabels that would help me better describe what I saw and heard and understand therelationships among various bits of data. I started this endeavor when I realized thatthough I knew a lot of organization theory, most theories are either (1) too narrow toinclude everything I wished to understand, or (2) too broadly abstract to give muchguidance.” “These notes represent a progress report on my efforts to combine bits of data, theories,research, and hunches into a working tool which anybody can use. For want of a moreelegant name, I call this tool the “Six-Box Model.” This model (Fig. 1) has helped me torapidly expand my diagnostic framework from interpersonal and group issues to the morecomplicated contexts in which organizations are managed.” www.marvinweisbord.com
Data quality attributes 6. Data Stewardship (accepting responsibility for the data)for the data) 7. Metadata Management (managing the data about the data)about the data) 8. Data Usage (putting the data to work) 9. Data Currency (getting the data at the right time) 10. Education (teaching everyone about their role in data quality) 24
