The two most historically important developments of the last two decades are the growth of global markets and the speed of information technology development. Markets and IT are transforming the world at a faster rate than any other developments in human history. And they are also challenging Governance Models in ways that are equally profound. Kings and Crowds fought it out politically at the dawn of the 20th Century when the ancient Russian, Chinese, Austrian, and Ottoman empires fell, and they are battling commercially today in many markets in which Crowds are winning again.
1. Product Development
I'm an audiophile. I buy expensive audio equipment in the hope of reproducing an emotional connection with music in my home that people feel when they attend a live concert. Being on a limited budget, I'm also a cheap audiophile. I like the best product for the lowest cost, which is one reason I applaud globalization. Over the last decade, high quality, low cost audiophile equipment has been coming out of China that rivals the best high cost gear manufactured in North America and Europe. Some companies have setup local design and Chinese manufacturing with online distribution that brings incredible bargains to mainstream US and European consumers. Two such companies are Oppo Digital and Emotiva.
Oppo makes DVD and Bluray players that are designed in San Francisco and manufactured in China. I've owned their products for several years and am always impressed with their price/performance ratio. But now I'm even more impressed with their product development process. In 2008, they announced the development of a new Bluray player, the BPD-83. These days, consumer electronics are more like computers than audio equipment, with complex Digital Signal Processors, graphics chips and CPU's interacting in intricate designs. Oppo knew product development would be difficult and testing even more so. With the complexity of hardware and software in one appliance it is really difficult for a small team of product designers and marketing professionals in San Francisco to test against every potential usage scenario. And when manufacturing is outsourced to China it is even harder. Distance, language, and culture create barriers that make communication a new challenge.
In this environment, Oppo decided to outsource product testing to its customers by using a Crowdsourcing solution. Several hundred customers received pre-production units of the BluRay player and tested it in their homes. Their product feedback went to the design team who translated feedback into design changes for the manufacturer. The Crowd were given the option to vote on final product readiness. The first vote sent the product back for more changes and fixes in late 2008 and the second vote in Spring 2009 released it for GA in June.
I bought the product in July 2009 and it is superb. I contrast this to Emotiva, which is also a small design team based in Tennessee that manufactures in China. They make outstanding AV amplifiers, speakers, processors, and other equipment. In 2007, Emotiva announced a new AV processor, the UMC-1, for delivery in 2008. That slipped to early 2009, when it was announced that the product would ship in June. In July, the company announced it discovered bugs in the production units from China and would need a couple of months to fix them. By October, more than a couple of months went by and customers were fuming on the company's forums about the delays and the poor communication. In November, the company announced it would begin shipping to the pre-order list and many customers anticipated units before Thanksgiving. By early December, no units had shipped and the company had to start censoring its Forum because customer rants were getting abusive. The Emotiva CEO promised some customers would receive their units by Christmas, and when that didn't materialize many Forum members started talking about buying alternatives.
Last week, Emotiva finally began shipping a handful of units to pre-order customers without manuals. The first reviews appeared over the weekend and talked about stunning video quality but also a few audio and connectivity glitches. The CEO posted a very nice note on the Forum describing the company's pride in the product but also that a firmware release would soon be forthcoming.
So what this company did was use its customers for an unannounced Beta Testing program. They shipped their product very late to market, after a year of inconsistent market communication, with bugs they were probably aware of but couldn't fix without suffering more brand damage.
Contrast the two companies. Oppo used a market based Crowdsourcing mechanism to recruit customers to beta test the new product. The customers who participated in the testing provided open feedback which was visible to all members of the company forum. They fixed bugs quickly and used customers to determine when the product was ready for shipment. That process created customer loyalty and ensured a bug-free product that shipped only six months late. Emotiva used a hierarchical mechanism of in-house testing and opaque customer communication to ship a product more than 18 months late and filled with bugs that alienated customers and reduced brand loyalty.
Some people might say these companies have different approaches to product development or customer service. I abstract these situations as examples of governance models in complex social systems. Oppo used a market-based governance (coordination and cooperation) model and succeeded in satisfying the needs and interests of its market participants. Needs and wants are at a primary market level. Feedback Information about the product are at a secondary market level. Emotiva used a hierarchical governance model (command and control) and failed to satisfy secondary market interests in information and primary market needs for products.
This doesn't mean that market mechanisms always trump hierarchical control. But when a small number of people are trying to govern complex systems for consistent outcomes, a market-based model can be more efficient and produce better results.
2. Cost Containment.
My boss sent me a note over the weekend reminding me to use our ATT Calling Card from land lines when I am travelling abroad. It seems my cell phone bill in November was higher than the accounting police think necessary. All calls above $100 qualify for an immediate audit. Its not clear from my bill if any of my calls were or could be audited, but my boss, who is altogether a terrific guy, wants me to avoid that root canal and work smart abroad. Being a Governance Guy I do have to question the intelligence of a governance system that controls costs through managerial oversight of cell phone bills and automatic audits for $100 calls.
If there is already a trigger for automatic audit at the $100 per call threshold then someone has already noticed a pattern of calls that exceed $100. That kind of pattern calls for a policy change, but automatic audits require a fair degree of manual labor - both from my boss and the auditors. Wouldn't it be far Smarter to develop policies that cause the cell phone users themselves to police their own usage by giving them alternative means to reduce costs?
Some might argue that the warning note from my boss is a policy tool being used to change my behavior. But because the billing system is deliberately opaque in IBM, it isn't possible for me to evaluate the impact of each of my calls on the overall phone bill I incur each month. I can't see the incremental impact of my decisions as Risks to The System as a whole.
A more intelligent approach to cost containment in this case would be to toss the issue out to the Crowd of cell phone users in IBM and get them to come up with ideas to mitigate costs for each user. That process would include users in the decision-making process, getting them to brainstorm ways to reduce costs instead of treating them like cost creators in a hierarchical model to impose control.
Like, shouldn't IBM have Skype strategy for global travelers who make calls in cars and trains so that productivity isn't imperiled while costs are contained?
Crowds and Kings. What do you think? Post a comment and let me know.
Adler on Data Governance
Since the 18th Century, Freedom of Expression has become enshrined in constitutions around the world as a Basic Human Right. It defines Democracy in its defense and Dictatorships in its assault. People like to control and don't like to be controlled, and the tension between controlling and being controlled requires this Human Right to be defended and re-defined every year. Sometimes, like during the McCarthy Era in the United States, the tide turns against Freedom. Other times, like in the Middle East today, the Freedom to speak changes the course of history.
But there is another Freedom not yet defended as a universal Human Right that should be and it is the Freedom of Information - the right to be informed, to learn. This right is implied by the Freedoms of Press and Speech, but it is not articulated explicitly as a constitutional right. Around the world, many nations have Freedom of Information Acts that require national and local governments to make information available to the public. Those acts were created when widespread access to information was rare. Libraries and archives were places where large amounts of information could be physically retrieved and governmental disclosure was paper-based. Universities and Governments were the largest aggregations of information, and they were the places you visited to get information.
But today, with the Internet, human beings have potential access to information without physical limits and it is that potential that must be enshrined in law as a basic human right. Every human being on the planet should have the right to access information freely and without threat of harm. Like Free Speech, that right should be defended even when the content of information accessed are heinous and injurious to some. Any society or nation without the Freedom of Information as a basic human right is a place that can be controlled and manipulated.
According to Human Rights Watch, there are 40 nations around the world that restrict access to the Internet or Social Networks. Many of these nations also block satellite TV and other forms of communication. But even in Western Democracies, Information Access is controlled by cost, technology barriers, labor protections, and secrecy laws. Even the most advanced nations have huge regions without access to the Internet. And some nations now seek to tax content flowing over the Internet as a means to restrict trade and favor local providers.
This is not a question of commercial competition. This is a question of human progress. Where there are people unable to access information freely there are opportunities for oppression and abuse. Democracy and Freedom will not thrive or survive without the Freedom of Information. To be ill-informed and speak freely is a condition of intellectual slavery.
I believe that we must work to assert the Freedom of Information as a basic Human Right. It must be a 21st Century Goal to connect every human being on the planet to high quality trusted information. There should be no technical, political, cultural, or economic barriers to Information.
It should be as easy as air and as cheap as water, taken for granted and governed by statute in every nation around the world.
On September 14, David Bogoslaw published an article in BusinessWeek entitled "How Banks Should Manage Risk." Rick Bookstaber and I are quoted in this article because we first had an interview with David following the XBRL Risk Taxonomy Meeting I hosted at the Levin Institute in New York on May 13, and we had follow-up interviews two weeks ago. As is the case in any press interviews, some of what you say gets printed and a lot doesn't. In this case, I think much of the substance of what I told David was out of scope for the BusinessWeek audience and the goals of his article.
In terms of a banking audience, David gets it all right, and I agree with Rick Bookstaber's comments too. But what the article omits is the fact that from 1999 to July of 2008 the US Congress, the White House, FHA, the SEC, and the US Federal Reserve all participated in an industry-backed weakening of the financial regulatory framework that was built in the 1930's. In 1999, The Financial Services Modernization Act (named Gramm-Leach-Bliley, or GLBA for short, after its authors) removed 70 year restrictions on bank, investment bank, and insurance cross-ownership. At the same time, derivative market oversight was specifically excluded from GLBA and financial markets were allowed to create and trade complex derivative instruments without regulatory reporting or control.
In 2001, President Bush exhorted Americans to "go shopping" to support the US economy following 9/11 and the Federal Reserve obliged by cutting interest rates down to 1% to pump liquidity into the US market. In 2004, Congress lobbied Fannie Mae and Freddie Mac to relax underwriting guidelines on home loans to allow sub-prime borrowers to participate in "The American Dream," and own a home, and FHA provided loans subsidies to make it easier. In 2006, Congress pressured the same GSE's to relax underwriting on Alt-A mortgages, allowing self-employed individuals to declare their income with a signed affadavit instead of documenting their income through tax filings. As I've written in past blogs, that change gave license to mortgage fraud across the country as Alt-A borrowers could make wild income declarations without validation and that pumped tens of thousands of fraudulent mortgages into the global financial system. This change wasn't reversed until July 2008, when the Federal Reserve finaly changed Alt-A underwriting guidelines. The long tail of the bad mortgages underwritten from 2006 to 2008 mean we will suffer significant foreclosure rates welll into 2011, extending the depth and breadth of this recession.
2006 proved to be the top of the Housing Market in terms of house valuations and bank fees generated from loan securitization and derivative markup. The pile-on legislation and market encouragement from Congress, the White House, and the Federal Reserve came from industry pressure to keep the party going as long as possible.
Yes, Banks took on too much risk from 2001 to 2007. But the US Government encouraged and enabled excessive risk taking during that period, and both need to be monitored to prevent future crises. There is an inherent conflict of interest in expecting the government that enabled the current credit crises to participate in the forecasting and prevention of the next one.
There is a history of financial de-regulation followed by marked innovation and crash that goes back 100 years in the US. The innovation generates enormous wealth on Wall Street and new tax revenues for Federal, State, and Local Governments. The relationship between government enablement and financial innovation was omitted in David's account and needs closer scrutiny because policy-makers, and the public, will need new information management tools to realize the impact of incremental policy decisions on financial market performance over the longer term to be able to regulate wisely in the future.
In the article, I recommended that the government create a new Regulatory Information Architecture, modeled on the Information Sharing Councils created by the Bush Administration for terrorism intelligence gathering following the 9/11 Commission Report and the Intelligence Reform and Prevention of Terrorism Act (IRTPA) of 2004. But more is needed.
A year ago, I believed that new information technology and data collection would enable the US Government to better analyze the performance of financial markets and forecast potential bubbles and crisis. I'm sure that enhanced information sharing in the US Government will enable better regulatory enforcement, but it's not enough to prevent future crises. The public needs to play a role in the oversight process because the Government has its own interests which are not always perfectly aligned with those of the public. Administrations change, and with those changes come new philosophies of governing and regulation, and in a Democracy like ours you always want to enable others to regard and report information that others disregard or deny.
Therefore, what's needed is more information transparency about market holdings and the actions of market participants so that anyone in any firm, university, or industry watchdog can analyze nearly the same macro and micro economic data that federal regulators observe and make their own forecasts and predictions.
Without public access to better market data, we are just enabling government to encourage risk taking more efficiently in the future.
You can read the businessweek article here: http://www.businessweek.com/print/investor/content/sep2009/pi20090914_336015.htm
The Winter Solstice is the time for Data Governance Predictions. And here are mine for 2011:
1. Systemic Risk Councils will proliferate. The Dodd-Frank Bill established a Systemic Risk Council in the Federal Government to aggregate financial data from across the economy to detect patterns of exposure that can impact macro-economic policy. All Financial regulated entities should follow the leader and do this themselves. Some, like JPMC and Goldman Sachs already do this. Everyone who is not doing it should get on the wagon and replicate.
The Federal Government will take eons to gather all the data and make sense of it. And even if they do it, their will be political considerations with regards to how the data is used and disclosed. And forget about counter-cyclical policy-making. So if you want your firm to escape financial ruin in the next Sub-prime, Sovereign Debt, Greek, Irish, Portuguese, or Spanish Debt Crisis, go and get a Risk Council and start sifting the data yourselves. Processors and storage are cheap, data is widely available, what you need is the organizational structure, decision-making system, and a sound Data Governance program. Get it going now, because with all the debt the world has accumulated there will be many more crises to predict.
2. Health care will join the Information Revolution - Today, many doctors use the Internet to look up symptoms, anatomy, and, of course, pharmaceutical remedies. Yet as an industry, there are so few information resources that document the comparative performance of doctors and hospitals in how they treat patients and the results. In 2011, thanks to US health care reform, this will start to change and I foresee a nationwide movement to aggregate vast amounts of health care data to analyze and report on what works, what hurts, and start building plans to make care more efficient and more effective so that people live longer. Data Governance will play a huge role in this effort, which will start next year and consume the next decade.
3. National Incident Detection - Like it or not, the days of the Internet Wild West are numbered. While the new Republican Leadership in the House is opposed to the Net Neutrality Bill, it seems certain that some form of national security oversight over Internet incidents and threats is going to happen. The government has been trying to corral business into sharing incident information since 9/11 and I predict they will succeed at some point because nation-sponsored cyber-warfare can not be resisted by private enterprise alone. In some as yet to be determined form, new information sharing regimes will need to be designed that aggregate threat information from businesses across the nation to develop early warning systems and protect national Internet assets.
4. Self-Governing Commons - Human beings can, in fact, govern the use of common resources more efficiently than hierarchical or proprietary solutions. The Information Governance Community is a demonstration of this fact, and in 2011, similar demonstrations will proliferate around the world and Social Networking itself will mature into online meeting places where people do more than talk - they will govern themselves to produce common work products. An aggregation of people without a deliverable is a media channel. Those same people collaborating on common ideas to produce work are self-ruling corporations and this phenomena will change how people are organized around the world. Any idea or project can be accomplished by self-organizing groups of people with common interests, a governance model, and an incentive structure designed to produce an outcome to effect change.
Five years ago, we formed a Data Governance Council to change organizational behavior and effect change. Achieving Semantic Consistency, Data Quality, Single Views of the Truth, Trusted Information, and Security & Privacy are all IT goals necessary to achieving any one of the above Predictions. Information is changing the world and with information we can change ourselves. However, without Governance, all we have is Data Management and none of what I described above is possible.
My aunt Helen had an opinion on everything. She was an information junkie long before the Internet, consuming at least three newspapers a day and watching untold hours of news television. If she didn't know about an issue directly, she had enough reference points to issue an authoritative opinion. I spent many weekends in her ancient Cheshire farmhouse with the musket holes in the foundation to protect against indian raids and the secret spot behind the fireplace where slaves hid in the 1850's Freedom Railroad on their way north to Canada. Dusty newspapers from the 1960's clogged the front staircase that was never used. Every National Geographic since 1940 sat piled in closets and behind sofas. Photos and postcards sat in boxes everywhere. Nothing got thrown away. Even the dust had dust. Her home was a database, and her brain was the ultimate computational instrument, an informational repository without parallel in our family.
Helen's knowledge of the world seemed to extend way beyond the bounds of her 1730 home. When I was young, I sat in awe of her voluminous and expansive mind never daring to question or challenge any of her positions. But as I grew into adolescence I began wondering if some her statements weren't maybe a little made up, or at least extrapolations of things she knew into things she thought she knew or could know with just a little imagination. But woe to you if you challenged her without some backup because she sure did know a lot and her mind was so sharp you could be reduced to blabbering in a microsecond if you really didn't do your homework and researched a topic.
But when I got to about 20, attending college - the place you went to get important information before Google put it on our smartphones in the subway - I started to learn that lots of what Helen said wasn't quite the way she said it. It wasn't that it was completely wrong, its just that it wasn't really always black and white the way she presented it. There were lots of different ways you could see and interpret the information. And you could construct a perfectly valid and well thought out argument that tied her up in intellectual knots. And back at the farm that summer we had some great arguments. Fact is, Helen was often at least partially right and wrong about a lot of things. Not philosophically wrong, because that's a matter of belief.
Factually in error, but never in doubt.
Her conviction was the secret of her intellectual strength. We've all known people like Helen, and many of you who know me are probably already murmuring "ahh, that's where he got that..." But I didn't bring up this point to wax about my family heritage or personality. I brought it up because this characteristic is one we find every day in our organizations, in the newspapers, on the web, in our governments. People develop points of view and stick to them, and getting people to see beyond their point of view is really a challenge. It isn't that the information is wrong, its that the people interpret it the way they see the world.
Information itself is a human creation. The computer didn't put it there. It isn't immutable, dirty until cleaned, chaste, pure, imperfect until perfected. It is a reflection of us, and since we created it, its sometimes wrong or the truth is at best a mixed result.
But what's to blame for that? Your Metadata? Your Business Glossary? Data Architecture? Security & Privacy? Audit? Your Organization?
YES! All of the above. Everyone who creates and uses information is involved in its interpretation and implementation. You don't have to be a data architect to influence the way information is used in an organization. Any iPhone or Android user has a role in the information management today. Bloggers, vloggers, and photographers shape and shade their creations to effect a mood, sell a product, influence an outcome. Everyone with a data connection is a source and a target and we all must accept responsibility for how we govern the use of OUR information.
Those consultants who tell you how to "govern the data" with all those tools are not helping anyone but themselves. Tools like Business Glossaries, Metadata workbenches, Master Data Management, Data Quality Profiling, and Audit help us understand when our information is out-dated, inaccurate, partially true, or just plain boulder-dash. We use those tools to illuminate the dark corners where opinions and habits force difficult debates to unlock the truth because we know that Information is the only tool we have to change behavior.
Want to succeed with Information Governance. Get Aware. Know what's happening and share it. Use your Information Governance tools to build operational awareness.
People will change their opinions when confronted with a solid argument, and that's what you want - Change from Information.
Fact is, I learned a lot from my aunt Helen and I still hear her voice strong as ever. Sometimes wrong, never in doubt.
IBM has been at the forefront of the Information Governance movement since the formation of the IBM Data Governance Council in early 2005. For the past six years we've worked closely with industry-leading companies from around the world to tackle the biggest challenges associated with governance.
Around the world, our clients are at varying stages of recognizing the necessity of Information Governance and implementing guidelines, standards, and policies. If your or others at your company have started conversations on this topic, then this event is for you!
We would like to invite you, and 2 of your colleagues who are information stakeholders in your company, to participate in a workshop that will help you build an effective information Governance program:
- Define your needs
- Benchmark your organizational maturity
- Define your organizational structures, methodologies, and tools
- Develop new insights and build a system for information Governance
In this hands-on workshop, participants will be taken through four of the Information Governance capabilities, and asked to rank their organizations according to maturity level defined in the Information Governance Maturity Model. All rankings are confidential and you can take home what you start and complete it later with your colleagues at your convenience.
Who should attend:
- CIO and senior IT Exectuvies
- Business Analysts and subject matter experts
- Executives involved in compliance and data protection
- Data or Information Stewards, Directors of Data Governance, and Data Architects
- Consultants and IBM Business Partners
The goal of this workshop is to educate and improve. Participants will meet other practitioners and gain valuable insights through comparative discussions of common challenges. New insights will be shared with the global information Governance Community, inspiring new ideas and topics.
I hope to see you there.
IBM Information Governance Workshop
I spent the winter break visiting my sister in Point Reyes. Point Reyes is a small, rural town on a beautiful peninsula north of San Francisco. Miles of untouched sea-shore greet cow pastures, redwood groves, marsh, and gently wrinkled hills. The town has a small elementary and middle school where my sister teaches environmental science and my nephews get straight A's. My oldest son Ben compared the courses he's taking at his school in Port Washington, NY with the courses his cousin takes in Point Reyes and noticed a significant gap - up to 2 years in math and science. Now its worth noting that my son doesn't always get straight A's in those classes in Port Washington and so we discount some of his analysis with self-preserving bias.
But looking at the difference in curriculum between this small rural school on the West Coast and the large surburban school on the East, one is tempted to ask "are people on the East Coast really smarter than the west?"
The answer: Of course not. But the way education resources are allocated via public monopoly creates a distortion that makes it seem so. Education resources are distributed on a state level through the seemingly elastic supply of teachers to student demand using fixed ratios of how many warm bodied students fill seats in classrooms. That means that small communities with low populations often get fewer educational resources than large communities. In an industrial society, which is the one that created this educational system, this formula is adequate because it provides basic levels of education to a large population whose primary productive value is measured in skilled and un-skilled manual labor.
But in a Knowledge Society, where productive capacity is measurable in intellectual value creation - this formula is dismally inadequate. A warm body in a chair is not an accurate articulation of intellectual needs for learning. Smart kids in California should have the same educational resource opportunity as smart kids in NY. But the State has created primary education as a monopoly prerogative. It isn't that the sovereign control is wrong. Its that the model is not changing fast enough to meet the needs of a Knowledge Society.
In a Knowledge Society, every student in every school is a customer in an educational market that should be designed to cater learning to that student's individual learning potential and style. The Educational System would provide real-time transparency on student learning demands and fulfillment so that parents can actively evaluate how well the Educational System is meeting the needs of each Student Customer.
Today, even in a school like Port Washington HS, we parents only get mid-term progress reports, term report cards, and SAT scores to evaluate our child's progress in School from a teacher normative perspective. That is, we get to evaluate standardized grading done from the system as a reflection of our child's educational performance. But we don't get to evaluate how well each teacher is performing in terms of educating our children, which school policies have positive or negative impacts on our children, or other factors. Its a very recent innovation that teachers provide course materials on websites at all, and most are rarely available or responsive via email or phone.
As a parent, its extremely frustrating to confront the Educational System with complaints about a teacher. Evidence is hard to accumulate and it always comes down to our word against theirs - in which case the teacher normally wins. This isn't a system designed to produce the best outcome for each student. Its a system designed to produce predictable outcomes for all students, even if a predictable percentage of them drop out at 16.
In a Knowledge Society, every drop-out at 16 carries a huge economic burden for the rest of society because that person has handicapped their potential intellectual value creation for many years if not for life. Even Students who only finish 4 years in University will be educated to a level that fails to match their Knowledge potential.
But if we had more information about what are children are learning, how they are learning it, and how each of their incremental projects, tests, and homework assignments contributed to their overall "grade," we parents could play a far more informed and intelligent role in the development of our children at home before and after school.
And if the school budget system were also calibrated on individual learning instead of warm bodies in seats, we parents as citizens might have more levers to force change in recalcitrant Educational Systems that are not meeting the needs of their Student Customers.
The Nation State as the primary supplier of primary education 1-12 needs new market mechanisms to meet the needs of the Knowledge Society in the 21st Century. There should not be a discernible curriculum difference in the learning opportunity provided in public schools West Coast to East, North to South except the capacity of students to learn and the willingness of parents to monitor their progress.
I hope someday to have the power to choose school board members based on individual report cards of academic achievement of every student in terms of their ability to learn and the System's ability to meet their needs.
That day should not be far off if we hope to succeed as a nation in the Knowledge Society.
DataGovernor 120000GKJR 2,681 Views
I've been watching this Madoff scandal unfold with incredulous amusement. Ponzi schemes aren't new but the sheer size and scale of this one I think perfectly epitomizes the gap between financial innovation and regulatory oversight capacity.
Mr. Madoff was certainly a financial innovator. He figured out a way to get thousands of people to part with their money on the promise of consistently good returns and he never executed any investment transactions.
Am I the only one wondering how it is possible that an investment fund can take investor dollars, send out an investment prospectus, never really execute any trades, and that there is no regulatory authority that is connecting the dots between investment claims and results?
I think the answer is that there are many regulatory authorities that have the mandates to monitor these gaps but that none of them have the information infrastructure necessary to connect corporate actions, financial disclosures, regulatory filings, and exchange transactions.
While the Madoff scandal is stunning, one does wonder how many other smaller scandals have not been discovered, or could have been discovered before all investor money was lost. After Congress exhaults in a round of blame and recrimination, I do hope efforts are directed at enabling regulatory authorities to build a 21st Century Information-Driven Regulatory Infrastructure.
Madoff demonstrates the need, now the Government needs to build it.
Last night, I was one of two panelists at a Global Association of Risk Professionals (GARP) symposium on Systemic Risk at Fordham Business School in New York. We were to be a moderator with three panelists, but one canceled at the last minute, presumably to stay home and watch the Yankees lose to the Phillies last night. The room was on the 12th floor in a mid-60's squat tower accessible from two elevators among a bank of six in the stone cold open and office-like lobby. Twelve is the top floor in the building, with a Rockefeller penthouse atmosphere. Black marble floors, mahogany paneling, subdued sixties swank.
The symposium room was longer than wide, seated classroom for one hundred in three neat blocks. We panelists were paired on a white-clothed-table with microphones we didn't need. The moderator introduced us both; the NYU Business School professor and the IBM Data Governance guy. The audience looked half-asleep, and the first question rolled out on the table, "What is Systemic Risk?" Our gracious moderator had prepared a raft of intelligent questions for us that evening, but we would only get through two in the brief hour we digested.
What is Systemic Risk? The professor told us it was the result of exogenous market conditions that created upper atmospheric bubbles in complex derivative instruments capable of devastating global economies. It could be measured in the up and down-swing of aggregate equity performance and controlled through the central banks he currently advises. He saw Systemic Risk as a macro-economic phenomena, the product of weak government regulation, greed on Wall Street, outrageous compensation packages, and unnecessary complexity in financial markets.
Before the event, I wasn't quite sure what I was going to talk about. It was a hectic Monday full of ten conference calls on twenty different topics. I left late, had traffic on the Grand Central, got lost at Lincoln Center looking for parking, and there was no coffee when I arrived. I'm not an evening person un-caffeinated, and perhaps not the best morning person in the same condition. But droll media babble passed as tenured professorial wisdom will rouse me on the sleepiest of days.
Systemic Risk is the probability of loss to a system. It is not actually a thing that can be calculated. It is a series of things that result in a loss event with causality and impact. Systemic Risk is not only about macro-economic catastrophe, because to say so is to say that we are not involved in Systemic Risk accept as victims. And that ain't true. Insofar as all of us, The People, are members of communities, parties, religions, nations, and environments we are part of a System. We are inter-related, inter-dependent, capable of causality, errors and omissions, losses and claims. Each incremental failure can cascade and result in systemic exposure.
The Credit Crisis is the result of a series of public policy mistakes from 1999 to 2006 that encouraged bad business practices at many different stages of the mortgage underwriting and securitization process. These were incremental failures that contributed to loss events that destroyed parts of the economic systems upon which markets rely. The lesson to humanity from this experience is that We The People are all members of SYSTEMS large and small that can fail as a result of incremental policy mistakes. Actuarial Science has for too long focused on the probabilities of contained loss events.
My body is a SYSTEM and Cancer is a systemic risk to me. It causes a chain of events which can result in organ failure and death. Your company is a system, and bankruptcy is a systemic loss event. If bees die, plants won't be pollinated, and that can be causality to a systemic risk to our ecoSYSTEM. The BBC Reports (http://news.bbc.co.uk/2/hi/science/nature/8338880.stm) that record numbers of plants, mammals, and amphibians are under threat of extinction. This is a systemic risk. When entire species of frogs in remote places like Tanzania become extinct in the wild, humans take note - this incremental failure is closer to your role in the food chain than you may think.
Every System has risk. Every person in every system has a role.
If we accept the gossip-press gospel that the Credit Crisis is purely the result of greed on Wall Street, and can only be fixed by wise regulators in Washington, shame on all of us for missing the opportunity to internalize the economic externalities. It is not an academic exercise to study the risk in every system large and small. Systemic Risk is a real-world imperative for all of us.
In 2004, when I hosted the first Data Governance Forum at Mohonk Mountain House, I had three teams of IBMers developing the narrative discussions for three tracks on a common use case. The tracks were called "Infrastructure," "Policy," and "Content." The use case was "Data Supply Chain." The Forum had two days of meetings stretched across three, starting in the afternoon of the first, going until lunch of the last. On the only full day, we hosted the three breakout meetings, and each team worked to integrate their track discussions around the use case. The use case came from some business process definitions software group had developed for business component models, something to do with insurance claims processing. As it turns out, we had only one or two insurance companies at the event, and we spent more time focusing on the track headings and business process model than on the idea of a Data Supply Chain. A conference is always the product of the people and the ideas in a room, regardless of what one puts on the agenda. And at this first event, when most of us only had the most vague understanding of what "Data Governance" was or could be, business processes were familiar and Data Supply Chains were distant.
Three weeks ago, I hosted another Data Governance Forum at Mohonk Mountain House. It was again two days of content stretched across three, and again a very diverse group of people came together to produce discussions that were engaging, powerful, and divergent from what was planned on the agenda. In three breakouts on "Data," "Risks," and "Governance," the panelists and audience exchanged ideas and I ran back and forth between the breakout rooms to listen, learn, and occasionally drive the conversations. What I heard among talks about Data as an Asset, Risk Taxonomies, Governance models, and Security & Privacy, was the loud echo of Data Supply Chains reverberating off the walls. It was like an archetype of the first meeting, the temporary suspension of historical time, as if in all these years of Data Governance we had lost the original truth, like a spring disappeared under the ground, rediscovered at the source.
Every company does Data Governance today, for ill or good, with intent or dystopia. Every company also has at least one, but often many more, supply chains. These are real supply chains that may only stretch across one or two towns or six continents. Supply chains link producers, distributors, and consumers. They enable outsourcing and resourcing. And they are a fixture of modern business since business became modern in the mid-1970's. And with disciplines like Six Sigma, large multi-national supply chains enable massive economies of scale with quality control that previously were only available to the largest organizations with fixed multi-year labor contracts.
Today every organization also has large distributed Data Supply Chains. Some parts may be automated, others batch, and still others quite labor intensive. The variety and function is often the ugly mess the CIO would not like the world to see. And with seldom exception, they are not "governed" with anywhere near the same quality control and rigor as are real supply chains. When an oil company puts down a new oil terminal, well defined engineering processes are used to map out every step of production from well head to refinery. If Data Supply Chains are intended to capture the same kinds of flows with information, the methods used are mostly ad-hoc, one-off dependent upon project leader, never to be repeated again. And the result today is that companies have tens, hundreds, and even thousands of ad-hoc supply chains designed individually, some existing in their original state for decades. The disconnects create massive inefficiencies, quality control problems, and functional friction.
What every company should be doing is inventorying their existing Data Supply Chains and begin re-engineering. There should be one Data Supply Chain engineering standard. And each new real-world supply chain should include a well defined process to create a logical and efficient Data Supply Chain that monitors itself. This is not a small undertaking. But we can't create a Smarter Planet full of sensors and instruments to monitor the changes in our real world if we do not also monitor and instrument, standardize and re-purpose, the changes in our own enterprise.
Every time I speak to an IT audience, I ask "What is Data Governance?" Of course the audience has come to hear me tell them the answer if they do not already know. But I'm more interested in what my audience thinks. Invariably, the answer has words like "Policy Enforcement," "Control," and "Compliance" in it. And to me what this reflects is a desire among IT professionals to expunge chaos and confusion from their world and create order, stability, and simplicity. Perhaps this is very human, but I think our desire to transform complexity to simplicity focuses far to much energy and attention on the world "To Be," or perhaps even on the world "Never-To-Be."
I think we need to spend more time focusing on the world "As Is," the one with dirty, grimy, confusing, and complex Data Supply Chains that are not yet instrumented, monitored, or in any way Smart. It is this world that needs the bright white light of assessment, discussion, policy, implementation, audit, and dynamic steering. This dark and dishonorable world "As Is" is the past most of our Data Governance programs struggle to change in the present with business plan funding for the future. It needs new methods that monitor the information flowing through its electronic veins, real-time auditing of the tools that are used to change it, and brand new business intelligence solutions that analyze past performance, compare them to current conditions, and predict blockages and failures.
In 2009, at the Mohonk Mountain House, back in the place where it all began, surrounded by 52 Data Governance Thought Leaders, I saw again the source that we mistook all these years - Data Governance is a quality control discipline for the Data Supply Chain.
Fix the world that is.