Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

The role and value of data inventories for mature data governance


Published on

Presentation at Open Belgium Conference 2018, on our experience in making data inventories as a starting point for mature data governance combining openness, security, personal data protection (GDPR), and digital archiving, as 'everything by design'.

Published in: Government & Nonprofit
  • Be the first to comment

  • Be the first to like this

The role and value of data inventories for mature data governance

  1. 1. The role and value of making data inventories a key step towards mature data governance #openbelgium Louvain-la-Neuve,12 March 2018 Ton Zijlstra, @ton_zylstra,, slides:
  2. 2. The role and value of making data inventories Province Utrecht Province Fryslân Province North-Holland City Eindhoven City Leeuwarden City Delft
  3. 3. 1 high time for mature data governance
  4. 4. digital isn’t paper redone
  5. 5. digital changes how we look at • openness: access is different from re-use • privacy: different types of usage • security: non-binary • archiving: earlier in information processes
  6. 6. three fences
  7. 7. security three fences
  8. 8. security openness three fences
  9. 9. security openness privacy three fences
  10. 10. security fence • ‘baseline information security’ for local/regional govs determines what data is critical • Uptime: IT infrastructure, dependencies, service levels • Quality: tamper free, audit processes, checks on inputs, knowing sources • Uptime fits the fence tactic, quality doesn’t
  11. 11. openness fence • at request, additional process • stated end game is ‘actively open by design’ • open data is becoming infrastructure (e.g. ‘omgevingswet’) • fence tactic is inefficient
  12. 12. • data sovereignty is under threat • not enough attention at data level • fence tactic is ineffective openness fence
  13. 13. • complaints about compliance costs • house not in order • PSI Directive Review confirms openness fence
  14. 14. • done on level of organisation or system • GDPR is here, creates uncertainty • excuse for ‘closed by design’ • making lists for the fence, not processes privacy fence
  15. 15. • right to review • right to portability • right to be forgotten (archiving) • “by design, and state of the art”, and is enforced • can only be done at data level, and processes tapping into data • the fence tactic fails completely
  16. 16. • GDPR demands ‘by design’ • no sense on its own • openness, archiving, security (Q) as well • focus on data GDPR opportunity for ‘everything by design’
  17. 17. open 30 yr limit person related 3rd party rights business critical data focus & ‘everything by design’, not fences
  18. 18. 2 local data inventories a first step
  19. 19. local is where you are, but not the data pro’s
  20. 20. value, impact policy issue people open data connecting people and issues needs data knowledge
  21. 21. Actief uitnodigend published inventory triggers demand
  22. 22. new local data means new relations & choices
  23. 23. inventories help having the right conversations external stakeholders data person policy maker 3rd party internal stakeholders domain specialist legal person
  24. 24. 3 process and results
  25. 25. starting points • list structured data sets only • up to 80 facets • policy domain, internal usage, current availability, technical details, legal aspects, and concerns
  26. 26. don’t make assumptions, because house not in order • don’t assume your list of applications will tell you • don’t assume IM knows • don’t assume people know • don’t assume people know details, look inside with them • don’t assume it is what it says on the tin
  27. 27. • actually used applications • all units, actual work • data structures and content • large projects / programs • external communications • cross reference it all deep dive
  28. 28. tactic 1: external team • consistent, no assumptions • experience • re-use of results • client buy-in can be low • hand-over can be hard • the work is not an intervention itself
  29. 29. tactic 2: ext./client team • train client team • consistency • experience & re-use • needs more scripted approach • quality can be issue • client team continuity • islands likely remain
  30. 30. tactic 3: client team / employees • train client team • very scripted approach • process facilitators • adoption designed into process • work shifted to colleagues • general buy-in critical • quality output trade-off • no guaranteed adoption
  31. 31. 28Typical situation (local 67%, <5%, 33%) Data inventory Province Fryslân 2016 • 1055 data sets found (767 geo) • 201 public (19%), of which 151 (14%) open data (all geo) • 841 more could be public (79%), after changes (304, 29%) • 17 (2%) must stay closed
  32. 32. allows filtering on all relevant questions
  33. 33. published, and used to select next publication round
  34. 34. Legal (GDPR, infosec) IT/architecture (infosec) Data people (data q, openness) Archiving Policy people (openness as instrument) involving all from start helps handover
  35. 35. summary • information household is often of poor quality • tear down the ‘fences’ • inventories help make a start, if you see it as a conversation tool not just another list • helps connect ‘everything’ by design, as step towards mature data governance • articulates demand, allows data as policy instrument
  36. 36. Thank you. Merci. Hartelijk dank. All photos: Ton Zijlstra, by
 Except screenshots, and where mentioned on the photo. Slides: Ton Zijlstra / The Green Land, by nc sa Slides: Site: Contact: @ton_zylstra