GRC Data Lake Best Practices 1

This is a continuation of the prior article from Joe McKendrick; Big Data Quarterly Spring 2016; Best Practices Series and Calming the Turbulent Waters of Data Lakes. We have added into his original text some GRC aspects that highlight his basic concepts, but without changing his emphasis or content of the various best practices:

1.) Think Long Term

The advantage that data lakes offer is the ability to keep data at the ready for applications and queries that have yet to be designed. The bottom line is no one knows what data will be valuable in 5 years, or how it might be used. There may be entirely new business lines built around data that is currently being cast aside in today's envionments. As a result, data needs to be maintained and stored for purposes and applications that have yet to be determined. Some data will be needed immediately, while other data will need to be stored. To see this through, enterprise input is essential to identify those information areas that decision makers (like the Chief Audit Executive, Chief Risk Officer, Chief Compliance Officer, General Counsel, CFO, etc.) see as having potential.

2.) View Data Lakes as a Business Growth Opportunity Versus a Cost-Saving Measure

As with any major IT initiative, cost-savings drive many data lakes initiatives. However, the value will ultimately be realized in the potential avenues it offers for business growth. We need to translate how GRC fits into this equation as the next frontier for data lakes is providing organizations with greatly enhanced analytical opportunities. (Note: that is why the GRC Sphere has put such an emphasis on analytical models for GRC functions and roles no matter where they may exist around the enterprise.) The analytics made possible by large stores of information in data lakes facititates customer relationship management, predictive analytics, preventive maintenance, fraud detection, Continuous Control Monitoring, Continuous Auditing, and a range of other GRC applications.

The fact that GRC Sphere sees "holistic GRC" as a revenue opportunity (once it is converged with the everyday business model) goes hand-in-hand with industry-driven crowdsourcing and benchmarking and this new way's-of-thinking needs to be a part of your GRC data lake strategy. In essence, GRC is rapidly changing to reflect work excellence and embrace a variety of work practices (i.e. way's-of-working) that are at the heart of business transformation.

3.) Implement Sound Data Governance

Data governance is just as important to GRC data lakes as it has been to data warehousing and other big data projects in recent years. The GRC data lake is increasingly recognized as both a viable and compelling componentwithin a data strategy, with companies large and small continuing to move towards adoption. Governance is the key challenge to data lakes, cited by 71% of respondents in the Unisphere Research survey.

When data lakes first appeared on the scene, they were catch-alls for structured and unstructured data, even though the data might not have been useful at the moment. As applications and functions are developed, custom adjustments or recoding is performed to meet the requirements of the situation. However, organizations may not have the data talent to address theur requirements on an ever-increasing scale. Data lakes are, from the start, an enterprise project that requires enterprise input and ownership.

Summary for Part I

The key question is how GRC professionals can help to not only create a vision for a GRC data lake but, in parallel, assist the entire enterprise in understanding how to go about adopting and leveraging new data lake technologies and analytics for industry-driven crowdsourcing and benchmarking (which is the embodiment of GRC Sphere's closed-loop control architecture for performance management).

Category: GRC Data Lake


Post new comment

The content of this field is kept private and will not be shown publicly.