Three Business Models
- Innovation to Invent
- Change to Improve
- Operate to run the business
- 30 Innovation
- 20 Change
- 10 Run
- High Risk – innovation
- Medium Risk – change
- Low Risk – run
First, let’s understand the cost of doing nothing.
A grandmother in Florida had a suspicion “something was very wrong” with her daughter and her relationship.
Imagine for just a few moments. Would you be very forgiving if you knew something was wrong and you had no rights no way to intervene?
For any parent/grandparent – being helpless to save your child and her children.
Many people immediately blame the woman being abused. Sure, it’s easy to make judgements about things we don’t understand. Please, open your mind to the FACT a woman with confidence and all “the will” on Earth can and does find herself “isolated”, then emotionally broken down by her abusive partner and eventually the emotional abuse and control turn violent.
Personally, it would simply break down all hope for me if I was helpless. The nightmare no grandparent should ever face knowing their child is being harmed, then knowing our grandchildren are being harmed too?
Could you even imagine the horror?
Nothing compares to being without anyway to respond nor any way to protect the innocent grandchildren.
This grandmother in Florida lives her nightmare every day knowing she was helpless and because grandparents have no rights, she lost her daughter and her grandchildren. The abuser killed her daughter and her grandchildren.
In any situation where domestic violence is concerned we must assume the children are harmed when they are forced to watch a parent abused by another parent. The children must be allowed to go with their grandparents before strangers.
The opportunity in having “the Rights of a grandparent” forces the abuser to be much more subtle about the degree of abuse children witness.
A primary benefit of the concept of grandparent rights ensures the children are not removed and placed with strangers. The foster care system must support the transition to grandparents just as it would support a stranger to care for the children. The same issues will exist and often grandparents are not in a position to financially support the child(ren).
Legislation must be written and passed to support grandparent rights.
A grandparent rights approach allows the law to guide the inclusion of grandparents.
Systems which allow grandparents an objective forum to warrant temporary placement away from the abuse
Preventing grandparents from abusing their rights must be considered and safeguards put in place to prevent such threats.
Why Big Data isn’t about financial and operational data?
The type used to run the business during transactional events used to report revenue or on expenses. In the public sector we refer to this type of data as cost and benefits.
Financial Transactions by stakeholder dependency across the life of the activities. Each output becomes the input to the next process stakeholder with a record as an output. The record retention requirements for financial transactions typically is 7 years or more.
Today, we are trying very hard to not include these points to avoid this issue with compliance or another which sends up read flags with security.
What’s my cure for these types dilemma’s? I eliminate or move the threats vectors to their rightful home. Big Data isn’t the system of record for financial management capabilities, nor the home for the party or offer management capabilities. For the same reason, a single copy of the expense and revenue transaction capability results are protected within a data store.
How does the suggestion help solve the problems with security, governance and compliance? The 5 capabilities are operational and the foundation of any companies business management system. The scope for Sarbanes Oxley and all regulatory reporting. Record retention requirements with zero data loss and zero down time are all part of the scope.
IF we scale the operational and financial information back to their system of record, integrity of the financial records and retention is not going to hinder the objectives of a big data solution. The technology and requirements are only a problem in regard to the financial and operational processing moving to a big data store.
A great example being records management outside the technology designed to retain records for an organization or agency. The management of data derived from a record is not going to attain the right retention treatment when converted back to a data expert in a data store.
Gary Mazzaferro supplied this template to the Reference Architecture team in NIST Big Data Work Groups in the first phase of NIST development on the subject.
A horizontal segmentation of inbound from source using 1 of 3 types of feeds over a network connection an API requires an ACL or similar connection.
The segmentation within the data mart section allows each functional group to own their connections and sharing with external parties based on the containment of the authorized users within the data mart for each function. Rather than rely on offline tickets which are merely rubber stamps without the integrity of the segregation of duties requirement and intent continues to be lost in the translation between IT and Business.
In the private sector we have an option to include the 2nd horizontal data as segmented by types and use in most organizations across the world. Most businesses are not integrating their voice, video, and data and when they are we can assume streaming (real time) feeds or unstructured in column 1 or column 3.
Column 2 Operational (see above)
Column 4 Fit for purpose anything goes information we all know and most peoples desires are in their data marts.
The requirements we hear about are best segmented by the groupings identified as the grouping will manage access and allow containment when sharing beyond the organization in a shared cloud scenario. Marketing allows other marketing stakeholders to access their information.
We want to avoid situations where marketing grants access to operations data without operations having anything to do with the decision.
A nationwide movement has formed dedicated to engaging those left behind towards computer science. A wicked solution to a wicked problem in our country, mass populations without jobs, without hope and destined for low wage jobs. A country without the domestic workforce seeking talent from under-developed countries where the skilled workforce is exceeding our countries ability to compete.
Solution Life cycle
The business model by customer audience versus unique organization or agency approaches – it is absurd to expect different results using the same approaches.
A social media strategy for cloud adoption “as citizens”
A social media strategy for “any size organization or agency”.
A social media strategy for “any government”.
A community support model explained
Just as we experience with any new innovation offer we must perform due diligence on any proposed supplier. The innovation business model has the highest probability of a new relationship with a new supplier. It is vitally important to manage confidentiality and intellectual property with Non-Disclosure agreements and secure process measurements.
Using consistent supply chain due diligence practices to begin on-boarding of any new suppliers. In the innovation space the intellectual property threats and strong oversight of the supplier relationship is vital to all interactions throughout the first year and longer in cases where solutions are systems or solutions versus boxes.
scorecards tailored to a new supplier who’s value proposition would be measured by quality rather than quantity. Ensuring a build order transfer model or twice removed model in small and medium customer scenarios requires a very strong negotiation team and consistent communications amongst the internal team especially in front of the supplier.
Very smart people “who simply are motivated by mass processing” “the bigger the greater the accomplishment or assumption of meeting a higher level of expertise”. Very smart people in business roles are still scratching their heads about how the audits continue to imply workarounds are being allowed in controlled applications.
The problem is conflicting objectives and motivations without accountable leaders to manage the corporate policies within an organization.
The limitations with this audience relates to the non-technical outcomes caused by big data concepts.
I am much more the resource from the following roles;
If the above is true, who has commissioned the tons of data and for what purpose?
What does it mean when a data expert does a data type change or creates a new physical table?
Changing a report, connecting or changing the source data in order to present insights has the greatest threat of being misused by the sponsoring business stakeholder. Far too often the business stakeholder is actually an IT team within a business unit who’s implementation failed adoption or was incorrectly implemented (irregardless of who failed) and the fastest way to mask the problem is to produce insights that say the implementation went well and nothings changed.
When an organization or agency plans a purchase of software from a 3rd party or an external software company as an example in transforming to cloud solutions, the purchase either includes a one time fee;
In the case of a cloud solution, the annual maintenance should cover all normal events. If you find your organization being asked to pay for cost or hearing “performance issues” or customizations that prevent your organization from introducing updates on a regular basis. These are all symptoms of an operational, quality and governance situation.
In some situations;
Your 3rd party software provider – has a list of exclusions and charges added fees due to implementation decisions
If you were supplied a proposal to purchase software for a business unit, you must ask questions about the return on investment or total cost of ownership. Far too often business people assume software solves people, process or technology problems without performing the appropriate process benchmarking exercise with people who are unbiased. People who are not going to be politically motivated, not to say these resources would not be sensitive to the stakeholder political points of influence, the most qualified resources being outsourced to an organization specializing in Benchmarking or a mature organizations Business Architect leading with Enterprise Architect validating.
Having an inventory of the capabilities and tools purchased with the same capabilities isn’t unusual, not all software tools are known for or specialize in all capabilities instead the vendors design a solution that a company can buy and use without any integration to meet small and medium customers needs and the large global customers need to rely on their IT Architecture teams and data architects to redirect the software to the source based on policy and procedures defined at the corporate policy level.
Every software package I’ve evaluated in the past 20 years, has the ability to create a customer.
A party management capability ensures the appropriate controls are designed into an architecture with a segregation of duties by design. The create, read, update and archive must be honored and monitored or proven to annual audit stakeholders and may force an organization to restate their performance in cases where an organization or agency fails to manage the due diligence scope prescribed in General Accounting Acceptable Principles. Non-GAAP revenue outside the innovation or advanced technology risk typically reported in a footnote or excluded from GAAP performance.
If an Enterprise and Business Architecture team isn’t an invested resource supporting the organization or agency or if these resources are unaware of the risk and severity. We have a large audience who’s perfectly aligned to their culture and the unfortunate risk for the company happens to be a WICKED problem.
The organization has operational waste that may has a high probability to impact both top and bottom line financial impacts, considering the stakeholders in an operational waste situation the probability is high for threats to reputation, competition and regulatory risk.
Physical Security – Executive Officers 404 assurances-The part of the risk that D&O insurance cannot cover for any executive officer.
In fairness, the above would be the worst case scenario and it certainly isn’t politically correct to take this to your executives.
Imagine being in a role where the executive hands you a stack of papers and wants to know why the organization has more than 300 applications charged by IT each quarter?
If you are in charge of tools and just walked in after implementation of a host of new 3rd party applications were launched and users refuse to use the new investments.
Well, imagine you retire or submit the retirement plan and move to a new role where you can ensure and influence the retirement of the legacy out of scope or shadow applications. What if you are unaware the new team you joined actually happens to be the reason these applications are being charged to your former group?
We must acknowledge resource motivations and respond with a solution that contains the threats to an organization.
I can agree only in situations where party, offer and financial account codes are not included in the scope.
The analytical component changes to a transactional shadow application when “get” or “create” commands are in the code.
What if those applications are only considered an application because of a transformation done outside the system of record.
Unfortunately, Big Data has proven to include the above behaviors
How to identify if your organization has assumed a risk by investing in Big Data?
If your organization happens to be investing in and promoting Big Data; especially following a security and resilience transformation you may have not gained the benefits you intended.
You are unlikely to be positioned well for the cyber=security requirements and need to spend some time understanding the severity of risk with a discreet assessment.
If your organization hasn’t defined the priority zero data loss and zero downtime scope or you have more than 15 applications in this class of your resilience response testing each release, I’d suggest a discreet security assessment.
The ability to create master records, with the Enterprise Resource Planning, Opportunity Management, Application Tracking System, CMBD, Extranet/Intranet, Records Management, Project Accounting, Supply Chain and Service Management Modules.
These transactions are the leverage points for most privacy, compliance, and security classification with highest protection or need to know only.
The threats for these transactions are always going to have the highest probability for all four security principle risk types in any organization or agency;
In cases of any of the above mentioned gaps in your Enterprise Architecture or hosted solution providers;
- Symptoms include lower quality customer data, as these other application users are being forced to enter a field they are not qualified nor authorized to enter.
- Symptoms include higher number of null values in party tables
- Symptoms include higher number of duplicate indices
- Symptoms include higher pricing disputes
- Symptoms include higher tax issues or disputes
Be cautious when noticing anomolies in the reporting around the subjects, as you will find a report was modified. The changes were unlikely to be put in place.
Instead you are the proud owner of a report that reflects a subjective view of the organizations performance
Don’t be concerned, you are not alone. Many leaders fall for the “we can do that for only a fraction of the cost”, we are agile unlike most of the stakeholders.
To help us understand how many people fell into the same trap, try counting the duplicate indexes or null values in fields like the zip code or state.
Any person, organization or agency should be reviewed in this context. You will find that the largest tables are customers. Now segment the three sub-types.
Assume every table suggests a unique list of customers or a list that has the subjective rules applied by people who build custom shadow analytical solutions.
Let me share the difference between analytical applications and operational applications. Today these lines are blurred. An analytical application is not controlled at the application source; it acquires the information transforms and then reloads.
The primary root cause of data quality failures “the ETL” process and even fewer records are maintained by the developers.
The primary tool used to modify records or connect unconnected data sets happens to be an integration or ETL solution. Curated or processed information being the newest and most relative terms used to articulate offline shadow applications.
These people are doing their work in fire drills and even the best Architects are only as effective as their clients demand them to be. These resources are Miracle workers. The challenge is they are not the right people to solve the problems.