BMC Software is a Business Reporter client
Today’s organisations are committed to collecting and analysing as much data as possible from sources new, old, and evolving. But they continue to have variable levels of success distilling and yielding value from it. The data itself isn’t necessarily the problem. Instead, it’s where that data is sourced and how it’s used – and the people, processes and technology it encounters along the way – that can either amplify or obscure its value.
The explosive growth in data in recent years has spawned its own operational category, DataOps. And how well organisations incorporate DataOps best practices makes all the difference to successful data management and corresponding data-driven outcomes.
Putting the “Ops” in DataOps: Success Factors for Operationalizing Data, a recent report from BMC in partnership with 451 Research and S&P Global, found that defining a successful DataOps approach comes down to what you want your data to do for your business. And that approach needs to be tailored to your organisation’s specific conditions and objectives.
Factors contributing to data-driven business success are often as variable as the demographics of the organisation. Business size, geography, data management maturity, DataOps best practices, the operating model for data management and data delivery functions (whether centralised, federated or hybrid), and the application of technologies such as artificial intelligence and machine learning (AI/ML) in data management can all influence how much business value an organisation creates from its data.
DataOps is the key that will enable businesses to unlock the door to greater agility and resilience amid a fluctuating economy and increasing competition and regulatory requirements. But this means successfully implementing DataOps practices, technologies and expertise to get the most out of their data management initiatives.
In our report, we rank an organisation’s maturity based on its data management strategy, practices and architecture. The four data management maturity profiles are:
- Developing: Strategy is developing, but practices and architecture may not yet be closely linked to critical business outcomes.
- Functional: Strategy is largely developed, with some high-priority data practices and architecture linked to critical business outcomes.
- Proficient: Strategy is fully established, with nearly all data practices and architecture linked to critical business outcomes.
- Exceptional: Strategy is perpetually optimised, with data practices and architecture driving novel sources of value.
Data governance considerations
Of particular interest to European companies is the ever-growing list of compliance requirements, especially in customer data protection and personally identifiable information (PII). A significant number – 65 per cent – of survey respondents said they are currently collecting and/or actively managing data specifically to support their corporate governance or responsibility initiatives.
According to the report, “[As] the data-driven regulatory landscape continues to proliferate and become more nuanced across geographies and sectors, organisations with developing maturity will likely need to allocate resources toward meeting ‘reactive’ external requirements just as much as they allocate resources for more ‘proactive’ efforts toward business value generation with data.”
As we’ve seen with recent worldwide data leaks and hacks, mishandling customer data can have far-reaching consequences for a business, from significant fines and scrutiny to reputational harm that damages relationships with customers, partners and suppliers. Externally imposed mandates and regulatory requirements can be a useful call to action for organisations to exert more granular control over their enterprise data resources, with added benefits that go beyond simply meeting the regulatory considerations.
The report finds that exceptionally mature organisations have already systematically addressed externally imposed, defined or prescriptive requirements related to data management and control. That said, those organisations still need to be both forward-looking and collaborative, keeping pace with the reality of their technological capabilities. By doing so, they can prepare for future requirements and collaborate with regulatory bodies or partner organisations to define what is appropriate and defensible in terms of data stewardship and control.
DataOps and regulations
Another key finding in the report is that European organisations are leading the way in active data management practices that leverage emergent technologies. They also tend to be more highly regulated in terms of data-related compliance and AI requirements. Case in point: the Digital Operational Resilience Act (DORA) is set to take effect across the EU on 17 January 2025.
The act is designed to enhance the operational resilience of digital systems that support financial institutions operating in European markets. It’s intended to guide organisations in building resilient frameworks, with a comprehensive focus on service visibility, risk mitigation, business continuity, incident management and governance. Under this new legislation, shared information must comply with relevant guidelines, and PII must meet the criteria of the EU’s General Data Protection Regulation (GDPR). By establishing sound DataOps practices, EU organisations can be ahead of the competition in compliance readiness.
Data compliance considerations
The Digital Operations and Resilience Act covers five considerations that organisations should keep in mind as they move toward compliance, and all apply to data:
- Identification: Understanding risk to systems, people, assets, data and capabilities, including business context, policies and vulnerabilities.
- Protection: Ensuring safeguards to limit or contain the impact of a potential cyber-security event. Fortifying defences to ensure the integrity and security of critical data and systems.
- Detection: Discovering threats, cyber-security events and anomalies in real time and understanding their potential impact for swift mitigation.
- Response: Taking action to limit the impact of those threats, cyber-security events and anomalies by having well-defined response mechanisms and protocols in place.
- Recovery: Ensuring systems can return to normal conditions efficiently and effectively.
Conclusion
Data is an important business driver – for some, the primary business driver – so getting a handle on it, as well as the people, processes and technology that maximise its value, is an organisational imperative.
You can read our entire report here, and take the data maturity assessment here to find out where your organisation is in its development and which areas you need to address to leverage data for successful outcomes.