11.dqm certification program in kor

DQM Certification Program in Korea

Data Quality Workshop52nd ISO TC184/SC4 Meeting, Ibusuki, Japan

July 4, 2007

Sunho KimMyongji University, Korea

[email protected]

AgendaAgenda

1.1 Introduction to Korea Database Promotion Center

1.2 Survey Results for DQM1.3 DQM Certification Processes1.4 Certified Industries in Korea

11 DQM Certification Program

DQM Maturity Model 22

Conculsion 33

3

1. DQM Certification Program

1.1 Introduction to Korea Database Promotion Center (KDPC)

• KDPC, established in 1993, is a government organization under the Ministry of

Information and Communication. It aims to expedite the realization of ubiquitous

knowledge & information society by way of promoting utilization of information in

public and supporting advancement of database industry in Korea.

Database Industry Promotion and Advancement toward u-Korea Realization

Knowledge Innovation Center for Database Excellencies in 21st Century

• The DQM (Data Quality Management) Certification Program was developed in 2006 by KDPC

4

Strategicuse of data

Data typesand volume

Datainterchange

amongenterprises

Requestfor quick &correct dataIn the fast

environmentalchange

• The Survey of DQM needs in Korea [Sep.,2005, KDPC ]

Implementation of DQM

Implementation of DQM

No 70%

Yes 30%

Needs for DQMNeeds for DQM

No17.4%

Yes 82.6%

Rising

1.2 Survey Results for DQM


Trend

5

Application/

Requisition


1.3 DQM Certification Processes

Enterprise Data Quality Appraiser Certification Center

Evaluation

Verification

Certification

ConsultationPlan

establishmentRequisition

ApprovalContract

conclusion

Evaluation

ResultResult

Consideration

Verification

Certificate IssuanceCertificateacquisition

6

1.4 Korean Industries Under Preparation for Certification


KDB POSCO

KTF

FOA

Kyobo

…

KT

KISTI

IITA

SAMSUNG

SDIIBK

…

DQMCertification

Financial Industry

Public Institution

IT Industry

Manufacturing industry

Agenda

2.1 Characteristics of the Model

2.2 Architecture of the Model

2.3 Data Quality Criteria

2.4 DQM Processes

2.5 Data Quality Criteria & DQM Processes

2.6 DQM Maturity Levels

11 DQM Certification Program

22 DQM Maturity Model

Conculsion 33

8


2. DQM Maturity Model

DQM Target

• Data quality secured by the measure of the moment doesn’t last long• Data quality can be preserved or improved when DQM is performed continuously• Need to take both data and process into account

Issues of

DQM

Strength

Weakness

Action

It can reduce fundamental causes of data errorsIt is possible to improve data quality continuously and step by step by process improvement

It is not possible to respond quickly to data errorsData quality is measured qualitatively

It’s possible to respond quickly against data errors by measurement criteriaData quality is measured quantitatively

It is not easy to measure quality levels.After a certain level of quality, the quality declines as time goes by

Improve and preserve DQM processesMeasure data quality and improve data of bad quality

Management ProcessData

9



• The model evaluates maturity levels of not data quality itself but DQM processes• The model primarily focuses on the certification of general master data and application data.• The model was developed based on CMMI (Capability Maturity Model Integration ) and EAMM (Enterprise Architecture Maturity Model)

10

- Three Components of the Model

Data Quality Criteria

DQM Processes DQM Maturity Levels



11

Data ValidityMaturity Level

Data UtilityMaturity Level

Data Management Processes

DQM Process

Data Validity

Data Utility

Organization Maturity Level

Extract DQM ProcessesMeasure the maturity level

of a whole organizationMeasure the maturity level

by criterion


Integration

Quantification


Match DQM ProcessesTo data quality criteria

12

Different Awareness about Quality

Imprecise Target

Quality Management Problems Occurrence

Consistent Definition of QualityProblems in Case of No Criteria

CriteriaEstablishment

Validity Utility



Accu

racy

Co

nsisten

cy

Usab

ility

Accessib

ility

Tim

eliness

Sec

urity


13

Validity Utility


Consistency implies that there are no variations between identical data content within an information system.

Data usability implies whether to satisfies the scope of data and its detailed level that users require.

Accessibility implies how easily users can access data that they need.

Timeliness implies response

time, up-to-datedness of data, etc.

Accurate data should essentially reflect values of an object in the real world without errors.

It implies whether or not data is being aptly protected from internal or external dangerous factors.

Consistency Usability Accessibility Timeliness

Security

Authenticity, Compatibility,Necessity, Relevancy

Compatibility, Unanimity,Referential Integrity

Sufficiency, Flexibility,Usability, Traceability

Protection, Liability, Safety

Accessibility Timeliness

Ac

cu

rac

y

Co

ns

iste

nc

y

Us

ab

ility

Ac

ce

ss

ibility

Tim

elin

es

s

Se

cu

rity

Accuracy



14

RequirementsManagement

Data ArchitectureManagement

Data FlowManagement

DatabaseManagement

2.4 DQM Processes

- DQM includes eight different processes:

This process is intended for solving and managing users’ demands for data. User requirement is further separated into functional requirements required in business processes and nonfunctional requirements such as response time, data supply interval, etc.

This is the process that manages the data structures of data modeling and database planning, and provides users with their data requirements.The processes include data flexibility, data redundancy, data integrity, and data conformity management.

The various processes that create, extract, convert, and store the source data to meet the target. The processes include flow cycle management and circulation flow management.

This process administers and oversees databases that actually store the value of data.Performance management and security management are the sub-processes.


15

Data Application

Management

Data Standardization

Management

Data Ownership

Management

User ViewManagement

2.4 DQM Processes

This process evaluates the present condition of data provided to users and the environment in which data maximization can be achieved. Sub-processes are business rules verification and usage monitoring

To maintain a standardized view on data, this process manages definitions of data standardization rules, standard modifications, and standard applications management. Examples of standard data; terminology, codes, domain, conversion rules for data exchange, etc.

Data ownership management defines the various procedures, processes, and activities encompassed in DQM on the basis of owner responsibility and rights. The owner has authority over the creation, change, application, and deletion of data.

The process implies the management of environments where end users can apply data. The purpose of this process is to minimize barriers of user access and maximize data utilization. Hence, the user view should be designed and implemented from the users’ point of view.


16

Processes

Application(Monitoring)

Requirements(Functional)

User View

DataStandardization

DataArchitec-

tureData

Database(Performance)

Database(Security)

Application(Biz Rule)

Flow

Ownership

Requirements(Nonfunctional)

RequirementsManagement

Data ArchitectureManagement

Data FlowManagement

DatabaseManagement

Data ApplicationManagement

Data StandardizationManagement

Data OwnershipManagement

User ViewManagement

Process Relationship Diagram

2.4 DQM Processes


17


Validity Utility

SecurityAccuracy Consistency TimelinessAccessibilityUsability

Requirements Management

Data Architecture Management

Data Flow Management

Database Management

Data Application Management

Data Standardization Management

Data Ownership Management

User View Management

2.5 Data Quality Criteria & DQM Processes


DQ

M P

rocesses

18

MaturityQuantification : DQM is performed by quantitative measurement methods.

Integration : DQM is performed consistently from the viewpoint of enterprise integration.

Formalization : Overall processes for DQM are formalized.

Introduction : The organization recognizes problems and necessity of data quality, and performs partial DQM activities.

Optimization : Factors to improve DQM are derived and applied continuously.


5

4

3

2

1

Quantification

Integration

Formalization

Introduction

Optimization

- Definition of DQM Maturity Levels


19

Accuracy

The required operational rules are implemented as DQM problems are realized. In addition, the administrator personally manages various activities in parts. Even if the problem is recognized and inspected, there are still many errors since there is no standardization or systemization.

The administrator systematically inspects and enhances support tool applications, and produces standardized documents that clearly reflect operational rules needed at hand. Also, standard domain and code are recorded, and the database is periodically checked and improved to assure that the standards are acceptable.

In regard to the operational rules, causes of the error are tracked and analyzed after inspection, and the present conditions of the error enhancement are summarized in a record log and database. Data quality inspection, follow-up, and enhancement are safely administered and managed qualitatively.

The success of inspection and data error enhancement requires an index of quantitative goals to be measured periodically. Additionally, the responsibility and role of the process administrator adjusts controls according to the recognized data error. In the transferring dimension, quantitative management switches to qualitative management, and the level clearly measures and acknowledges the outcomes of quality.

The operational rules and error patterns are analyzed so that error does not occur, and the root cause of error is removed by continuous process improvement. This means that the current quality management can be optimized and tackle any situation that may arise in the environment.

1

2

3

4

5

ProcessMaturity

Level




20



[Standard Data Management]• Terminology, codes, domain, etc. • Define standards for accuracy

[Data Application Management (Biz rules verification)]

• Define data objects for management• Confirm accuracy• Define data objects for management

systematically• Confirm accuracy under the plan• Keep track of data errors systematically• Keep management indices• Accumulate knowledge of error

resolution• Remove fundamental causes of data

errors

[Data Ownership Management]• Define roles and responsibilities clearly• Evaluate performance

- DQM Processes for Accuracy

21



- DQM Maturity Levels for Accuracy

• Define biz rules clearly and keep them up-to-dated • Perform verification by software and record results• Data accuracy highly relies on personal ability

• Identify clearly biz rules for management• Keep them in the form of formalized documents or diagrams • Improve accuracy errors by tools or systematic ways

• Verify biz rules enterprise-wide, grasp causes of errors, and improve them • Perform consistently verification, tracking, and status monitoring from the

viewpoint of enterprise• Perform normal DQM activities

• Determine performance measures for standards, applications, and ownership • Perform evaluation regularly, and store knowledge of errors • Adjust roles and responsibilities when necessary

• Analyze knowledge-based standards, applications, ownership and various error patterns

• Remove fundamental causes of errors, and improve corresponding processes

1

2

3

4

5

5

4

3

2

1

Quantification

Integration

Formalization

Introduction

Optimization

22

Consistenc

y

1

2

3

4

5

ProcessMaturity

Level

Data duplication is defined; documents show the relationship between tables and columns; relationships of data defined within duplicated columns are inspected periodically. A list of successful and failed attempts is managed by inspecting and using separate mapping logic programs since data flow is documented in the programs and structure maps of databases.

There are standardized methods such as the ERD that help to clearly understand the relations between tables and columns, and compliance procedures are used periodically to follow up on the use of the standards. Data flow tools and formulated methods, for example, are developed based on batch movement. Some features that are checked in mapping logic are the layout modification and the actual progress of work flow, and a procedure is arranged to control errors that show up during flow monitoring.

It is feasible to check the tables and programs that define the standards, analyze the effects of quality modifications, and check the nonstandard functions. In the dimension of the enterprise, the cause of various kinds of errors is inspected according to the administrator in charge of the particular standard in question. The administrator organizes and prepares documents that describe the present state of error enhancement and database utilization. The state of the error must be tracked and managed qualitatively in the viewpoint of data inspection.

Compliance of standards is measured periodically within the realm of conformity and application to fulfill quantitative goals, and the role and responsibility are adjusted to learned errors. In respect to the enterprise, qualitative management can involve quantitative controls to develop data quality and clearly assess the outcomes.

Even if errors are not found, learned error patterns should be analyzed to remove the root cause of potential errors, and process improvement activities should be continuously recorded and managed. This practice enables the present data quality to be optimized and any changes in the environment to be managed effectively.




23

Usability

1

2

3

4

5

ProcessMaturity

Level

Requirements are defined in this stage. User requirements are collected, documented, and then confirmed by the users. As the user grasps the response situation of the requirements, the processing status of the requirements is recorded. Also, the user confers about the problems and boundaries of the response to the requirements.

In this stage, the response process to the requirements fixes any problems and user responses are reflected in this stage. Compilation and confirmation of the requirements and the response process are established. Modifications can be made upon the agreement of the person in charge. Also, user instructions are offered, the status of data applications is checked, and user dissatisfactions or requirements for improvement are addressed.

Data architecture is designed based on the requirements and modifications to the data architecture resulting from new requirements or changes to existing requirements are evaluated. There is a systematic organization in charge of managing the data architecture of the enterprise. Organizations and processes for conferring on the requirements are defined, and priorities of resource distribution for the response of the requirements are defined and managed. Also, two-way tracking system is maintained between requirements and project plans/output.

Quantitative goals are set about the quality of individual data, and progress is evaluated regularly through a measurement index. Based on the result of the evaluation, response knowledge about functional user requirements is systematically classified and documented. When necessary, roles and responsibilities of the person in charge are changed. From the viewpoint of the enterprise, qualitative control is transferred to quantitative control, and product quality is clearly measured and documented in this stage.

The best practices of the industry are reflected in the control for its maintenance and development. In addition, data utility is maximized through application of utility technologies and optimization of limited resources.




24

Accessibilit

y

1

2

3

4

5

ProcessMaturity

Level

Basic user views are provided including menu structure, site maps and references. In addition, users can search dispersed data. There are rules on integrating or converting dispersed data.

Users are provided with standardized user views and get regular education to improve their ability to utilize data. User manuals are consistently updated. As dispersed data are provided through subject-oriented, integrated database, users can have easy access to and utilize data.

Data dispersed to various systems are provided through integrated user views and channels that help access to data that are necessary for a business become more diverse. Dispersed data can be analyzed from the viewpoint of the enterprise. In addition to the basic data provided by enterprises, an environment is provided to enable users to carry out a more advanced analysis on data. Also, the data is profound enough to crease added value. Finally, meta information is provided and shared among users though the basic data architecture.

Quantitative goals are set about the quality of individual data, and progress is evaluated regularly through a measurement index. Based on the result of the evaluation, accessibility is improved and user utility patterns are analyzed. When necessary, roles and responsibilities of the person in charge are changed. From the viewpoint of the enterprise, qualitative control is transferred to quantitative control, and product quality is clearly measured and documented.

In this stage, new technologies and utility situations are applied to the efforts to optimize user views. The optimization is not confined to the current environment, but also applies to future environments.




25

Timeliness

1

2

3

4

5

ProcessMaturity

Level

Nonfunctional user requirements are defined in this stage. User requirements are collected, documented, and then confirmed by the users. As the users grasp the response situation of the requirements, the processing status of the requirements is recorded. Also, the users confer about the problems and boundaries of the response to the requirements. Schedule management is carried out on basic data flow and the result is evaluated on a regular basis.

The response process fixes and adjusts to the requirements, data flow cycle is coordinated, and roles and responsibilities for managing timeliness are defined. Compilation and confirmation of the requirements are established. The organization sets up schedules, responds to the requirements, and tunes the operating system regularly. Data flow cycle is clearly defined, and data analysis cycle, deadline and summary are documented. In addition, operations before and after data flow are coordinated.

Resources for the response to the requirements are distributed and distribution plans are set up and implemented in order. In this stage, data flow is managed from the viewpoint of the enterprise and roles and responsibilities are clearly defined. Also, professional response to the nonfunctional user requirements is established.

Quantitative goals are set about the quality of individual data, and progress is evaluated regularly through a measurement index. Based on the result of the evaluation, response knowledge about nonfunctional user requirements is systematically classified and documented. When necessary, roles and responsibilities are changed. From the viewpoint of the enter-prise, qualitative control is transferred to quantitative control, and product quality is clearly measured and documented.

The organization consistently looks for room for improvement and optimizes performance by tuning the systems and redistributing resources. In terms of data flow, it eliminates the cause for unnecessary flow, and finds out and applies technologies that enable improvement of performance.




26

Security

1

2

3

4

5

ProcessMaturity

Level

In this stage, subjects for security control and the security level are defined. The subjects are divides and evaluated. Based on controls on access of systems, basic identification and confirmation are conducted. Also, back-up plans are set up to ensure continuity.

In this stage, organizations are constituted, businesses are divided, and guidelines and processes are established to ensure security. The organization in charge conducts standardized management of security. All processes including controls on access, back-ups and restorations are established and roles and responsibilities of people are defined. Besides, all processes are defined such as the response process in case of an emergency.

From the perspective of the enterprise, security management of data is carried out consistently, and loggings and analyses are conducted on all uses. Loggings and audits analyze and decide threats, which are reflected in the security policy. Vulnerabilities are assessed and threats are removed on a regular basis. Loggings and audits apply to all uses.

Data security management is stepped up in this stage. People in charge of different businesses can keep each other in check, and when permitted, proper controls are implemented on one. Complex identification and confirmation systems including a certificate system are implemented and tools are established to prevent an insider from revealing secret information. Authority division and important data are encoded.

Data security management is completed in this stage. The optimization is not confined to the current environment, but also applies to future environments. The organization assesses the current security management, examines whether it is effective in protecting the data, and complement weaknesses. Besides, the organization sets up threat control system that consists of several levels and completes a defense system that can actively handle any unexpected threat.




27

- An Example of the Maturity Level Certification

AccuracyLevel 5

ConsistencyLevel 5

UsabilityLevel 5

AccessibilityLevel 5

TimelinessLevel 5

SecurityLevel 5

Validity Utility


AccuracyLevel 4

ConsistencyLevel 4

UsabilityLevel 4


TimelinessLevel 4

SecurityLevel 4

AccuracyLevel 3

ConsistencyLevel 3

UsabilityLevel 3


TimelinessLevel 3

SecurityLevel 3

AccuracyLevel 2

ConsistencyLevel 2

UsabilityLevel 2


TimelinessLevel 2

SecurityLevel 2

AccuracyLevel 1

ConsistencyLevel 1

UsabilityLevel 1


TimelinessLevel 1

SecurityLevel 1

DQM MaturityIn Validity

Level 3

DQM Maturityin Utility

Level 2

DQM Maturityof Organization

Level 2



28

This model has been designed to evaluate DQM processes. We need to extend the model to cover the evaluation for data quality DQM Maturity Model can be provided as a reference framework for ISO 8000 data quality. For further Information, please contact:

Sunho Kim, Myongji University (www.myongji.ac.kr)Inchang Kim, KDPC ([email protected])

3. Conclusion

Thank YouThank You

11.dqm certification program in kor

Technology

data errors data quality

data usability

long data quality

application data

accurate data

scope of data

datedness of data

survey of dqm