//
you're reading...
Information Security, IT & TECHNOLOGY

Data Analytics Maturity Models and the Control Environment


Angel SerranoOrganizations have recently raised concerns on their data analytics capabilities. There are several motivations for this increased interest in data analytics, such as fulfilling regulatory requirements, increasing efficiency and reducing cost. However, the primary reason is focused on the identification of business opportunities. The most typical questions include:

• Are we maximizing the value from the data we currently have?
• Are we missing business opportunities because we do not use our customer data?
• What is the competition doing?
• What are the best practices in the market?

It is difficult to answer these questions without a structured model that defines what is “basic” and what is “advanced.” It helps to provide a simple maturity model that is easy to understand.

The maturity levels below show a basic and summarized model based on the current situation in the financial services sector, and are based on what the industry wants to achieve.

  • Level 1: Basic data analytics capability. Systems and applications working in silos and analysis performed on individual databases on end-user computing tools (e.g., spreadsheets and access databases). Limited analysis can be done at this level due to the limitation of the tools and the data used.
  • Level 2: Specific analytics function. Interaction between systems (e.g., data warehouses or data lakes) and usage of data analysis tools that allow integration of different data sets. Analysis can be reused on those systems that combine different data sets. However, there is a gap between the business and its data analytics teams.
  • Level 3: Business intelligence capability. Adding a business intelligence platform (data visualization ledger) to the previous maturity level. This allows the end users to perform their own analysis through dynamic dashboards.
  • Level 4: Prediction Analytics (artificial intelligence). Adding to the previous maturity level the usage of statistical analysis that allows for the creation of prediction models and algorithms based on parameters or scenarios.

Some organizations want to achieve the best maturity level without having basic controls in place, which can create erroneous results due to the lack of quality in the data used. An appropriate level of control and data governance function is critical for the success of the data analytics function, and helps to progress through the maturity model.

Examples of basic controls that must be in place before progressing to the next level include:

  • Input controls on entry data systems and applications, such as range controls (e.g., age must be between 18 and 100), avoid zeros and blanks, invalid characters, etc.
  • Reconciliations (or equivalent) on interfaces and transfers of data between systems applications; sometimes totals on number of transactions and total value provides enough level of comfort.
  • Assurance that calculations performed on applications are correct. Reperform calculations in an independent environment in order to ensure that calculations are performed correctly.

To summarize, the use of data analytics techniques and expertise can increase the value from the data that organizations can obtain. However, it is important to maintain data quality and a management framework to ensure that the data used for the analysis is fit for purpose.

Angel Serrano, CISA, CISM, CRISC, Senior Manager, Advanced Risk & Compliance Analytics, PwC UK

[ISACA Now Blog]

About @PhilipHungCao

@PhilipHungCao, CISM, CCSP, CCSK, CASP, CIW-WSP, GICSP, PCNSE, ACSP, CCDA, DCSE, JNCIA, MCTS, MCSA, VCP5-DCV, VCP6-NV, ZCNT is a #TekF@rmer. He has 16 years' experience in ICT/Cybersecurity industry in various sectors & positions.

Discussion

No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Web Stats

  • 119,161 hits
@PhilipHungCao

@PhilipHungCao

@PhilipHungCao, CISM, CCSP, CCSK, CASP, CIW-WSP, GICSP, PCNSE, ACSP, CCDA, DCSE, JNCIA, MCTS, MCSA, VCP5-DCV, VCP6-NV, ZCNT is a #TekF@rmer. He has 16 years' experience in ICT/Cybersecurity industry in various sectors & positions.

Personal Links

View Full Profile →

Enter your email address to follow this blog and receive notifications of new posts by email.

Join 2,247 other followers

Twitter Updates

Archives

August 2017
M T W T F S S
« Jul   Sep »
 123456
78910111213
14151617181920
21222324252627
28293031  
%d bloggers like this: