The building blocks for any integration, quality, or security development effort require having well-defined and understood definitions as well as a clear set of policies, which govern and dictate its implementation and application.

Definitions apply meaning, identification, and context to the processes, routines, and assets. Definitions further provide an easy entry point for searching, cataloging, and understanding information.

Policies help define and supply a broad range of requirements for these processes, routines, and assets. Policies further allow for the declaration of the business requirements for security, privacy, and other such regulations in a clear and easy to understand manner.

This chapter describes the benefits, requirements, and implementation in the development of business definitions and a set of business policies, and the real benefit that they provide within any organization.

The core set of information governance foundation principles are depicted in Figure 3-1.

Organizations today are realizing that the establishment of a common set of definitions is a requirement to achieve efficiency, promote communication, streamline, and ensure standardization and compliance. These definitions remove ambiguity within the organization and allow leveraging and sharing the correct understanding and meaning of information.

Business definitions impart an extended understanding and meaning of information and provide greater knowledge and comprehension about the data generated, processes, data stores, and usages to support operations. Through a well-defined taxonomy (hierarchy) and a rich set of formatted business definitions, users clearly benefit in their ability to easily search, browse, and navigate such definitions, their meaning, usage, and applied information assets.

Consider the following scenarios:

A business definition will offer and promote a singular authoritative and accepted source for the meaning of information and further can provide a rich set of added dimensions. Definitions also help identity and locate and identify the assets and processes found within the organization.

Business regulations and standards for the continuous operational integration and storage of information are many and transforming. Organizations today are tasked with reacting and adapting to these regulations and standards in the realm of data privacy, master data, standardization, and truth-in-reporting. For organizations to remain agile in their ability to implement these regulations and standards, they must be able to deliver a set of well defined and easily understood requirements to all members of the organization.

Business owners and analysts must posses the ability to publish a catalog of such requirements, in the form of business policies and rules. Business policies and rules, similar to business definitions, are predicated on expressing the precise requirements, compulsory regulations and standards or compliance definitions in simple and easy to understand language. Business policies and rules additionally convey the source of such regulations or standards and the additional details that complete them.

Developers tasked with implementing will benefit from understanding these requirements in greater detail, including their intended purpose and wanted results. Analysts and managers will benefit from a comprehensive view of how such requirements have been implemented and general compliance of information assets.

Consider the following scenarios:

A set of business policies and rules will provide for a comprehensive and detailed set of regulations and standards that can be shared and benefited across the organization. Such policies and rules can identify the processes implementing them or the assets that they govern. Such policies and rules can also identify the compliance of the organization upon these set of requirements, and ultimately help determine any unnecessary risk or suspect data, and express confidence in its information.

Information Server provides a single unified platform that enables organizations to understand, define, cleanse, transform, and deliver trustworthy and context-rich information. Information Server is a multi-tiered platform, which includes a suite of applications focused on all aspects of the information supply chain or data integration domain. The platform further aligns all objectives of the business and is optimized for connectivity to diverse data sources. Refer to Figure 3-2 on page 45.

Business Glossary is designed to provide a common and consumable vocabulary to facilitate communication and understanding throughout the organization. Business Glossary is also a hub for the implementation and application of data governance principles and their requirements.

As such, Business Glossary offers a collaborative environment for the drafting and maintaining of information. Formal governance initiatives require a process for the authoring and management of Business Categories, Business Terms, Business Policies, and Business Rules. This process allows for the review and approval of information before its ultimate publication and visibility within the organization.

Domain or subject-matter experts will often possess the knowledge required in defining of terms and rules. These individuals further are considered the owners of such information, whose understanding of these concepts and their definitions are critical in capturing and publishing their meaning and usage requirements.

Before drafting and publishing information within Business Glossary, the formulation of a comprehensive Data Governance process, as that depicted below, is a critical first step. This process, in particular, defines and outlines the tasks, owners, and expected results for such information. Refer to Figure 3-6.

Knowing where to begin is often the most difficult and monumental challenge. Organizations are typically as diverse as they are complex. The individual segments and divisions within the organization each will want to participate and benefit from a Business Glossary initiative. After all, it is the Business Glossary that will deliver to the benefit of the entire organization a clearly defined and well understood set of Business Categories and Business Terms in a single tool.

General guidelines dictate initially concentrating upon a single high-value information area or scope within a data integration implementation. For example, a new Data Warehouse initiative or a heavily regulated area within a data store with changing requirements and lax governance insight.

Set the focus on the semantic business definitions, and borrow from the language of the business, in the form of Logical or Business Intelligence models. Leverage existing lexicons or industry standards. Poll and gather real-time understanding for how such concepts and definitions are currently used or applied.

Establish benefit and garner interest within a selected and focused area of the organization. Demonstrate the richness of a Business Term in that it includes relationships to Information Assets, links to external specifications or documentation, and details specific to the application and usage of such a term. Adoption across the organization may not be immediate, however it will follow as users realize the benefits of a singular portal for defined information.

Finally, develop milestones for the establishment and publication of Business Categories and Business Terms, including the correct set of authors, approvers, and publishers. Authors define the domain or subject-matter expert who will draft information and the details of such information. Approvers review, comment, and accept or reject the drafted information. Finally, the publishers will make available the approved information for everyone within Business Glossary.

To support such a glossary approval process, Business Glossary is seen as having a Development Glossary area for the drafting, approval, and publication of information, and a Published Glossary area for the read-only display of information. Refer to Figure 3-7.

Creating a new Business Category or Business Term is a simple process. It is equally as simple to modify and perfect information based on feedback or changing requirements. Therefore, the process is iterative and the definitions of terms are continually reviewed and adapted.

First, begin with creating a set of hierarchal Business Categories to reflect the containers of the terms to be created. Each category should be unique and reflect a distinction in its definition.

Secondly, create a set of terms that must appear within a Business Category. It is good practice to additionally include a description, status, and example details. With the maturity of the Business Glossary, the term can be modified to include relationships to Information Assets, other Terms, Business Labels, or a Data Steward.

When the draft of categories and terms are complete, initiate the approval and publication process so that the information is available to all users. Finally, institute a further review process with key business owners and stakeholders, gathering any feedback and understanding the key benefits that they may have received. Refer to Figure 3-8.

Business Policies reflect the standards and requirements that an organization must adhere to, the functions and practices that apply those standards, and the responsibility to comply with them as well. Policies define and broaden the understanding and knowledge of the standards as they relate to the assets and process of the Information Supply Chain. For example, the data privacy, data cleansing, or data masking requirements that must be applied.

Business Policies further allow the business owners and compliance officers to declare the intended behavior and usage of information. Business Policies leverage existing Business Terms in helping define the precise scope and definition, and leverage Information Assets to communicate their precise governance lifecycle.

Business Policies contain and reference the Business Rules which implement the requirements and standards defined by the policy. Therefore, a hierarchy of Business Policies may be created to express the diverse and multitude of standards and requirements, where each policy imparts additional identification information and a set of contained rules.

Business Rules assert the definitions and constraints for the structure of information and, which are applied to assets of the Information Supply Chain. Data Governance requires that Business Rules are clearly written, defined, and approved, as well as have a process for applying such rules to Information Assets, reviewing the rule results, and reacting accordingly.

Business Policies and Business Rules further convey a broad set of standards and requirements that affect organization objectives, operations, and direction. These policies additionally lay down a response for given situations, circumstances, and rule failures. Policies also determine the formulation and implementation of the strategy, which directs the plans, decisions, and actions to achieve a defined set of objectives.

Creating a new Business Policy or Business Rule is a simple process. It is equally as simple to modify and update information based on changing and evolving requirements. Therefore, the process is iterative and policies and rules must continually be reviewed and adapted.

Start with creating a set of hierarchal Business Policies reflecting the domains and subject of the standards and requirements. Each policy should be unique and reflect a distinction in its definition, usage, and set of contained or referenced rules. Refer to Figure 3-9 on page 53.

Next, create a set of Business Rules which should appear within a Business Policy. It is good practice to additionally include a description, owner, and link to the process and application used to implement the rule, or the Information Assets on which the rule is applied.

When the process of creating new or modifying policies and rules is complete, initiate the approval and publication process so that the information is available to all users. Finally, institute a further review process with key users, business owners, and stakeholders, gathering any feedback and understanding the key benefits received. Refer to Figure 3-10 on page 54.

Without an ability to easily identity and locate information, the definitions and policies developed and made available by any organization will fail in their adoption and general usage. Ultimately, if such definitions and policies do not gain acceptance and are not fully developed nor made an integral part of any process, the efforts to develop and maintain such definitions and policies will cease.

Therefore, the enablement of users to gain access to information is as critical in the Data Governance plan as are the publication of definitions and rules.

Business Labels satisfy these requirements in their ability to tag and associate subject areas for information assets or process. Labels can denote geographies, divisions of an organization, integration projects, or applied business standards. Information assets may include multiple labels, allowing for flexibility in their application and the extended understanding of such assets. For example, a set of tables within an operational-data-store may be shared across multiple projects, and include a reference to a business standard.

Business Labels may easily be created and managed, in addition to the process of associating such labels with information assets. Users may leverage such added descriptive information in searching and identifying specific assets.

A comprehensive set of definitions and policies benefit an entire organization that needs to reference, understand, and analyze the information assets and processes, which that organization generates and contains. Users may consult and use such definitions and policies for understanding the structure and meaning of information in real-word terms, in addition to exploring the requirements for the usage and integration of such information.

IBM InfoSphere Information Server as a platform, and IBM InfoSphere Business Glossary allows for the easy navigation of Information Assets which are categorized by Business Categories and Terms and structured by Business Policies and Business Rules in addition to being tagged with Business Labels.

Developers will understand the intent of the requirement and definition of information, leading to agility and streamlined integration processes.

Business owners will gain confidence in their information and will be satisfied in their ability to publish and make known the data requirements and project standards.

A core principle of Data Governance includes defining key concepts and terms, and publishing known requirements. These principles lead to more informed business decisions, reduced operational inefficiencies, and adoption of the business standards throughout the organization.