Gartner Blog Network

Enterprise Information Management (EIM) Maturity Q&A

by Doug Laney  |  February 23, 2017  |  12 Comments

During my February 22, 2017 webinar The Gartner Enterprise Information Management Maturity Model (replay available), attendees asked a number of excellent questions. Not able to answer them all during the session, I promised to address them in my blog.

EIM dimensions

We’re just starting on the EIM journey with a new CIO and Data & Analytics Leader. How does the accountability and ownership best split between the roles given the opportunity to establish from a blank page?

In my upcoming Infonomics book (due out in September), I include a set of “Generally Accepted Information Principles” (using the GAAP framework). One of those is the “Optimization Principle” which states: The business is responsible for optimizing the usage and understanding of information; the information management organization is responsible for optimizing information’s availability and utility; and IT is responsible for optimizing information’s accessibility and protection. I think establishing this triumvirate is an ideal starting point for defining the delineation of responsibilities. Of course you’ll want to discuss, negotiate and further refine each of these at a lower level of detail.

Do you recommend or have an opinion on the DAMA DMBOK as far as applying it to an EIM program?

The DMBOK is an excellent resource (as is DAMA). I find it very functionally-rich, but lacking some alignment across functions, and missing things like vision and metrics and overall EIM strategy. Ultimately the DMBOK is a fine EIM process checklist with detail on each of the functions. But it falls short in defining and how to coordinate an overall EIM program. Others like the CMM DMMM, the EDM Council MM, and MIKE 2.0 (based on my Meta Group work over a decade ago) also lack program/coordination and components for vision, life cycle, organization and roles, or even key activities like MDM. Some also lack incremental improvement recommendations or a self-assessment tool. But more than anything, these other models are not backed by 1000s of related research publications, as is Gartner’s model. Of course I’m biased. 🙂

Who should lead the EIM program: – CDO? – IT? – Business/Finance?

Ideally yes, a CDO or someone with executive level authority and resources. And an effective EIM program must coordinate across IT and business units effectively, so placing the CDO within one of those two can be suboptimal.

What would be the reason not to consider information as a true asset? There seems to be money to be made if they do.

Interesting question. One argument I’ve heard for the accounting profession not to consider information as a balance sheet asset is that it’s too difficult to measure the value of, and because it can be too easily copied, its ownership and control (key asset criteria) are difficult to ascertain. From an organizational perspective, not accounting for information allows information-centric companies to compile, generate and deploy information without disclosing it publicly. It also drives higher market-to-book valuations for info-centric companies.

What scope / deliverables should an EIM Phase 1 project have? (3 month delivery horizon?)

First, as I mentioned during the webinar, EIM is not a “project” per se. Rather it is an overall program approach for coordinating various information-related capabilities. That said, you have to start somewhere, right? So I’d suggest adopting the framework and laying out the components would be a great start. Use our Enterprise Information Management Program Template to flesh out your approach. Next, I’d suggest sorting out key roles and responsibilities, and an overarching set of principles for EIM that everyone, including the business and IT, can agree upon. In my upcoming Infonomics book (Sept), I lay out a set of “Generally Accepted Information Principles” gleaned from reviewing 100s of clients’ data strategy documents, and drawing upon key asset management principles from other disciplines. I’m happy to discuss and share these individually with clients any time.

Hello, do you view regulation (such as the EU GDPR) as a barrier to achieving maturity in this area or perhaps as a factor that we need to work smarter to deliver better controls and thereby achieve better information management?

On one hand, achieving regulatory compliance can detract from achieving direct economic benefits from information. On the other hand, many organizations use regulatory compliance as an impetus or imperative for overall information management improvements, including the hiring of a CDO, formalizing data governance, minimizing data extracts, improving data security, etc.

How do you recommend to implement the EIM program — with fully dedicated resources or can it be implemented with sort of virtual team across the organization?

The most successful EIM programs we see involve a core team of individuals…sometimes just a handful within the office of the CDO, and other times an entire 1000-person information management organization…plus coordination across business units and IT. Rarely, for example, do we see full-time dedicated data stewards. They are usually part of a virtual team.

Wondering where can we find the papers on how to quantify the value of data?

An overview of our information valuation models can be found in the blog: Why and How to Value Your Information as an Asset. The models themselves including guidance on how to do the calculations and adapt them is in the Gartner research publication: Why and How to Measure the Value of Your Information Assets. My upcoming Infonomics book (September) will also include details on the models.

I find making the leap from legacy data products to modern products challenging because the organization is entrenched in perceived value of legacy products. Is there a good test to measuring the actual utility of a data product?

I think “fit for purpose” is the operative expression here. What are your objectives in terms of functionality, performance, ease of use, flexibility, scalability, cost, etc.? And how would you quantify these? Having a well-defined vision and set of associated metrics can be useful in identifying if and when legacy technologies are reaching their end-of-life. As I mentioned during the webinar, “user satisfaction” is a poor proxy for value.

How are governments and for example police departments seeing information as assets?

Public sector, especially in the US is a bit of an exception. Rather than the information assets belonging to these kinds of organizations, it is part of the public trust (security and privacy notwithstanding). The Freedom of Information Act assures this, and recent open data mandates ensure the improved utility of information both within these organizations, and by others. FOIA prohibits government organizations in the US from selling or licensing information, but there are clever ways to monetize it internally and externally (e.g. via public-private partnerships). Government organizations in other countries are not so constrained. E.g., Gartner Consulting worked with another country’s national archives to determine the market value of digitizing certain artifacts.

Could you please provide some case examples on how some companies (preferably in Fin Services) have successfully used the EIM maturity model or a similar framework, wholly/ partially?

We have a library of dozens of examples of how organizations in every industry and geography have innovated with information. Many of them, however, focus on outcomes and economic benefits rather than the intricacies of how information is managed. For interested clients, you can submit an inquiry request to have me send you a selection of these real world stories.

A question on Governance, can you brief more on the “Eliminate notion of data ownership”. I was thinking ownership of data is in line with Governance principles and thus comes the accountability of data owners.

It’s mostly a matter of semantics. Using the term “ownership” perpetuates the notion of data siloes and hoarding. Language is important, as my colleague Valerie Logan has recently written about. (See Information as a Second Language: Enabling Data Literacy for Digital Society.) To maximize information’s value to the organization, it should be perceived, discussed and treated as an enterprise asset. However, of course you are right that governance is no-less important. Still, I personally prefer to see words like “trustee” used to designate an individual (or group) with authority over policies related to an information asset. Going a step further, the role of a fiduciary might fit as well. A fiduciary is someone with a contractual and ethical obligation for the well-being of an asset or portfolio of assets (typically financial assets, but just as applicable to information assets).

What size companies benefit from a formal EIM practice? We are 1,800 employees, $1B revenue, public utility.

Remember, EIM is a program or initiative. It does not specify the size or scope of information assets being managed or the requisite size of the organization. At its core, it’s a framework applicable to any size organization.

Information or data – interchangeable or important distinction?

Generally, I use the term “information” to refer to any and all forms of data or content, structured or unstructured, raw or processed. However, tacit information (a.k.a. “knowledge” or “wisdom”) is a different topic altogether as it does not meet the conditions of a true asset, and therefore cannot be monetized, managed or measured as one. Also, in most circumstances I consider the “data vs. information” argument to be pedantic, and “turning data into information” type phraseology to be trite marketing speak. Information’s potential value is more of a continuum. Ultimately, one person’s data is another person’s information. It’s contextual, and it’s a continuum. So making some artificial designation doesn’t really help much.

If you focus a lot on data does this focus cause a problem for organisation which are records/document-centric

Again, I think all information, whether structured or unstructured, electronic or printed, or raw or derived, can benefit from the same kind of asset management discipline and EIM program. I’d like to see the day in which all forms of data/information/content/records are managed under some unified approach.

I’ve noticed that a lot of EIM initiatives (and data governance, generally) tend to focus exclusively on data storage, ignoring data model standardization at the API / services layer. What are your thoughts on this?

Very good point. The Gartner perspective is that information architecture (including models and APIs and service layers) spans each of the EIM dimensions. I have been lobbying for information architecture to have its own EIM dimension, and would certainly support any organization that takes this approach. I agree with you that it is important enough to warrant a distinct high level capability.

How do you manage the tension between consistency across the dimensions and the need for data scientist to grab info prior to enterprise rationalization?

Ah, the age-old conundrum of expediency versus formality! Actually, your EIM strategy and data governance precepts should specify if/when/how data can be used before it is cataloged, cleansed, certified, integrated, and loaded into an enterprise data store (e.g. data warehouse, data lake, etc.). Or it should specify particular sandboxes for data R&D and experimentation. And governance policies should specify the degree to which that data can be used in any operational or strategic sense.

Follow me on Twitter @Doug_Laney  #infonomics #GartnerDA

Additional Resources

100 Data and Analytics Predictions Through 2024

Gartner’s annual predictions disclose the varied importance of data and analytics across an ever-widening range of business and IT initiatives. Data and analytics leaders must consider these strategic planning assumptions for enhancing their vision and plans.

Read Free Gartner Research

Category: cdo  data-and-analytics-strategies  infonomics  information-management  

Tags: cdo  chief-data-officer  data-governance  data-management  eim  infonomics  information-architecture  information-governance  information-management  information-technology  information-valuation  information-value  infrastructure  life-cycle  lifecycle  metrics  organization  roles  strategy  vision  

Doug Laney
VP and Distinguished Analyst, Data & Analytics Strategy
12 years at Gartner
30 years in IT industry

Doug Laney is a research vice president and distinguished analyst with Gartner. He advises clients on data and analytics strategy, information innovation, and infonomics (measuring, managing and monetizing information as an actual corporate asset). Follow Doug on Twitter @Doug_Laney...Read Full Bio

Thoughts on Enterprise Information Management (EIM) Maturity Q&A

  1. Fred Lee says:

    Dear Doug,

    As you have mentioned, all IM Frameworks are not the same – each one has its own focus. Yours has no exception. Gartner IM framework has only 7 dimensions! What about the concept of Victory V-model to maximize information value (define and verify VS. day to day management)?

    Could I share my IM Framework (capability based) that covers ALL capabilities that included in ALL framework?


    • Doug Laney says:

      Thanks for your comment Fred. Yes, tell us more about your framework, including a link to it. As for “only 7 dimensions,” of course that’s just the high level. There are dozens of capabilities within the Gartner EIM framework.

      • Fred Lee says:

        Hello Doug,

        Two more comments:
        1) Governance
        “Eliminate notion of data ownership” is alarming. Because the main purpose of “owner” is for decision making; without it who will be making decisions around information? Furthermore, the owner could be an individual or committee. We need to assign accountability to the information asset just like other assets.
        2) Process
        It seems your framework only focus on the information lifecycle. What about the business process management? Each business process will involve information creation, usage, distribution, and destroy (as input & output). The process capability needs to include all process (how your organization is work).


        • Doug Laney says:

          Thanks Fred,

          I merely contend that “ownership” is an unhelpful moniker that perpetuates the mine-versus-your data, and data silos.

          Business process is a key input to defining EIM vision and designing information processes, but it is not an EIM capability itself.

          Your framework (below) has 9 dimensions. I guess that’s two better than Gartner’s! 🙂 (Except that it jumps right into strategy without any vision — a critical mistake we see among most other frameworks and client efforts.)

          Still can’t tell from this what the “V model” is, nor can I find a reference to it anywhere. ???

          • Fred Lee says:

            Hello Doug,

            “A-Strategy and Planning” capability the driver of the organization, business unit, program, initiative, and project. It must have the “why” here. It will be confusing if there is no single authority (without the capability owner) to define what is mission vs. vision. Is mission drive the vision? You know what I meant. Therefore, there will be Why, What, and How in this space. And it applies to anything we do in an organization.

            In the framework, I am using two models; representation that shows how it works (smaller scale than the original):
            1)Victory V-Model
            Someone has applied it to the Information Management space and I used it ever since. E-BPM capability is the define & verify side of the V-Model (usually the business is the content owner). F-BSM capability is the execute side of the V-Model (usually IS/IT is the content owner).

            2) Enterprise Governing Model that covers people; process; and technology.
            Consider the basic governing needs or any endeavor. Regardless of size, scope or complexity, all endeavors require that decisions be made, things be done and people interact with other people.
            Therefore, the Enterprise Governing Model for Success is a decision making model that coordinated interaction of three components:-
            a) Decision Making Structure (roles & responsibilities). For example, capability owner and content owner are the decision makers.
            b) Operating Procedures (governance processes). For example, owner nomination workflow; role acceptance workflow; decision making workflow.
            c) Collaboration enabler (technology capability). For example, manual such as verbal or pen & pencil; email; collaboration software.

      • Fred Lee says:

        Nine IM Capabilities:

        DRIVER capability
        A-Strategy and Planning
        B-Policy and Standard

        FOUNDATION capability

        CORE capability
        E-Business Planning Management (Data & Process); define & verify in the V-model.
        E1-Business Process Management
        E2-Master, Reference & Meta Data Management
        E3 Quality Management
        E4 Record Management
        E5 Business Information Management
        F-Business System Management; execute in the V-model.
        G-Information Distribution Management

        ENABLING capability
        H-Technology Management
        I-Human Capital Management

        This framework could be applied to the whole organization via program, initiative, and project (even for EIM). It helps move an organization from silos to enterprise holistic and disciplined approach.

        Another purpose of this framework, clear roles and responsibilities:
        1) Each capability has an capability owner (promote the best practice) and content owner (generating the actual artifacts).
        2) Framework Owner, accountable to promote it and compliance monitoring. Steward role to ensure all artifacts are captured and published (gone thru the same governing processes).
        2) Capability Owner, accountable to promote the best practice within each capability and compliance monitoring. Steward role to ensure all contents are captured and published by the content owner.
        3) Content Owner, accountable to manage the capability content. For example, the E1-BPM capability owner will define BPMN as modeling standard. The E-BPM content owner (project sponsor) needs to use BPMN to map out its business process.

        It sounds complicated; but it is not. One could use the CMM to guide the IM journey for the enterprise, business unit, functional team, program, initiative, or project.


    • Doug Laney says:

      Fred, Yes, any company can request a vendor briefing with relevant Gartner analysts via: Looking forward to it! -Doug

  2. Excellent blog and discussion

  3. Adrian Bennett says:

    Hi Doug

    I only recently found this webinar. (I watched Alan’s one on “Why and How to Measure the Value of Your Information Assets” and found the link to yours from there. I worked with Alan in Australia.)

    I was particularly interested in the many asset management references/influences. I have been studying this for some time and was lucky enough to get an early look at ISO55000 before it was published. I was pleased they removed the reference to physical assets only as it appeared to be equally applicable to intangible assets like information.

    Has there been much interest in the value of information assets from not-for-profit or mission-based organisations?

    Is cloud potentially providing the business continuity insurance for information? It should change the conversation at executive level when the focus shifts from containers to content.

    Kind regards

    • Doug Laney says:

      Thanks Adrian. Would be amazing to find a company actually applying ISO55000/PAS55 to non-physical assets. In my upcoming Infonomics book (Sept 2017) there’s a whole chapter on why and how to apply various asset management principles and practices for improved info asset management. And yes, I do get some inquiries about valuing information from public sector and other NFP orgs…generally related to attenuating information-related costs and identifying internal opportunities for innovating with information. NFPs can certainly sell (license) or otherwise externally monetize their data as an additional offering. US government orgs (due to FOIA) cannot, but other governments can. I’m going to reserve speculation on cloud as a form of business continuity insurance for my colleagues covering data protection and cloud. But I suspect you are correct. -Doug

  4. Mario Mendez says:

    Hi Doug,

    I see that Gartner’s maturity model from the image of this blog touches the concept of Information Asset Management which I found it for the first time in John Ladley’s book(Making EIM work for business) and also I think it is the best way to sell EIM programs to the business.

    I also found after reading the Q&A of this blog that you mentioned your coming book will have some GAAP principles for information which I found pretty similar with John Ladley’s.

    So my question is: Will we see a completely new aproach in your book for Information Asset Management or is like a continuation of John’s previous work?

    I look forward to reading it.


    • Doug Laney says:

      Thanks Mario. Yes, My good friend John Ladley and I have collaborated for years on ideas related to information supply chains and info asset management. However, we diverged on “Generally Accepted Information Principles” after noodling the idea together a few years ago. He took a completely financial approach focusing on budgeting for EIM. My upcoming book, and research note use GAAP as a framework for a set of 18 key assumptions, constraints and principles (just as with GAAP) on how to manage information as an asset. They can form the basis of any overall EIM strategy/program. Note that my Infonomics book will be available in late September, but can now be pre-ordered: -Doug

Leave a Reply

Your email address will not be published. Required fields are marked *

Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.