“Enterprises are investing significant capital to develop and deploy big data analytics to obtain an early competitive advantage,” said Richard Chew, CISA, CISM, CGEIT, senior information security analyst at Emerald Management Group and a co-author of ISACA’s new white paper, “Big Data: Impact and Benefits.” “While big data can reap big rewards, it also poses significant risk, including misleading data and unexpected costs. It is critical for enterprises to put in place a governance program to ensure that information remains accurate, consistent and reliable.”
One of the challenges posed by big data is that it has turned enterprises into competitors in some arenas and cooperative partners in others. Consider Netflix and Amazon, whose video streaming services compete, while Netflix uses the Amazon.com cloud infrastructure to support its streaming.
While the need for governance of big data environments is clear, big data governance is still at an early stage of maturity.
"Several issues present challenges pertaining to big data. SCADA systems, social media and financial institutions present enormous amounts of data to sift through and manage,” said Genemar Arthur Lazo, MSBA, CISA, CGEIT, CRISC, CISSP, CEH, manager of vendor evaluation at Walt Disney Studios and research chair for the ISACA white paper. “In addition, the lack of presentation of the data in meaningful data sets and the inaccuracies of real-time data are daunting and challenging. Frameworks such as COBIT help facilitate the balances for managing risk and reward when working with big data for enterprises."
Marc Vael, CISA, CISM, CGEIT, CRISC, international vice president of ISACA, said, “For many organizations, big data is about understanding which data they are capturing first, setting clear priorities in terms of business criticality, taking actions based on results and finding a big data coach to guide them whenever needed.”
Vael concluded, “Big data is about the fact that your data is precious and thus needs to be handled intelligently by future proof processes and systems and in compliance with relevant laws and regulations. I recommend that every organization look at this opportunity whilst accepting the fact that the volumes will keep on growing.”