Business Intelligence: Data Modeling (Part I: Ways of Thinking about Data)

Business Intelligence Series

I observed in several cases the tendency of data professionals to move from a business problem directly to data and data modeling without trying to understand the processes behind the data. One could say that the behavior is driven by the eagerness of exploring the data, though even later there are seldom questions considered about the processes themselves. One can argue that maybe the processes are self-explanatory, though that’s seldom the case. 

Conversely, looking at the datasets available on the web, usually there’s a fact table and the associated dimensions, the data describing only one process. It’s natural to presume that there are data professionals who don’t think much about, or better said in terms of processes. A similar big jump can be observed in blog posts on dashboards and/or reports, bloggers moving from the data directly to the data model. 

In the world of complex systems like Enterprise Resource Planning (ERP) systems thinking in terms of processes is mandatory because a fact table can hold the data for different processes, while processes can span over multiple fact-like tables, and have thus multiple levels of detail. Moreover, processes are broken down into sub-processes and procedures that have a counterpart in the data as well. 

Moreover, within a process there can be multiple perspectives that are usually module or role dependent. A perspective is a role’s orientation to the word for which the data belongs to, and it’s slightly different from what the data professional considers as view, the perspective being a projection over a set of processes within the data, while a view is a projection of the perspectives into the data structure. 

For example, considering the order-to-cash process there are several sub-processes like order fulfillment, invoicing, and payment collection, though there can be several other processes involved like credit management or production and manufacturing. Creating, respectively updating, or canceling an order can be examples of procedures. 

The sales representative, the shop worker and the accountant will have different perspectives projected into the data, focusing on the projection of the data on the modules they work with. Thinking in terms of modules is probably the easiest way to identify the boundaries of the perspectives, though the rules are occasionally more complex than this.

When defining and/or attempting to understand a problem it’s important to understand which perspective needs to be considered. For example, the sales volume can be projected based on Sales orders or on invoiced Sales orders, respectively on the General ledger postings, and the three views can result in different numbers. Moreover, there are partitions within these perspectives based on business rules that determine what to include or exclude from the logic. 

One can define a business rule as a set of conditional logic that constraints some part of the data in the data structures by specifying what is allowed or not, though usually we refer to a special type called selection business rule that determines what data are selected (e.g. open Purchase orders, Products with Inventory, etc.). However, when building the data model we need to consider business rules as well, though we might need to check whether they are enforced as well. 

Moreover, it’s useful to think also in terms of (data) entities and sub-entities, in which the data entity is an abstraction from the physical implementation of database tables. A data entity encapsulates (hides internal details) a business concept and/or perspective into an abstraction (simplified representation) that makes development, integration, and data processing easier. In certain systems like Dynamics 365 is important to think at this level because data entities can simplify data modelling considerably.

Previous Post <<||>> Next Post

Data Management: Master Data Management (Part I: Understanding Integration Challenges) [Answer]

Data Management Series

Answering Piethein Strengholt’s post [1] on Master Data Management’s (MDM) integration challenges, the author of "Data Management at Scale".

Master data can be managed within individual domains though the boundaries must be clearly defined, and some coordination is needed. Attempting to partition the entities based on domains doesn’t always work. The partition needs to be performed at attribute level, though even then might be some exceptions involved (e.g. some Products are only for Finance to use). One can identify then attributes inside of the system to create the boundaries.

MDM is simple if you have the right systems, processes, procedures, roles, and data culture in place. Unfortunately, people make it too complicated – oh, we need a nice shiny system for managing the data before they are entered in ERP or other systems, we need a system for storing and maintaining the metadata, and another system for managing the policies, and the story goes on. The lack of systems is given as reason why people make no progress. Moreover, people will want to integrate the systems, increasing the overall complexity of the ecosystem.

The data should be cleaned in the source systems and assessed against the same. If that's not possible, then you have the wrong system! A set of well-built reports can make data assessment possible. 

The metadata and policies can be maintained in Excel (and stored in SharePoint), SharePoint or a similar system that supports versioning. Also, for other topics can be found pragmatic solutions.

ERP systems allow us to define workflows and enable a master data record to be published only when the information is complete, though there will always be exceptions (e.g., a Purchase Order must be sent today). Such exceptions make people circumvent the MDM systems with all the issues deriving from this.

Adding an MDM system within an architecture tends to increase the complexity of the overall infrastructure and create more bottlenecks. Occasionally, it just replicates the structures existing in the target system(s).

Integrations are supposed to reduce the effort, though in the past 20 years I never saw an integration to work without issues, even in what MDM concerns. One of the main issues is that the solutions just synchronized the data without considering the processual dependencies, and sometimes also the referential dependencies. The time needed for troubleshooting the integrations can easily exceed the time for importing the data manually over an upload mechanism.

To make the integration work the MDM will arrive to duplicate the all the validation available in the target system(s). This can make sense when daily or weekly a considerable volume of master data is created. Native connectors simplify the integrations, especially when it can handle the errors transparently and allow to modify the records manually, though the issues start as soon the target system is extended with more attributes or other structures.

If an organization has an MDM system, then all the master data should come from the MDM. As soon as a bidirectional synchronization is used (and other integrations might require this), Pandora’s box is open. One can define hard rules, though again, there are always exceptions in which manual interference is needed.

Attempting an integration of reference data is not recommended. ERP systems can have hundreds of such entities. Some organizations tend to have a golden system (a copy of production) with all the reference data. It works for some time, until people realize that the solution is expensive and time-consuming.

MDM systems do make sense in certain scenarios, though to get the integrations right can involve a considerable effort and certain assumptions and requirements must be met.

Previous Post <<||>> Next Post

References:
[1] Piethein Strengholt (2023) Understanding Master Data Management’s Integration Challenges (link)

Information Security: Countermeasure (Definitions)

"A control, method, technique, or procedure that is put into place to prevent a threat agent from exploiting a vulnerability. A countermeasure is put into place to mitigate risk. Also called a safeguard or control." (Shon Harris & Fernando Maymi, "CISSP All-in-One Exam Guide" 8th Ed., 2018)

"A defensive mechanism intended to address a class of attack." (O Sami Saydjari, "Engineering Trustworthy Systems: Get Cybersecurity Design Right the First Time", 2018)

"An action, a device, a procedure, or a technique that reduces a threat, a vulnerability, or an attack by eliminating or preventing it, by minimizing the harm it can cause, or by discovering and reporting it so that corrective action can be taken." (William Stallings, "Effective Cybersecurity: A Guide to Using Best Practices and Standards", 2018)

"Countermeasures are steps that can be taken, and systems that can be implemented, to prevent internal and external threats from accessing your data and causing issues." (Michael Coles & Rodney Landrum, , "Expert SQL Server 2008 Encryption", 2008)

"Used to refer to any type of control" (ITIL)

IT: Information Technology Information Library (Definitions)

"A series of documents used to aid the implementation of a framework for IT service management (ITSM). This framework defines how service management is applied in specific organizations. Being a framework, it is completely customizable for an application within any type of business or organization that has a reliance on IT infrastructure." (Tilak Mitra et al, "SOA Governance", 2008)

"A framework and set of standards for IT governance based on best practices." (Judith Hurwitz et al, "Service Oriented Architecture For Dummies" 2nd Ed., 2009)

"A framework of supplier independent best practice management procedures for delivery of high quality IT services." (DAMA International, "The DAMA Dictionary of Data Management", 2011)

"a set of guidelines for developing and managing IT operations and services." (Bill Holtsnider & Brian D Jaffe, "IT Manager's Handbook" 3rd Ed., 2012)

"A framework and set of standards for IT governance based on best practices." (Marcia Kaufman et al, "Big Data For Dummies", 2013)

"A group of books written and released by the United Kingdom’s Office of Government and Commerce (OGC). ITIL documents best practices organizations can implement to provide consistent IT services. The library includes five books." (Darril Gibson, "Effective Help Desk Specialist Skills", 2014)

"A set of process-oriented best practices and guidance originally developed in the United Kingdom to standardize delivery of informational technology service management." (Robert F Smallwood, "Information Governance: Concepts, Strategies, and Best Practices", 2014)

"Best practices for information technology services management processes developed by the United Kingdom’s Office of Government Commerce." (Adam Gordon, "Official (ISC)2 Guide to the CISSP CBK" 4th Ed., 2015)

"The IT Infrastructure Library; a set of best practice publications for IT service management." (by Brian Johnson & Leon-Paul de Rouw, "Collaborative Business Design", 2017)

"The Information Technology Infrastructure Library (ITIL) presents pre-defined processes for IT service management. The fourth edition of ITIL depicts two key elements ITIL Service-Value-System (SVS) and a four dimensions model." (Anna Wiedemann et al, "Transforming Disciplined IT Functions: Guidelines for DevOps Integration", 2021)

"set of best practices guidance" (ITIL)

Governance: Guideline (Definitions)

"An indication or outline of policy or conduct. Adherence to guidelines is recommended but is not mandatory." (Tilak Mitra et al, "SOA Governance", 2008)

"A kind of business rule that is suggested, but not enforced." (David C Hay, "Data Model Patterns: A Metadata Map", 2010)

"An official recommendation or advice that indicates policies, standards, or procedures for how something should be accomplished." (For Dummies, "PMP Certification All-in-One For Dummies, 2nd Ed.", 2013)

"A document that support standards and policies, but is not mandatory." (Weiss, "Auditing IT Infrastructures for Compliance" 2nd Ed., 2015)

"Non-enforced suggestions for increasing functioning and performance." (Mike Harwood, "Internet Security: How to Defend Against Attackers on the Web" 2nd Ed., 2015)

"Recommended actions and operational guides for users, IT staff, operations staff, and others when a specific standard does not apply." (Shon Harris & Fernando Maymi, "CISSP All-in-One Exam Guide" 8th Ed, 2018)

"A description of a particular way of accomplishing something that is less prescriptive than a procedure." (ISTQB)

"A description that clarifies what should be done and how, to achieve the objectives set out in policies"

(ISO/IEC 13335-1:2004)

Strategic Management: Decision-Making (Definitions)

[decision-making:] "The process of making choices in a project team environment. Several types of decision-making are useful in projects: consensus, leader-imposed, delegated, voting, and scoring models." (Timothy J  Kloppenborg et al, "Project Leadership", 2003)

[semistructured decisions:] "Decisions in which only some of the phases are structured; require a combination of standard solution procedures and individual judgment." (Linda Volonino & Efraim Turban, "Information Technology for Management 8th Ed", 2011)

[strategic decision:] "refers to a decision that exhibits the following characteristics: it is made in a situation of uncertainty, of incomplete information, in a complex environment, variable/mutating environment (as opposed to 'all things being otherwise equal'); it is not recurrent, therefore the decision maker is relatively deprived; it may have far-reaching (favorable or adverse) consequences that could jeopardize the survivability of the enterprise; it is systemic (many elements with many relationships among them); the decision maker does not have experience-proven models (we cannot resort to 'turnkey' mechanisms). " (Humbert Lesca & Nicolas Lesca, "Weak Signals for Strategic Intelligence: Anticipation Tool for Managers", 2011)

[strategic decisions:] "Decisions for sustained enterprise success and business growth." (Linda Volonino & Efraim Turban, "Information Technology for Management 8th Ed", 2011)

[tactical decisions:] "Decisions ensuring that existing operations and processes are in alignment with business objectives and strategies." (Linda Volonino & Efraim Turban, "Information Technology for Management 8th Ed", 2011)

[decision-making processes:] "Management processes that define objectives, study alternatives, analyze available data, and reflect on intuitive beliefs. They interpret findings and compare alternates to form a conclusion or make a choice upon which the organization may act." (Carl F Lehmann, "Strategy and Business Process Management", 2012)

[microdecision:] "A small decision made many times by many workers at the front line of the organization. They usually have a significant impact on organizational performance due to their sheer volume." (Evan Stubbs, "Delivering Business Analytics: Practical Guidelines for Best Practice", 2013)

[decision-making:] "How decisions are made, based on what types of resources, information, and specific processes are available." (Jim Davis & Aiman Zeid, "Business Transformation: A Roadmap for Maximizing Organizational Insights", 2014)

[decision-making] "the process of making choices or reaching conclusions, especially on important political or business matters." (Ken Sylvester, "Negotiating in the Leadership Zone", 2015)

[tactical decisions:] "broader decision questions than operational ­decisions, semistructured in nature, some but not all information ­necessary to make the decision is available, primarily internally focused and made by middle-level managers." (Daniel J. Power & Ciara Heavin, "Data-Based Decision Making and Digital Transformation", 2018)

[operating or function-specific decisions:] "day-to-day, routine ­decisions with a concise decision question and a clear, well-defined, and structured algorithm to make a choice among alternatives." (Daniel J. Power & Ciara Heavin, "Data-Based Decision Making and Digital Transformation", 2018)

[strategic decisions:] "complex, nonroutine, unstructured decisions involving many different and connected parts. Some variables may not be well understood, often information required to make the decision may be unavailable, incomplete, and in some situations information may be known to be flawed or inaccurate. These decisions usually involve a high degree of uncertainty about outcomes. If implemented, strategic ­decisions often result in major changes in an organization." (Daniel J. Power & Ciara Heavin, "Data-Based Decision Making and Digital Transformation", 2018)

Strategic Management: Business Continuity Plan (Definitions)

"A plan for ensuring that businesses will be able to recover from the effects of a destructive incident and continue to operate at an acceptable level." (C Warren Axelrod, "Responsibilities and Liabilities with Respect to Catastrophes", 2009)

"An emergency contingency plan that spells out how to recover and restore functions that have been partially or completely interrupted." (Annetta Cortez & Bob Yehling, "The Complete Idiot's Guide® To Risk Management", 2010)

"The advance planning and preparations which are necessary to identify the impact of potential losses, formulate and implement viable recovery strategies, develop recovery plan(s) which ensure continuity of organizational services in the event of an emergency or disaster, and administer a comprehensive training, testing, and maintenance program." (Mark S Merkow & Lakshmikanth Raghavan, "Secure and Resilient Software Development", 2010)

"Plan that outlines the process by which businesses should recover from a major disaster. Also known as a disaster recovery plan." (Linda Volonino & Efraim Turban, "Information Technology for Management" 8th Ed., 2011)

"A methodology used to create a plan for how an organization will resume partially or completely interrupted critical function(s) within a predetermined time after a disaster or disruption. BCP differentiates from disaster recovery in that DR is primarily associated with resources and facilities, while BCP is associated primarily with processes." (Bill Holtsnider & Brian D Jaffe, "IT Manager's Handbook" 3rd Ed., 2012)

"Overall planning lifecycle dedicated to analysis, design, implementation, testing, and maintenance of various elements designed to keep the organization operating even after a significant outage. Business continuity planning is a continuous process." (Darril Gibson, "Effective Help Desk Specialist Skills", 2014)

"This refers to the documented procedures and information that enable the organization and or business unit/third party agent to respond to a disruption, recover, and resume critical business functions." (Sally-Anne Pitt, "Internal Audit Quality", 2014)

"A business continuity action plan is a document or set of documents that contains the critical information a business needs to stay running in spite of adverse events. A business continuity plan is also called an emergency plan." (Adam Gordon, "Official (ISC)2 Guide to the CISSP" CBK 4th Ed., 2015)

"Plans that document the steps to restore business operation after an interruption. BCPs, along with DRPs, enable you to recover from disruptions ranging from small to large." (Weiss, "Auditing IT Infrastructures for Compliance" 2nd Ed., 2015)

"Documented procedures that guide organizations to respond, recover, resume, and restore to a predefined level of operation following disruption." (William Stallings, "Effective Cybersecurity: A Guide to Using Best Practices and Standards", 2018)

"Business continuity plans are made up of documented procedures. Organizations use these procedures to respond to disruptive incidents, to guide recovery efforts, to resume prioritized activities, and to restore operations to acceptable predefined levels. Business continuity plans usually identify the services, activities, and resources needed to ensure that prioritized business activities and functions could continue whenever disruptions occur." (ISO 22301:2012, 2012).

"Plan defining the steps required to restore business processes following a disruption" (ITIL)

"The documentation of a predetermined set of instructions or procedures that describe how an organization’s mission/business processes will be sustained during and after a significant disruption." (CNSSI 4009-2015) 

Strategic Management: Strategic Planning (Definition)

"[…] strategic planning […] is the continuous process of making present entrepreneurial (risk-taking) decisions systematically and with the greatest knowledge of their futurity; organizing systematically the efforts needed to carry out these decisions; and measuring the results of these decisions against the expectations through organized, systematic feedback." (Peter F Drucker, "Management: Tasks, Responsibilities, Practices", 1973)

"The process of determining how a problem or opportunity may be responded to. Involves identifying problems or opportunities, analyzing relevant characteristics of the circumstances, organizing the formal response, deputizing a leader to head the response effort, and supervising the person(s) selected." (Robert McCrie, "Security Operations Management" 2nd Ed., 2006)

"Written record of a strategic plan, usually consisting of an overview, strategy charter, description of the current environment, research findings, tactics, roles and accountabilities, key performance indicators, and recommended next steps." (Teri Lund & Susan Barksdale, "10 Steps to Successful Strategic Planning", 2006)

"The implementation of an organization's objectives. Strategic planning decisions will have long-term impacts on the organization while operational decisions are day-to-day in nature." (Jae K Shim & Joel G Siegel, "Budgeting Basics and Beyond", 2008)

"The selection of short- and long-term objectives and the drawing up of tactical and strategic plans to achieve those objectives. After deciding on a set of strategies to be followed, the organization needs more specific plans, such as locations, methods of financing, and hours of operation. As these plans are made, they will be communicated throughout the organization. When implemented, the plans will serve to coordinate the efforts of all parts of the organization toward the company's objectives." (Jae K Shim & Joel G Siegel, "Budgeting Basics and Beyond", 2008)

"A deliberative, disciplined approach to producing fundamental decisions and actions that shape and guide what an organization (or other entity) is, what it does, and why it does it.” (John M Bryson, 2011)

"A long-range plan that serves as a business’s road map for the future. It includes the product lines and services, the number of employees, technology requirements, industry trends, competitor analysis, revenue and profitability goals, types of customers, and long-range marketing plans." (Gina Abudi & Brandon Toropov, "The Complete Idiot's Guide to Best Practices for Small Business", 2011)

"A series of processes in which an organization selects and arranges its businesses or services to keep the organization viable even when unexpected events distrupt one or more of its business's markets, products, or services." (Linda Volonino & Efraim Turban, "Information Technology for Management" 8th Ed., 2011)

"A high-level document that explains the organization's vision and mission, plus the approach that will be adopted to achieve this mission and vision, including the specific goals and objectives to be achieved during the period covered by the document." (Project Management Institute, "The Standard for Portfolio Management" 3rd Ed., 2012)

"The process by which an organization envisions its future and develops the necessary goals and procedures to achieve that vision." (Joan C Dessinger, "Fundamentals of Performance Improvement" 3rd Ed., 2012)

"A systematic process of envisioning a desired future and translating this vision into broadly defined goals or objectives and a sequence of steps to achieve them." (Robert F Smallwood, "Information Governance: Concepts, Strategies, and Best Practices", 2014)

"The process by which organizations identify a desired outcome, the resources required to support that outcome, and the plan to achieve the outcome. Typically, strategic planning is an important step in identifying the creation of new competitive advantages." (Evan Stubbs, "Big Data, Big Innovation", 2014)

"A process of selecting from alternative courses of action, matching that with the available resources, and combining these in a way that will most effectively achieve the objective; Intended action toward an organizational goal or objective." (Ken Sylvester, "Negotiating in the Leadership Zone", 2015)

"A formalised step-by-step set of procedures for coordinating the strategy process." (Duncan Angwin & Stephen Cummings, "The Strategy Pathfinder" 3rd Ed., 2017)

"A document used to communicate with the organization the organization’s goals, the actions needed to achieve those goals, and all the other critical elements developed during the planning exercise." (William Stallings, "Effective Cybersecurity: A Guide to Using Best Practices and Standards", 2018)

Strategic Management: Risk Management (Definitions)

"An organized, analytic process to identify what might cause harm or loss (identify risks); to assess and quantify the identified risks; and to develop and, if needed, implement an appropriate approach to prevent or handle causes of risk that could result in significant harm or loss." (Sandy Shrum et al, "CMMI: Guidelines for Process Integration and Product Improvement", 2003)

"The organized, analytic process to identify future events (risks) that might cause harm or loss, assess and quantify the identified risks, and decide if, how, and when to prevent or reduce the risk. Also includes the implementation of mitigation actions at the appropriate times." (Richard D Stutzke, "Estimating Software-Intensive Systems: Projects, Products, and Processes", 2005)

"Identifying a situation or problem that may put specific plans or outcomes in jeopardy, and then organizing actions to mitigate it." (Teri Lund & Susan Barksdale, "10 Steps to Successful Strategic Planning", 2006)

"The process of identifying hazards of property insured; the casualty contemplated in a specific contract of insurance; the degree of hazard; a specific contingency or peril. Generally not the same as security management, but may be related in concerns and activities. Work is done by a risk manager." (Robert McCrie, "Security Operations Management" 2nd Ed., 2006)

"Systematic application of procedures and practices to the tasks of identifying, analyzing, prioritizing, and controlling risk." (Tilo Linz et al, "Software Testing Practice: Test Management", 2007)

"Risk management is a continuous process to be performed throughout the entire life of a project, and an important part of project management activities. The objective of risk management is to identify and prevent risks, to reduce their probability of occurrence, or to mitigate the effects in case of risk occurrence." (Lars Dittmann et al, "Automotive SPICE in Practice", 2008)

"A structured process for managing risk." (David G Hill, "Data Protection: Governance, Risk Management, and Compliance", 2009)

"The process organizations employ to reduce different types of risks. A company manages risk to avoid losing money, protect against breaking government or regulatory body rules, or even assure that adverse weather does not interrupt the supply chain." (Tony Fisher, "The Data Asset", 2009)

"Systematic application of procedures and practices to the tasks of identifying, analyzing, prioritizing, and controlling risk." (IQBBA, "Standard glossary of terms used in Software Engineering", 2011)

"The process of identifying what can go wrong, determining how to respond to risks should they occur, monitoring a project for risks that do occur, and taking steps to respond to the events that do occur." (Bonnie Biafore, "Successful Project Management: Applying Best Practices and Real-World Techniques with Microsoft® Project", 2011)

"Risk management is using managerial resources to integrate risk identification, risk assessment, risk prioritization, development of risk-handling strategies, and mitigation of risk to acceptable levels (ASQ)." (Laura Sebastian-Coleman, "Measuring Data Quality for Ongoing Improvement ", 2012)

"The process of identifying negative and positive risks to a project, analyzing the likelihood and impact of those risks, planning responses to higher priority risks, and tracking risks." (Bonnie Biafore & Teresa Stover, "Your Project Management Coach: Best Practices for Managing Projects in the Real World", 2012)

"A policy of determining the greatest potential failure associated with a project." (James Robertson et al, "Complete Systems Analysis: The Workbook, the Textbook, the Answers", 2013)

"Controlling vulnerabilities, threats, likelihood, loss, or impact with the use of security measures. See also risk, threat, and vulnerability." (Mark Rhodes-Ousley, "Information Security: The Complete Reference, Second Edition" 2nd Ed., 2013)

"A process to identify, assess, manage, and control potential events or situations to provide reasonable assurance regarding the achievement of the organization's objectives." (Sally-Anne Pitt, "Internal Audit Quality", 2014)

"Managing the financial impacts of unusual events." (Manish Agrawal, "Information Security and IT Risk Management", 2014)

"Systematic application of policies, procedures, methods and practices to the tasks of identifying, analysing, evaluating, treating and monitoring risk." (Chartered Institute of Building, "Code of Practice for Project Management for Construction and Development, 5th Ed.", 2014)

"The coordinated activities to direct and control an organisation with regard to risk." (David Sutton, "Information Risk Management: A practitioner’s guide", 2014)

"The process of reducing risk to an acceptable level by implementing security controls. Organizations implement risk management programs to identify risks and methods to reduce it. The risk that remains after risk has been mitigated to an acceptable level is residual risk." (Darril Gibson, "Effective Help Desk Specialist Skills", 2014)

"Risk management is a structured approach to monitoring, meas­uring, and managing exposures to reduce the potential impact of an uncertain happening." (Christopher Donohue et al, "Foundations of Financial Risk: An Overview of Financial Risk and Risk-based Financial Regulation, 2nd Ed", 2015)

"Systematic application of procedures and practices to the tasks of identifying, analyzing, prioritizing, and controlling risk. " (ISTQB, "Standard Glossary", 2015)

"The practice of identifying, assessing, controlling, and mitigating risks. Techniques to manage risk include avoiding, transferring, mitigating, and accepting the risk." (Weiss, "Auditing IT Infrastructures for Compliance, 2nd Ed", 2015)

"The discipline and methods used to quantify, track, and reduce where possible various types of defined risk." (Gregory Lampshire, "The Data and Analytics Playbook", 2016)

"The process of identifying individual risks, understanding and analyzing them, and then managing them." (Paul H Barshop, "Capital Projects", 2016)

"Coordinated activities to direct and control an organization with regard to risk." (William Stallings, "Effective Cybersecurity: A Guide to Using Best Practices and Standards", 2018)

"Process of identifying and monitoring business risks in a manner that offers a risk/return relationship that is acceptable to an entity's operating philosophy." (Tom Klammer, "Statement of Cash Flows: Preparation, Presentation, and Use", 2018)

"Coordinated activities to direct and control an organisation with regard to risk." (ISO Guide 73:2009)

"Risk management is the identification, assessment and prioritisation of risks [...] followed by coordinated and economical application of resources to minimise, monitor and control the probability and/or impact of unfortunate events or to maximise the realisation of opportunities." (David Sutton, "Information Risk Management: A practitioner’s guide", 2014)

Business Intelligence: Metric (Definitions)

"(1) The degree to which a product, process, or project possesses some attribute of interest. (2) A measured quantity (such as size, effort, duration, or quality). (3) The distance between two points in a vector space." (Richard D Stutzke, "Estimating Software-Intensive Systems: Projects, Products, and Processes", 2005)

"A summarizable numerical value used to monitor business activity; it is also known as a fact." (Reed Jacobsen & Stacia Misner, "Microsoft SQL Server 2005 Analysis Services Step by Step", 2006)

"A metric is a measurement. When a plan is put into place, a way to measure the outcome is needed. When a market share forecast is created and the outcomes are measured at a future date, the planned metric is compared with the actual metric to determine the degree to which the metric was met. From this data, strategies can be revised and tactical options can be reconsidered." (Steven Haines, "The Product Manager's Desk Reference", 2008)

"A numerical value describing a procedure, process, product attribute, or goal. A distinction is made between basic metrics (that can be measured directly) and derived metrics which result from mathematical operations using basic metrics." (Lars Dittmann et al, "Automotive SPICE in Practice", 2008)

"a measurement of some parameter, usually used in the assessment of a technology, approach, or design." (Bruce P Douglass, "Real-Time Agility: The Harmony/ESW Method for Real-Time and Embedded Systems Development", 2009)

"A metric is a standard unit of measure, such as meter or mile for length, or gram or ton for weight, or, more generally, part of a system of parameters, or systems of measurement, or a set of ways of quantitatively and periodically measuring, assessing, controlling, or selecting a person, process, event, or institution, along with the procedures to carry out measurements and the procedures for the interpretation of the assessment in the light of previous or comparable assessments." (Mark S Merkow & Lakshmikanth Raghavan, "Secure and Resilient Software Development", 2010)

"Groupings of data, or numbers, that reflect specific measures or subjects." (Annetta Cortez & Bob Yehling, "The Complete Idiot's Guide To Risk Management", 2010)

"a calculated value based on measurements used to monitor and control a process or business activity. Most metrics are ratios comparing one measurement to another." (DAMA International, "The DAMA Dictionary of Data Management", 2011)

"A specific, measurable standard against which actual performance is compared." (Linda Volonino & Efraim Turban, "Information Technology for Management" 8th Ed., 2011) 

"Generally, a unit of measure selected used to monitor and control a process." (DAMA International, "The DAMA Dictionary of Data Management", 2011)

"In a data warehouse, numeric facts that measure a business characteristic of interest to the end user." (Carlos Coronel et al, "Database Systems: Design, Implementation, and Management" 9th Ed., 2011)

"Measurement of a particular characteristic of a task (for example, duration, effort, quality, cost, value delivered, or customer satisfaction)." (Charles Cooper & Ann Rockley, "Managing Enterprise Content: A Unified Content Strategy" 2nd Ed., 2012)

"1. A value from measuring a certain program or component attribute. Finding metrics is a task for static analysis. 2. A measurement scale and the method used for measurement." (Tilo Linz et al, "Software Testing Foundations" 4th Ed., 2014)

"A method of measuring something. It provides quantifiable data used to gauge the effectiveness of a process; metrics are commonly used to measure the effectiveness of a help desk." (Darril Gibson, "Effective Help Desk Specialist Skills", 2014)

"A value that you use to study some aspect of a project. A metric can be an attribute (such as the number of bugs) or a calculated value (such as the number of bugs per line of code)." (Rod Stephens, "Beginning Software Engineering", 2015)

"A measurement used to support the monitoring of a key performance indicator (KPI). A metric can have targets and can be used as a service level." (by Brian Johnson & Leon-Paul de Rouw, "Collaborative Business Design", 2017)

"Facts and figures representing the effectiveness of business processes that organizations track and monitor to assess the state of the company." (Jonathan Ferrar et al, "The Power of People: Learn How Successful Organizations Use Workforce Analytics To Improve Business Performance", 2017)

"A metric is the measurement of a particular characteristic of a company’s performance or efficiency. Metrics are the variables whose measured values are tied to the performance of the organization. They are also known as the performance metrics because they are performance indicators." (Amar Sahay, "Business Analytics" Vol. I, 2018)

"A measurable quantity that indicates progress toward some goal." (O Sami Saydjari, "Engineering Trustworthy Systems: Get Cybersecurity Design Right the First Time", 2018)

"Any number (often one calculated using two or more input numbers) used to evaluate some part of an organization's performance." (Marci S. Thomas & Kim Strom-Gottfried, "Best of Boards" 2nd Ed., 2018)

"Metrics are agreed-upon measures used to evaluate how well the organization is progressing toward the Portfolio, Large Solution, Program, and Team’s business and technical objectives." (Dean Leffingwell, "SAFe 4.5 Reference Guide: Scaled Agile Framework for Lean Enterprises" 2nd Ed., 2018)

"In a machine learning context, a metric is a measure of how good or bad a particular model is at its task. In a software context, a metric is a measure defined for an application, program, or function." (Alex Thomas, "Natural Language Processing with Spark NLP", 2020)

"A business calculation defined by an expression built with functions, facts, attributes, or other metrics." (Microstrategy)

"A measurement scale and the method used for measurement" (ISO 14598)

"Quantifiable measures used to track, monitor, and gauge the results and success of various business processes. Metrics are meant to communicate a company’s progression toward certain long and short term objectives. This often requires the input of key stakeholders in the business as to which metrics matter to them." (Insight Software)

"Tools designed to facilitate decision making and improve performance and accountability through collection, analysis, and reporting of relevant performance-related data." (NIST SP 800-55)

Process Management: Process model (Definitions)

"A formal, detailed description of a process that covers policies, activities, work products, roles, and responsibilities. Typically contains standards and procedures and identifies methods and tools as well. Contrast with process architecture." (Richard D Stutzke, "Estimating Software-Intensive Systems: Projects, Products, and Processes", 2005)

"A formal description of a business process. The definition is performed via a process definition language (PDL), which in most cases is WfMS-dependent." (C Combi & G Pozzi, "Workflow Management Systems for Healthcare Processes", 2008)

"Any description of a process (not necessarily formal), that shows a series of steps aimed at accomplishing some goal." (Harry S Delugach, "Formal Analysis of Workflows in Software Development", 2009)

"A means of representing the interrelated processes of a system at any level of detail with a graphic network of symbols, showing data flows, data stores, data processes, and data sources/destinations. Process modeling techniques are used to represent processes graphically for clearer understanding, communication, and refinement." (Anthony D Giordano, "Data Integration Blueprint and Modeling", 2010)

"Processes models (PM) are processes of the same nature that are classified together into a model. It involves the description and/or prescription of processes by the instantiation of levels to define process procedures and fuzzes." (Oluwole A Olatunji & William D Sher, "The Applications of Building Information Modelling in Facilities Management", 2010)

"(1) A framework wherein processes of the same nature are classified into an overall model, e.g. a test improvement model. (2) A method-independent process description of development processes." (IQBBA, "Standard glossary of terms used in Software Engineering", 2011)

"A model of the functions, activities, and procedures performed in any organization. A business process model may consist of: 1.A context diagram showing the relationship of the overall process to those outside the model’s scope, along with the inputs to and outputs from the overall process, 2.One or more functional decomposition diagram showing how the overall process is made up of contributing processes at lower levels (a “vertical view”), 3.One or more process flow diagrams showing how the outputs of one process serve as the inputs to other process (a “horizontal view”). The process flow may be cross-functional or within a single function, 4.One or more business process model diagrams, each depicting the inputs, outputs, start and end events, component activities, roles, and metrics of a single process, 5.The business definition of each process, and 6.The value chain analysis of the process, identifying relationships to data, organizations, roles, and systems." (DAMA International, "The DAMA Dictionary of Data Management", 2011)

"A detailed workflow diagram that expands upon a process map by including detailed descriptions of subprocesses, activities, and tasks including all input, output, decisions, and exceptions, as well as measurements of the resources consumed (such as time, FTEs, material, capital, systems, etc.) during the execution of the process. Supports analysis via drill-down examination and can provide the metrics necessary for use by software capable of process simulation and what-if scenario testing of alternative variables." (Carl F Lehmann, "Strategy and Business Process Management", 2012)

[Process Modeling and Analysis:] "The tools and techniques used to (1) map a workflow diagram illustrating the activities and tasks associated with a business process; (2) add complete detail necessary to identify and measure all the resources consumed during the execution of the processes; (3) measure performance outcomes; (4) simulate changes to activities, tasks, sequences, resources, assumptions, and so on using what-if scenarios to test and recalculate performance outcomes; (5) conclude the best combination of adjustments or changes necessary to optimize performance outcome of the process." (Carl F Lehmann, "Strategy and Business Process Management", 2012)

"A model showing the processes carried out by a system and the data interfaces between those processes; same as a data flow model." (James Robertson et al, "Complete Systems Analysis: The Workbook, the Textbook, the Answers", 2013)

Process Management: Procedures

"A written description of actions to be taken to perform a given task. Usually expressed as a sequence of steps." (Richard D Stutzke, "Estimating Software-Intensive Systems: Projects, Products, and Processes", 2005)

"A method, process, or particular way that is established by an organization as the correct way of accomplishing a desired result. Adherence may be mandatory or optional, depending on the degree of impact or risk." (Tilak Mitra et al, "SOA Governance", 2008)

"A written description of a course of action to be taken in performing a task or workforce practice." (Sally A Miller et al, "People CMM: A Framework for Human Capital Management" 2nd Ed., 2009)

"1.Generally, a series of low-level steps or tasks in a process followed in a defined and repeatable order. 2.In data management, a set of instructions for human users of computer systems that augment the automated work flow." (DAMA International, "The DAMA Dictionary of Data Management", 2011)

"A formal document that specifies the step-by-step instructions to perform tasks in accordance with security policies and standards." (Mark Rhodes-Ousley, "Information Security: The Complete Reference" 2nd Ed., 2013)

"An established method of accomplishing a consistent performance or result, a procedure typically can be described as the sequence of steps that will be used to execute a process." (For Dummies, "PMP Certification All-in-One For Dummies, 2nd Ed.", 2013)

"A document that provides step-by-step instructions for how standards and guidelines are put into practice." (Weiss, "Auditing IT Infrastructures for Compliance" 2nd Ed., 2015)

"A series of steps followed in a regular, definitive order to accomplish something." (Project Management Institute, "Practice Standard for Scheduling" 3rd Ed., 2019)

"Document containing steps that specify how to perform an activity" (ITIL)

Quality Management: Total Quality Management (Definitions)

"A concept that focuses on managing the total organization to deliver quality to customers. Four significant elements of TQM are employee involvement, focus on the customer, benchmarking, and continuous improvement." (Timothy J  Kloppenborg et al, "Project Leadership", 2003)

"A management concept (and associated tools) that involves the entire workforce in focusing on customer satisfaction and continuous improvement." (Martin J Eppler, "Managing Information Quality" 2nd Ed., 2006)

"A management strategy aimed at embedding awareness of quality in all organizational processes." (Linda Volonino & Efraim Turban, "Information Technology for Management" 8th Ed., 2011)

"Procedures and policies aimed at organization-wide continuous improvement." (Leslie G Eldenburg & Susan K Wolcott, "Cost Management 2nd Ed", 2011)

"Techniques, methods and management principles for continuous improvement, based on the work of Deming, Juran, Crosby and others." (DAMA International, "The DAMA Dictionary of Data Management", 2011)

"A management philosophy based on the premise that the quality of products and processes can be continuously improved." (Bonnie Biafore & Teresa Stover, "Your Project Management Coach: Best Practices for Managing Projects in the Real World", 2012)

"A philosophy and a set of principles that set the stage for a continuously improving organization." (Joan C Dessinger, "Fundamentals of Performance Improvement" 3rd Ed., 2012)

"A management philosophy from the 1940s and 1950s, consisting of various strategies to ensure quality products and services." (Sally-Anne Pitt, "Internal Audit Quality", 2014)

"A comprehensive approach to the management of quality from the production environment that proves that the costs of preventive quality management exceed the total costs for all reactive measures in the management of quality. This applies to material, as well as immaterial, goods like data." (Boris Otto & Hubert Österle, "Corporate Data Quality", 2015)

"A holistic approach to long-term success that views continuous improvement in all aspects of an organization as a process and not as a short-term goal." (Kijpokin Kasemsap, "Applying Lean Production and Six Sigma in Global Operations", 2016)

"A systematic, organization-wide approach to quality that stresses continually improving all processes that deliver products and services, with the major outcome of 'delighting' the customer." (Atila Ertas, "Transdisciplinary Engineering Design Process", 2018)

"An organization-wide management approach centered on quality, based on the participation of all members of the organization and aiming at long-term success through customer satisfaction, and benefits to all members of the organization and to society. Total Quality Management consists of planning, organizing, directing, control, and assurance. (ISO 8402)

SQL Server: Procedure Cache (Definitions)

"An area of SQL Server memory used to hold trees and query plans that have recently been used or are currently in use by SQL Server." (Owen Williams, "MCSE TestPrep: SQL Server 6.5 Design and Implementation", 1998)

"A temporary storage location for the current, executing version of a specific stored procedure." (Microsoft Corporation, "SQL Server 7.0 System Administration Training Kit", 1999)

"The part of the SQL Server memory pool that is used to store execution plans for Transact-SQL batches, stored procedures, and triggers." (Anthony Sequeira & Brian Alderman, "The SQL Server 2000 Book", 2003)

"A shared, reserved memory area that stores the most recently executed SQL statements or PL/SQL procedures (including triggers and functions). Also called SQL cache." (Carlos Coronel et al, "Database Systems: Design, Implementation, and Management" 9th Ed., 2011)

"The part of the SQL Server memory pool that is used to store execution plans for Transact-SQL batches, stored procedures, and triggers." (Microsoft, "SQL Server 2012 Glossary", 2012)

Software Quality Assurance: Black-Box Testing (Definitions)

"A specification-based test that looks at a system or unit exclusively from the outside, that is, over its public interface." (Johannes Link & Peter Fröhlich, "Unit Testing in Java", 2003)

"This test compares the externally observable behavior at the external software interfaces (without knowledge of their structure) with the desired behavior. Black-Box tests are frequently equated with »functional tests«, although they can of course also include non-functional tests." (Lars Dittmann et al, "Automotive SPICE in Practice", 2008)

"Repeatable procedure to derive and/or select test cases based on an analysis of the specification, either functional or nonfunctional, of a component or system without reference to its internal structure." (Tilo Linz et al, "Software Testing Foundations" 4th Ed., 2014)

"A software testing methodology that looks at available inputs for an application and the expected outputs from each input." (Mike Harwood, "Internet Security: How to Defend Against Attackers on the Web" 2nd Ed., 2015)

[Data coverage (black-box) testing:] "Testing a program or subprogram based on the possible input values, treating the code as a black box" (Nell Dale & John Lewis, "Computer Science Illuminated" 6th Ed., 2015)

[black-box test design technique:] "Procedure to derive and/or select test cases based on an analysis of the specification, either functional or non-functional, of a component or system without reference to its internal structure." (Software Quality Assurance)

"Testing, either functional or non-functional, without reference to the internal structure of the component or system." (Software Quality Assurance)

Software Quality Assurance: White-Box Test/Testing (Definitions)

"An implementation-based test, in contrast to a specification-based test" (Johannes Link & Peter Fröhlich, "Unit Testing in Java", 2003)

"This test is derived knowing the inner structure of the software and based on the program code, design, interface descriptions, and so on. White-box tests are also called 'structure based tests'." (Lars Dittmann et al, "Automotive SPICE in Practice", 2008)

"Any technique used to derive and/or select test cases based on an analysis of the internal structure of the test object." (Tilo Linz et al, "Software Testing Foundations" 4th Ed., 2014)

"This kind of testing requires you to look at the code and see how it works, so you can test individual blocks and choices within the code." (Matt Telles, "Beginning Programming", 2014)

"White box test design technique in which the test cases are designed using the internal structure of the test object. Completeness of such a test is judged using coverage of structural elements (for example, branches, paths, data). General term for control- or data-flow-based test." (Tilo Linz et al, "Software Testing Foundations", 4th Ed., 2014)

"A software testing methodology that examines the code of an application. This contrasts with black box testing, which focuses only on inputs and outputs of an application." (Mike Harwood, "Internet Security: How to Defend Against Attackers on the Web" 2nd Ed., 2015)

"A test designed by someone who knows how the code works internally. That person can guess where problems may lie and create tests specifically to look for those problems." (Rod Stephens, "Beginning Software Engineering", 2015)

"Procedure to derive and select test cases based on an analysis of the internal structure of a component or system." (Standard Glossary, "ISTQB", 2015)

"Testing based on an analysis of the internal structure of the component or system. " (Standard Glossary, "ISTQB", 2015)