At a glance
From data to information
What is data, at its simplest? It is a record of a fact about a thing, event or person that, when used in context, can tell us something about that thing, that event or that person.
The fundamental accounting definition of an asset is something that – on its own, or when combined with another asset – can be used to generate net cash inflows or deliver services. That is also data.
Data becomes information when you have context around it that enables you to understand and apply it.
Everywhere, all at once
Every business is involved in data collection or data storage. Everyone focuses on the big tech – they have lots of data. But if you have customers and a loyalty card scheme, or if you are generating invoices or have invoices coming in, that is all data.
Data quality risks
You have quality risks – is the data accurate? Is it up-to-date? Is it complete? I worked with one business where one of their key challenges – going into the pandemic – was that their accounting firm wasn’t updating their internal management accounts on a frequent enough basis.
The business was doing the financial accounting side of things reasonably well, but they didn’t have a real, bottom line, accurate understanding of where they were month-on-month or quarter-on-quarter. There was a hole in their bucket, and they needed to fix it while dealing with lockdown.
That risk is about data completeness, consistency and timeliness – all measurable characteristics of quality.
If you are mishandling data, it can affect the trust that customers, staff or suppliers have in your business. This even includes things like spelling customers’ names right or applying marketing suppressions correctly, so you do not send emails to customers who do not want them.
Matters of security
If you experience a ransomware attack and suddenly cannot do business, you become painfully aware of the importance of data.
The risk is that there are malicious actors outside your organisation trying to leverage your asset, trying to steal it the same way that malicious actors outside your organisation might to try to get in to steal physical assets.
There are also accidental or malicious actions that staff might take in your organisation – for instance, a good-natured, well-meaning member of your staff accidentally sends a customer list to one of your competitors. This is a valuable asset in the hands of a competitor.
Cost considerations
Sixty-nine per cent of security is happening inside the organisation, with people accidentally doing things or not thinking about what they are doing with data. When we look at statistics on data quality, it costs 10-35 per cent of turnover in the average organisation, because, if you have to correct incorrect data, you are paying for that data two or three times.
For more information on cyber security, visit CPA Australia's dedicated cyber hub.
