SAP BI, transparency and confidentiality

by Arwold Koelewijn on September 23, 2011

Business Intelligence transforms data into information that can be used to monitor the performance of a company and the smaller entities within. There is a balance needed in the amount of transparency offered, versus the privacy and confidentiality of information.

For the individual entities, it can be useful to benchmark against other entities. For example, how does sales office X manages to sell a higher volume of product Z compared to sales office Y. Similar to this, how does the staffing compares from sales office X to sales office Y, and what is the average bonus given per FTE. Sharing the information on sales volumes and staffing will trigger a sharing of knowledge between the offices. This means that individual entities will improve and the company as a whole will have a better result.

When looking at transparency with this in mind, it sounds logical to have as much transparency as possible. However, for privacy reasons (i.e. salary information, detailed customer information) it is necessary to have some restrictions on the data as well.
Also along the lines of information areas it is common to have restrictions. This is mainly for operational BI, where the information is supporting the role in the company of the user. For management reporting though it makes sense to share information over the information areas in order to look at the information from all available angles.

A good approach for transparency and confidentiality in an SAP BI environment for management reporting is:
• Transparency: all users get access to general, reliable and insightful information. General means for all the available information areas, to the level of a certain organizational unit (for example the 3rd level organization in the hierarchy company – business units – departments );
• Confidential: detail and transactional data only for users with the corresponding jurisdiction (according to organization mandate and function relevancy) .

A prerequisite for this approach is that it must be possible to map the hierarchy that relates to organization for the relevant information areas.
Technically this approach results in implementing:
• General reports: these contain only characteristics and key figures that assure a high allowed aggregation level;
• Detail reports: these contain in addition characteristics and/or key-figures that make it possible to go into detail. These reports are restricted on organizational unit;
• General reports with sensitive information: in some cases it is possible to determine individuals with characteristics that should be general available. For example in an employee report the nationality of employees can be seen as general information, but if there is an employee from an exotic country, it can be easy to identify this person. Therefore functionality to suppress the results when the selections is too small needs to be built in general reports with sensitive information.

In conclusion: be transparent as much as possible and keep it confidential where needed.

Previous post:

Next post: