Rådighet is a Swedish word without a direct translation to English, like smorgasbord or ombudsman.

Rådighet is the ability to maintain control and act independently when the system is no longer there to help you.

If something is critical for our society, then we need rådighet.

This is what Platinum is about. Designing whole systems that continue to work even when dependencies fail, in energy, healthcare, or defense.

Normally, when we talk about maturity, it goes up to level five — where IT systems are designed to adapt within themselves.

Rådighet starts where those models stop.

It is about managing the situation when the system breaks. A maturity level where business continuity is part of the design of the entire system.Platinum.This is something we already have in industries like nuclear power and aviation, and what we need when designing society‑critical systems.

From Rock to Platinum, where do your systems fit?

Rock — no control, only visible blocks

Ore — beginning to structure for control

Bronze, Silver, Gold — classic levels of maturity

Platinum — rådighet

I live in Skåne, in the south of Sweden.We need electricity even when it is cloudy and there is no wind. We need electricity without dependencies on external factors we cannot control.

This is rådighet in practice.

What would happen if someone pushed the switch?

The answer for my film production lies some where between I don't know, to not good at all.

The back of a napkin evaluation pf main cloud platforms is at least a start.

Microsoft Offce 365 down means no e-mail, caledrar and no Teams & Sharepoint or Copilot. Everything that is Azure goes into this big bucket.

Yamdu, our ERP is hosted i Germany by a german company. If not available, we don't know when, where, with whom and with what we would film next time.

Shared storage in cloud for media edit in FCP or other programs would be affected as well as version control. ProTools license validation in cloud. However, all media stored locally.

Sales, Finace and HR is in Visma, really, I don't know which platforms the use.

On-line banking and reporting tax authorities relies on digital access control.

Public home pages are on SquareSpace. DNS outside US for primary domain and in Sweden for secondary domain.

Next step to assess risks and mitigate them where consequences are high.

If you want to measure , think big, startIf you want to measure, think big, start small. Avoid large complex tools, instead use Excel and some simple scripts.

Think big

For information governance, you both need to understand your process performance and the quality of the data,

This is why I have a defined two types of KPI's related to either process or data quality. An extra benefit is that I can have all KPI’s in one place.

Using DAMA and APQC (Broadcasting) as best practices, I try to find out a few valuable KPI's that are relevant for us to measure.

• Is information about customers, e.g. organizations updated regularly?

• Are projects initiated in Finance, updated into CRM, ERP (Yamdu) and all other platforms?

• Do we have duplicate individuals, crew and cast, in our ERP?

• How many businesses terms are approved per business capability?

Initially, I define a dozen of KPI's, and related them to either information objects or governance processes, except one that I took from APQC, (% of workforce working remote). If this goes to low, then we are not following our strategy.

Start small when you start to measure you KPI. Just very few.

What do we really mean with information quality? How is it relevant for your own organization?

I will explain my thinking of how to manage information quality, using my film production as example.

My standard approach is to look for best practices and DAMA is my goto reference for information governance.

Their framework describes six core categories for data quality and it is a good start.

• Accuracy

• Completeness

• Consistency

• Timeliness

• Validity

• Uniqueness

The caveat is that DAMA as a framework is generic and it is not enough for film production.

Hollywood have stringent rules for security after the Sony hack a couple of years ago. Personal information is very sensitive, especially for A-level actors. Sustainably is a must for receiving grants today and must be managed as quality. This is why I need to add more dimensions.

• Confidentiality

• Availability

• Accessibility

• Privacy

• Sustainability

What i do is combining classic governance with security policies and other important policies to support my business model. Thus, adapting DAMA to the real world.

The next question is what are the most important areas to start with for me?

• I would say availability, as film production runs on tight schedules and you must be able to shoot on time. Live broadcast is the prime example,

• Confidentiality is really important, information is not allowed to leak.

• Privacy would be the third, as we manage sensitive information. Something that makes the implementation of policies even cumbersome.

Say that we have a A-level actor in our production, his or her information would be even more sensitive then other cast.

At some stage in time, information goes from confidential to public, e.g. when you release the film, actors name will be known.

This means that data quality must be context aware, mange life cycle and we need business rules to manage both of them.

Your primary task will be to find out what type of data quality that matters for your business and the rules for them.

Why is it a bad idea to go directly from business terms to data entities in our IT-systems?

First of all, you make your model extremely dependent upon your existing application, making transformations much harder.

If you need integrations to other applications, or external parties, then you have a problem as their terms differ.

Business terms lack normalization, which result in inconsistency in the stored data.

Input and output in processes are often described as information entities. Not the actual tables in your IT-system.

Finally, the business people will have a hard time to learn how things are implemented in the applications.

This is why you need a conceptual layer, where you have information objects or information entities supporting the business, without relying on the implementation in IT or as manual tasks.

Lets start with a basic example.

A company have suppliers and customers. The old way is to treat them as separate entities. What if the same organization is both supplier and customer?

Another classic example is when you have organizations as customers, but end customers are individuals and you need to manage them.

Five different businesses terms, that could be described as party with one ore more party role.

An information object realizes one or more business terms. A term belongs to business capability, so you can link sn information object indirectly to a capability.

The special case where we have the same business term, but different meanings like an account is something we need to manage.

For the sales organization it's a customer account and for the accounting department it is a financial account. This is when we have to introduce specialisation into our information model, e.g. customer account or a financial account.

The information objects / information entities is also where we start to talk about data quality. A topic for next article.