As I became responsible for technical design documents, I learnt that the most important aspect wasn't the configuration or operational aspects but the decisions that were made. Decisions capture the intent or required outcome more completely than the technical details and enable the design to be peer-reviewed by team members who are not subject matter experts.
The design document remains a valuable artefact as the technology matures or changes as it allows for the design decisions to be reassessed. This will dramatically reduce the time taken to adopt the new technology by avoiding the 'Why did we do it that way?' question which can sometimes result in a less than cost-effective rip out and replace. I still work with technical teams and work through the challenges of documentation and developing the understanding of its value but, I also experience this in other areas of Information Technology too.
Whilst not unique to New Zealand, Data Sovereignty is a topic which I suspect receives more air time here than in other countries because of our location on this earth and other much more debatable reasons. I am regularly informed that Data Sovereignty is an 'issue' and 'it's important that our technology services are hosted in New Zealand'. I will often ask 'Why?' or 'How did you reach that decision?'
I do not disagree with the decision but I believe it is one that could have very real financial and competitive consequences for an organisation and should, therefore, be a robust decision. In these circumstances, I provide a documented decision written on behalf of the IT Steering Group or relevant governance group, and I simply ask for that to be tabled.
This happens often enough that I thought it would be useful to share this text in the hope that it proves helpful to someone, or comments help improve my advice.
The IT Steering Group has reviewed the issue of Data Sovereignty for information stored and processed within our Information Technology systems.
Advancements in both technology and commercial terms have enabled businesses across the globe to leverage technology and scale previously only available to the largest enterprises. As technology has commoditised it is moving away from the organisation and being made available from service providers on a consumption basis in much the same way as electricity. These advancements are commonly referred to as Cloud or increasingly ‘as a Service’.
Due to the political and sensitive nature of the Information contained within our Information Technology systems, the Steering Group recommends that all information should be stored and processed within the natural borders of New Zealand.
The Steering Group also recommends that we begin classification of our data to determine if the organisation can begin to leverage global services to reduce operational cost and increase business agility whilst maintaining the integrity and accessibility of our Information.
This provides a huge opportunity for organisations such as ours but also comes with risk. To take advantage of global scale often means that information is stored and processed beyond the natural borders of New Zealand.
The intention is to highlight the options that are being discounted by this decision, and an action the organisation can take to increase its options in the future. I hope that it also allows decision makers outside of Information Technology to consider the impact a blanket Data Sovereignty decision could have.