What is a Spatial Data Audit?
A spatial data audit is a method by which a company assesses its spatial data value and distribution chain. It involves a review of spatial data vendors, customers and internal policies and procedures. For example, a spatial data audit can be used to:
- ensure that any spatial data obtained from a third party vendor have been collected in compliance with contractual obligations (for example, with respect to data quality and ownership) and in accordance with relevant laws and regulations
- determine how spatial data are used internally (for example, what other sources of data are they used with or is the quality control sufficient for existing applications) and whether the data are stored in a secure manner (for example, which employees have access)
- monitor customers compliance with licensing terms (such as royalty reporting and payments and protection of intellectual property rights) and applicable law, and verify that the spatial data are being used, marketed, licensed and distributed solely for the purposes for which they are intended
Data audits are not unique. In fact, they are common in industries such as financial services and health care. They are often used to develop internal information management policies, to monitor compliance with licensing terms and to ensure applicable laws and regulations are being followed. In fact, they are also becoming more common with spatial technology companies. For example, the Ordnance Survey (UK) recommends a data audit for positional data accuracy. Similarly, NAVTEQ has a Licensing Governance Group to monitor customers compliance with both financial and non-financial terms of its licensing agreements.
Important Factors to Consider
The type and extent of a spatial data audit can vary depending upon a number of factors. These factors include (i) the types and sources of the spatial data and whether the data originate from within the company or from third party suppliers; (ii) where the company fits into the spatial data value and distribution chain (i.e. collects, uses, aggregates, value-adds or distributes the spatial data); (iii) whether the eventual end user of the spatial data is a government entity, a business or a consumer; and (iv) the size and level of sophistication of the company being audited.
A spatial data audit can take many forms based upon the factors described above. It might, for example, consist of a rapid assessment of a companys spatial data to determine if there is even an issue based upon type or use of the data. It may also include a review of vendors or customers to make sure that the terms of applicable license agreements are being followed. Alternatively, a company may determine it needs a full internal review of processes and procedures involving the collection, use, storage and disposal of spatial data.
What Does a Spatial Data Audit Look Like?
A spatial data audit may consist of one or more of the following steps:
- a review of license agreements (company, spatial data vendors, resellers, OEMs, strategic partners and customers)
- identification of applicable laws and regulations
- written surveys targeted at selected employees, vendors and customers
- interviews with selected employees, vendors and customers
- review of marketing materials (both company and distributor)
- review of formal (and informal) procedures associated with access, storage, use, disclosure and destruction of spatial data assets
- workshops and seminars for employees
- a written report and presentation to management and key company employees identifying potential ways to increase revenue and assessing the potential risks
As the amount and type of spatial data used in commercial applications increase, companies will need to adequately protect their data ownership and make sure that their data are being used for the intended purposes. They should also verify that they - and their customers and vendors - are in compliance with all applicable laws. As a result, companies that implement spatial data audits will gain a competitive advantage in the marketplace.