Successful people don’t do dotted line reporting

At my place of employment, I once had a fellow senior manager suggest that one of my soon-to-be hires should be a dotted-line report “due to audit reasons.” The rationale was that a data engineer with certain levels of access may trigger an audit finding, and that this may be avoided by putting the employee in IT where access was traditionally less rigid. The senior manager suggested that a dotted line report to me may be just fine.

This did not end up happening, as dotted line reporting just doesn’t work and it creates more problems than it solves. Dotted line reporting should be avoided for several practical reasons:

1. Regarding this specific case, are you telling me that every organization under the sun is capable of a free-standing data analytics department, but this particular organization can’t handle it without creating informal reporting structures? Build once; build right.
2. Informal reporting structures themselves create confusion and inefficiency. It creates an additional decision-maker who needs to be apprised of every business decision. The result is that you have another position that lacks direct oversight and responsibility.
3. It creates a temptation in the solid line manager to make use of the employee, even though they have no right to use them.
4. Fear of Internal Audit creates an adversarial relationship where it’s unnecessary. Data engineering is a modern professional analytics function. They are not just modified DBAs; they are part of the critical infrastructure of a data analytics department.
5. It destroys employee satisfaction, because they’re effectively serving two masters and don’t know which one to please.

As an alternative, a center of excellence (COE) is a more effective way to resolve the question of avoiding audits due to data access. Create a data board, which includes an internal auditor, to be involved in data analytics decision-making from the very beginning. If you run your COE and data board meetings with complete transparency and provide all relevant information from COE members from the very beginning, it’ll save you from the surprise of audit requests.

Also consider using service accounts for data ingestion, and bring multiple people in positions of responsibility onto your administrative and data audit applications (Cloudera Manager, Cloudera Navigator, Databricks audit logs, etc.).