Our Business Plan for 2020 – 2025

Appendix C – Data Strategy

September 2018
 Contents
Our data vision .................................................................................................. 3
1.1. Our data vision .......................................................................................................3
1.2. Our Data Strategy...................................................................................................3
1.3. What does good data management look like?........................................................4
Customers .....................................................................................................................5
Our Business .................................................................................................................6
Our People ....................................................................................................................6
Our Technology .............................................................................................................6
Our Data Objectives.......................................................................................... 8
2.1. Keeping our data fit for purpose .............................................................................8
2.2. Keeping our data secure and safe..........................................................................9
2.3. Keeping our data legal............................................................................................9
2.4. Making our data Accessible..................................................................................10
For our Customers.......................................................................................................10
For our Regulators & External stakeholders ................................................................10
For our Partners...........................................................................................................11
For our People.............................................................................................................11
2.5. Making our data resilient ......................................................................................11
2.6. Keeping our data governed ..................................................................................11
2.7. Mapping data to our outcomes .............................................................................12
Our data principles ......................................................................................... 13
3.1. Our data principles ...............................................................................................13
3.2. Our data lifecycle..................................................................................................13
Stage 1 - Specify data .................................................................................................14
Stage 2 - Collection & storage of data .........................................................................15
Stage 3 - Assess and improve data .............................................................................15
Stage 4 - Analyse data ................................................................................................15
Stage 5 - Share data....................................................................................................16
Stage 6 - Archive and Destroy.....................................................................................16
3.3. Requirements and Governance for the data lifecycle ...........................................17
Our Data Achievements.................................................................................. 19
4.1 Data ownership and collaboration: Open Water ...................................................19
4.2 Information Security..............................................................................................19
4.3 Pushing innovation with social media analytics ....................................................20
4.4 Leveraging the use of data visualisation...............................................................20
4.5 Making Asset Data More Accessible ....................................................................20
5 Our future Initiatives ....................................................................................... 21
5.1 Enterprise Information Management (EIM) and People Training..........................21
5.2 Situational Awareness ..........................................................................................21
5.3 Data Science and Artificial Intelligence (AI)..........................................................22
5.4 Analytics and reporting tools.................................................................................22
5.5 Developing our analytical “centre of excellence” ..................................................23
6 Summary.......................................................................................................... 24

Our Business Plan for 2020 to 2025 Appendix C Page 2 of 24

 Our data vision
1.1. Our data vision
Data plays a central role in meeting our company objectives and delivering our outcomes. Our ambition is
to establish a systematic focus on data and knowledge throughout the business, with a culture of
innovation and collaboration that will allow us to achieve and sustain breakthrough service and
performance at least cost. We recognise the need to make more use of data to meet customer’s needs,
whilst also leveraging the use of innovative technology to achieve this, as highlighted in our innovation
strategy. Data Management and Business Intelligence will play a key role in meeting our company vision
and customers’ expectations.

When we speak of “Data”, this covers a broad spectrum of both structured and unstructured data, across
our multiple information technology systems and business areas; this also extends to data found on
physical medium, such as plans, drawings or reports.

This purpose of this appendix is to set out our Data Strategy to provide clarity on how we intend to
manage, govern and use data in all its forms to ensure we are maximising our data assets and exploiting
their rich information. The strategy provides the guidance on how we intend to become a more data driven
organisation across the board.

Our Data Strategy is fundamental to achieving our mission of being the leading community focused water
company. Data is the life-blood of the organisation, being generated, validated, stored and used in all our
everyday business operations. It is a key asset and pivotal to us achieving our outcomes for the coming
future, while providing the means for optimisation and innovation. Our intention is to develop our internal
management and practices in AMP7 and beyond around our strategic view of data.

Our aim is to evolve and adapt our culture to be more data conscious, driving quality from the point of
capture right through the lifecycle, to support and help in achieving our business objectives. Our people are
a critical success factor in achieving the data vision, so we need to plan, train and foster an ethos where
data is central to everything we do rather than being just an output of a process or in some cases an
afterthought.

Supporting our people on this data journey, we will endeavour to apply proven technologies, learning from
our peers in the water industry and other sectors, on how to capitalise on our data assets, as we strive,
retain and build our company knowledge.

1.2. Our Data Strategy

A sound corporate level Data Strategy is required to manage the data within our organisation and to use
the available information for improving the efficiency of all our business functions.

An effective data strategy ensures:

• A Business wide appreciation for data as a company asset: the ability for all staff, at all levels
of the company to understand and appreciate the value which data brings to the company, whilst
understanding the need to carefully manage this asset from end to end.

• Adapting our Information Systems for our business : As we become more data driven, we
must strengthen our IT-to-business alignment by collaborating more rigorously to define and
prioritise data requirements to meet our outcomes;

• Linking Data management to outcomes: Stronger internal alignment, particularly with our
Information systems, is a foundation for future-facing enterprise data strategies. Improvements to
data and its management should link directly to one or more of our outcomes.

• Collaboration of enterprise data and its strategies: Achieving the new level of business
synergy and alignment (as a foundation for our corporate data strategy) demands for

Our Business Plan for 2020 to 2025 Appendix C Page 3 of 24

 organisational structures that are inherently collaborative for data, such as our data governance
boards, data stewardship programs, steering committees, and data management centre of
excellence.

• Insight driven decision making: Being able to process, analyse and interpret data at all levels
within the company, whilst making sure that findings from data support the delivery of one or more
of our outcomes.

• The retention of critical company knowledge and data: It is crucial that we leverage our ability
to provide continuity in retention of the company’s knowledge, which must be transferable within
the business – ensuring that vital data is properly safeguarded and that information generated
(whether in physical or digital format) retains its place with the company and not just its people.

• Coordination among data management teams: Part of the concerted effort of our corporate data
strategy involves aligning multiple data management teams that exist within the organisation.
These teams need to collaborate and agree upon common standards for defining and modelling
key business entities (such as customers, assets, and financials) and how data about these can be
improved and shared across information systems. Standards for data and application development
should align with stated business goals for data;

• New data strategies for new business practices: We need to improve our response time to
operational events so we need fast, frequent data, in near real time via data services. To manage
our data requirements, we are investing in new systems, technologies and implementation of best
practices.

Our Data Strategy helps us to develop the plan for realising benefits around data problem areas. It helps in
effectively using our data for strategic advantage and operational decision making.

Not having a data strategy increases the risk of allowing each person within each department of the
organisation to develop their own methods for using and managing the information available. Systematic
data management at enterprise level will improve our business decision making, contributing to
improvement of business performance and growth, whilst addressing organisational requirements for easily
accessible and trusted data to be available for compliance and reporting.

1.3. What does good data management look like?

To achieve our vision, we will aim to govern and manage our data using a defined set of policies and
procedures based on agreed standards and best practice. We will develop a consolidated data model and
use proven data architecture aligned to data standards. We will strive to manage our data effectively in
integrated data repositories collecting data items only once, maintaining them in only one place, and
making them available for use in multiple applications across the business and beyond, providing all
customers with “a single version of the truth”.

Successful implementation of the Data Strategy will enable us to deliver benefits to customers and the
business, broadly by reducing the cost of processing data whilst increasing quality (and thus value) of the
data we hold.

Our Business Plan for 2020 to 2025 Appendix C Page 4 of 24

Figure 1 – The Data Vision

At the heart of Data vision is the need to fulfil customer’s expectations better through data – we also want
to ensure the data vision is passed on through our business & people. Further benefits in other areas
include:

Customers

• Improve secure access to master information on asset condition, performance and customer
impact, reducing reactive incident response times and minimising interruptions to supply.

• Responding to customer needs in a tailored fashion - utilising customer call information and
network performance data, we were able to map the needs of customers at localised level,
providing a deep dive view of customer complaints throughout our operational area. Please see
case studies for further details.

• Keeping customers informed – We have achieved a 50% increase in the volume of social media
followers following the release of our social media application - and improved customer satisfaction
scores by over 40% between September 2017 and April 2018. This is a continued trend we will
endeavour to maintain. Please see case studies for further details.

• Only through better data insight can we understand and support our vulnerable customers,
personalising their experience and meeting their needs.

• Empowering customers to do more with data whilst building trust and transparency. . We will make
more use of customer feedback, customer call data and embed feedback into day to day asset

Our Business Plan for 2020 to 2025 Appendix C Page 5 of 24

 operations. We will also ensure to keep customers informed constantly during major interruptions,
as highlighted in our case studies.

Our Business

• At the heart of successful data management lies a robust adherence to controlled processes. This
is critical to ensure business continuity, particularly when it comes to knowledge transfer. This will
ensure:

• Improved auditability and measurability of our processes and operations, supporting our
management processes and regulatory reporting.

• Enhance compliance with regulations, providing the ability to resolve issues quickly and effectively.

• A streamlining of business processes, reducing the waste and cost inefficiencies. Fundamental to
process improvements and automation is data quality.

• Improved corporate resilience. Having trusted and accessible data will allow us to adapt to
changes and support our people’s knowledge sharing.

• Maturity in data management and quality assurance will allow us to make sure we maximise the
value of customers money by making the right investments, thus improving our financial position
and increasing customer satisfaction.

• Improvements in data and reporting allow for more assured and informed decision making,
reducing risk of failure and potential punitive fines.

Our People

• Clear accountability of data is essential for regulatory compliance. We need to ensure that we keep
our company records, controlled documents and asset information in the right shape to deliver a
safe working environment.

• Training is key – everybody in the business has specific objectives to fulfil which relate back to our
outcomes. Achieving those is only possible by provide on-going development in all aspect of
strategic data management.

• Within Wholesale Operations, data is often created, stored, used and updated remotely. It must
therefore be accessible anytime, anywhere. Coupled with our planned IT strategy, investment in
data management provides the availability of data to our people anytime, anywhere.

• Health and Safety is our priority – a safe working environment starts with full knowledge of asset
condition and working procedures, whilst observing health and safety rules which are monitored on
a regular basis, through hazard reporting, risk assessments and method statements.

Our Technology

• Securing our data in the most appropriate manner will mitigate security risks, reducing potential
punitive penalties from breaches.

• Leveraging the use of innovative technology will become more and more important in the
information age – we must have the capability to deploy new methods for managing, processing
and storing large data now and in the future.

Our Business Plan for 2020 to 2025 Appendix C Page 6 of 24

 • Understanding our data, we can make strategic decisions in Information Technology assets
ensuring our data is resilient to failures and corruption, thus proving a faster recovery service for
business continuity.

Our Business Plan for 2020 to 2025 Appendix C Page 7 of 24

 Our Data Objectives
The realisation of the benefits in the Data Strategy is dependent on the effective alignment of data
governance and management combined with technology development and clear articulation of business
needs. Our objectives set out the intended end outcomes for our data strategy supported through the
applied governance, technology and processes to achieve our data vision.

Figure 2 - Our Data Objectives

2.1. Keeping our data fit for purpose

We are committed to continuously improving the quality of data, making the whole business more efficient
by reducing information and knowledge gaps. Our Asset information registers and customer billing
registers are key sources of data we rely on to provide our everyday service and therefore their integrity is
essential to reduce compliance risk and costs.

Improvement in data quality and its relevance help to: Increasing operational
efficiency.
• Improve overall insights, limiting the “garbage in, • By maximising the use of asset
performance data.
garbage out” conundrum. • By reducing duplication of
information.

• Improve trust in our data and information, improving

informed decision making.
Reducing risk of Improving customer
failing to meet our experience and
• Eliminate waste, streamlining processing and ODIs. perception.
reducing errors. • By responding to operational
incidents quickly. • By education with data within the
community
• By making well informed investment
decisions. • By providing customers with
personalised information updates.
• Reduce costs from extra processing due to
inefficient data and gaps.

• Improve customer experience through trusted and

correct data. Figure 3 - Improving Data Quality

• Keep our people safe, through accurate information in situation.

Our Business Plan for 2020 to 2025 Appendix C Page 8 of 24

 2.2. Keeping our data secure and safe
Data security and the effective use of our information is IMB
a strategic priority to us. Through the application of Data
Governance, within our overall Data Management
programme we will endeavour to apply best practice to
assure its data confidentiality, Integrity and Accessibility. ISMF DPF DGF

We have embarked on a significant data and information

Data quality &
security (InfoSec) programme during AMP6 and Security Data protection
governance
continue to invest in it. Over the last 3 years there has Champions champions
champions
been a significant increase in our Information Security
maturity which was recorded at level 3 in the independent Figure 4 - Data Management Structure
NCC assessment report of early 2017, well above the UK
corporate average.

We have been awarded the UK Government’s Cyber Security Essentials+ certification in October 2017 and
have continued to build upon the concepts of the certification by beginning the journey to fully align with the
Global Information Security Management System Certification ISO27001.

The governance structure is led by the Information Management Board (IMB), a senior executive level
board which authorises data and security policy, process, posture and ensure good practice. The IMB is
supported by 3 direct working groups:

• The Information Security Management Forum which provides cyber and information security
expertise and cyber initiatives for approval by IMB.

• The Data Protection Forum which provides Data Protection expertise and advice on regulatory
requirements for approval by IMB.

• The Data Governance Forum which provides data strategic initiatives and proposals for approval
by IMB.

Ensuring the confidentiality and integrity of customer and company data is a primary concern of our
business - a number of initiatives to protect both physical and digital data are currently in place. We are
introducing a company data classification process which, used in conjunction with Office 365 security
controls and our deployment of Data Loss Prevention (DLP) systems, will provide us with the ability to
monitor and manage data, with an emphasis on Personally Identifiable Information (PII) to fulfil our GDPR
commitment. Security testing for vulnerabilities, 3rd party penetration testing and remediation of critical
vulnerabilities detected on our external facing interfaces and within our applications respectively are
mature established processes. Risk and privacy impact assessments coupled with 3rd party management
will improve our risk posture and assist in the alignment with ISO 27001 requirements and GDPR/NIS-D
compliance. We have also created and are due to test our internal breach process to ensure our
preparedness for incidents and comply with the ICO and NIS-D regulation/directive for breach reporting.
We will therefore comply with ICO/NIS-D by effectively reporting breaches to the ICO/NIS-D within the
required 72 hours of becoming aware of a breach. The introduction of the monitoring system Darktrace has
provided a facility for in depth investigation of our network, server, desktop systems and data flows
providing the information security and infrastructure teams with alerts on detected anomalies and in
support of our cyber incident management process. This is discussed in more detail within the IT assets
section of the wholesale technical appendix. In preparation for GDPR, we have also reviewed contractual
agreements with our suppliers and stakeholders with whom we use and share data, all clearly defined
within our privacy policy.

2.3. Keeping our data legal

In accordance with new regulation for data and cyber security, we recognise that we are accountable for
the security and the correct and lawful processing of data, especially personal data.

Our Business Plan for 2020 to 2025 Appendix C Page 9 of 24

The introduction of the General Data Protection Regulation (GDPR) means we are now exposed to
potential fines of up to €20 million (approximately £18 million) or 4% of total worldwide annual turnover,
whichever is higher and depending on the breach. We have appointed a Data Protection Officer who is
ultimately responsible for our compliance with data protection law. The DPO is supported by an Information
Officer plus members of the Legal & Assurance directorate. A Data Protection forum reports to the
Information Management Board on all data protection matters. Privacy Impact Assessments are performed
on all new projects to mitigate risks around processing of personal data.

Complimenting GDPR is the Network and Information Security Directive (NISD), which potentially has
similar punitive penalties for failures. Whereas GDPR’s focus is on the processing of personal data, NISD’s
focus is on the security of Information Management Systems within a Critical National Infrastructure (CNI)
environment. Our target is to go beyond mere compliance and aim for best practice in data protection as
prescribed by the ICO, embedding privacy by design and default throughout our organisation.

2.4. Making our data Accessible

We aim to make our data accessible to authorised employees, partners and customers through secure and
robust data services and information systems. Accessibility is key to ensure the usefulness of our data and
to proselytise data innovation.

Our Our data classification policy defines the sensitivity of our

Our
Regulators information and as such its applicable accessibility to all
Customers
stakeholders.

We take data very seriously when it comes to sharing it with our

stakeholders. Our approach for AMP7 aims to ensure that we apply
Our Partners appropriate protection of the data to meet those requirements. We
Our People (Academia currently see four types of external stakeholder which we engage
and Research)
with to provide our service and to improve on it: Namely our
regulators, the wider public, academia and importantly, customers.
Figure 5 - Data Stakeholders
For our Customers

Providing information to customers will support them in

understanding their water usage, so they are empowered to Information
reduce their water usage and bills. Through the application of sharing with
Local
self-service capabilities we can provide information services Authorities
that support streamlined processing of customer queries MyAccount
Data
improving the overall customer experience. The use of data customer
Hackathons
portal
and insight will also support our goal of providing a
personalised customer service and supporting vulnerable Opening our
customers. Data

Open Data "In your

For our Regulators & External stakeholders Initiative area" App

Our data strategy is essential to supporting our external asset Community

Engagement
data vision. We want to develop our engagement with
stakeholders (public, third party, academic) where possible, to
utilise and engage with our operational and environmental
information, providing potential new insights and new ways of
working. This is in line with the government’s Open Data Figure 6 – Opening our Data Initiatives
charter whilst also meeting Ofwat’s customer data vision as
outlined in “Unlocking the value in customer data” report.

Our plan is to be implemented in a phased approach through AMP6 and AMP7, with some of those
initiatives shown opposite.

Our Business Plan for 2020 to 2025 Appendix C Page 10 of 24

For our Partners

Providing real-world data to our business partners and research organisations has the potential to foster
greater insight and drive data innovation, with the potential for step changes in the water industry. Our
objective is to improve our data engagement with third parties to improve our business operations,
ultimately supporting our business outcomes and customer expectations. Many research projects
academic initiatives have been launched thanks to asset performance (leakage, metering, water quality)
and environmental information designed to improve out service to customers.

For our People

Our People ensure our business operations are completed in a professional manner, be it in the office or in
the field. Access to essential data is critical for our People to do their work in a safe environment.

Through the implementation of information management systems and End User Computing (EUC), we
ensure our people have access to the right data, anytime, anywhere and on any device. We are investing
further in collaboration and communication systems to support our people’s collaborative working
experience.

2.5. Making our data resilient

Our data needs to be as resilient as our organisation. The ability to recover from data corruption and adapt
to significant changes in data is part of our data strategy. Over the AMP6 period we have invested in a
cloud first strategy to build resilience in our foundational Information Technology. Using cloud services, we
have become highly resilient to failures with the ability to recover in rapid time.

We have also made significant strides towards providing a resilient access to asset information remotely,
which provides operational resilience, particularly when responding to large incidents such unplanned
outages of bursts.

As we invest more in our data technologies our data resilience will mature, especially with the exploitation
of emerging technologies and large distributed fail-safe data management and processing solutions.

2.6. Keeping our data governed

Data Governance comprises of a group of people with a common objective (improve the use of data within
the organisation), developing rules, processes, procedures and standards to be followed within the
enterprise for improving the organisation’s operational efficiency. Data Governance ensures maintenance
of data quality, appropriate use of data and available resources and standardised management and
mastering of data within the organisation. Accountability and ownership of data is the best practice within
any data strategy. We aim to implement Data Governance as part of our Data Strategy to help guide our
people on how best to use the data within our Company. Our Governance starts from the top, driven
through our governance board and forums right down to our end users.

As part of our Data Governance, a programme of learning will be undertaken to educate our people on
great data use and promote a cultural step change toward good data practices and acceptable use. The
diagram below depicts our hierarchy of data users and ownership.

Our Business Plan for 2020 to 2025 Appendix C Page 11 of 24

 The Senior Information Risk Owner
(SIRO) is the company’s key Senior
representative and overall owner of Information
data management risk and is the Risk Owner
chair of our IMB
Information Asset Owners
(IAOs) are EMT members and
senior managers who have
Information overall accountability for
Asset management of data within a
Owners specific business function.
Data stewards and officers are They are budget holders for
individuals who have specialist data remediation.
knowledge and understanding of Data
datasets and reports. They have Stewards
responsibility for monitoring data and Officers
quality and ensuring our data are
fit for purpose.
Our End users, responsible
for data capture at source.
Data Entry Responsible for ensuring
Clerks accurately and adequately
captured data at the point of
creation.

Figure 7 - Our Data Users

2.7. Mapping data to our outcomes

The following table shows the data objectives and how they map to our outcomes and expectations.
Achieving the below objectives allows us to reduce risk and further improve our internal business
efficiency.

Supplying high Making sure you have Providing a great Minimising

enough water, while
quality water you service that you disruption to you
leaving more water in
can trust the environment value and your community

* We manage our asset * We employ smart * Using accurate asset * Create insight from
Making the most out of all

Analyse service delivery,

.
environmental data.

data for customers.

asset health and condition.

Leakage, consumption &
Water quality and asset
performance data.

performance and track technology to monitor criticality and condition data to help reduce
water quality data from our leakage levels. data to make the right disruptions and improve
source to tap. * Collect accurate PCC investments . operational performance.
* We use water quality data to plan supply and * Move to a more * Enable our control
data to plan our demand at a localised personalised service for vision
acitivities and meet our level. customers, delivering * providing real-time
CRI and Mean zonal * Monitor aquifer and more information and information to customers
compliance river levels data to data on service level. on disruption - minimise
commitments. minimise customer * Simplify access to our unplanned outages .
* We provide customers impact and protect the tools and services (Billing, * We monitor pressure
with easily accessible and environment. network updates, water and burst data to make
transparent data on our quality, new the right investments at
water quality. developments) least cost.

Figure 8 - Mapping Data to Outcomes

Improvements in our data management is largely incentivised by these core pillars; improving operational
efficiency and expenditure, reducing risk associated with failing to meet our regulatory objective and
upholding the company’s perception to customers and stakeholders (who recognise our ability to manage
and safeguard critical data, whilst maximising its use to serve them best). This approach is critical to help
us map key areas for improvement, such as realising Opex savings in energy use, reducing our response
to network incidents or increasing the transparency and the volume of information we provide to
customers. In order to achieve our individual performance commitments, we intend to follow the approach
given in the mapping above – where data quality will be critical and collaboration will be crucial.

Our Business Plan for 2020 to 2025 Appendix C Page 12 of 24

 Our data principles
3.1. Our data principles
The management of data has many similarities with our core activities, data needs to be captured, treated,
stored and distributed. Like water, data is a valuable resource and should be managed as a utility rather
than a luxury. To support this, our data strategy is underpinned by six core pillars, helping guide our
approach to data.

Completeness Correctness Uniqueness

•We collect and hold data
that is relevant to the
business, both current and
historic
•We ensure a complete set
of data is available for each
record and every instance,
it can be used to answer
every reasonable
stakeholder question
•We ensure the data is
correct in all details and is
a true record of the
instance it represents
•We measure and monitor
the level of accuracy
•We comply with the
organisational standards
for data update timescales
•We take reasonable steps
to ensure all items are
unique with no duplication
of data
•We keep business-critical
data as unique version
ensuring there is a single
source of the truth

Consistency Security Accessibility

•We ensure data is
consistent in its definition,
stewardship and
interpretation, structure,
rules, format and value at
any time, place and version
of this information being
used
•We maintain adequate •We can easily access data
data access and control to when required and share it
ensure users have what to enable collaborative
they need decision-making
•We comply with legal
requirements and best
practice data storage rules

Figure 9 - Key Data Pillars

3.2. Our data lifecycle

Our core principles are to be managed and maintained through good data practices and strengthened
through an iterative data lifecycle. We are committed to delivering a robust lifecycle approach to data,
which links right back to our vision and objectives.

The data lifecycle allows us to gain trust of our data through right oversight throughout its life. This will
allow us to optimise our data’s usefulness, improving our information while minimising the potential for
error. Finally archiving or disposing the data at the end of its useful life, will ensure we are compliant with
applicable legislation and will reduce the consumption of valuable IT resources.

The data lifecycle will become an important process within our Data Management programme especially
with the expected future data explosion from Big Data and the on-going development of the Internet of
Things (IoT) that will become prevalent within our industry over the coming years.

Our Business Plan for 2020 to 2025 Appendix C Page 13 of 24

 Becoming the leading
Our Vision
community-focus water company

Enough High Minimise Value for

Our Objectives Water Quality Water Disruptions Money service

Comply with best

Fulfil our AMP7 Meet regulatory
Our Drivers practice
commitments. requirements
standards

Operational, Customers, Financial, Asset,

Our Insight Regulatory, People, Technology & IT

Specify

Archive
Collect
and
& Store
Destory

Requirements
& Governance

Share Assess

Analyse

Figure 10 - Data lifecycle

Our approach to data is iterative and cyclical, whereby we need to continue and grow with the data, each
cycle brings a new dimension and insight.

In practice, it is not uncommon for a data stage needing to go backwards to the previous stage, typically
this is completed through the Governance processes or realignment of business requirements, which
essentially act as a review process and request for further definition and clarity. In effect, the data lifecycle
can have mini cycles within a few stages before moving on to the following stage.

Stage 1 - Specify data

One of the key principles of good data management lies in specifying what data we should keep and to
what standard, to conduct our day to day operations of the business.

What ? Why ? How ?

•What data do we •Is there a •Are we clear on the

seek to collect ? regulatory/statutory methodology for
•What format is the or legislative driver? data collection ?
data required in ? • What is the • Has a similar
• Can we quantify the customer benefit? exercise been done
extent of the •How does it link to in past ?
required data ? our performance
commitments ?

Figure 11 - Specify data process

When collecting new data, whether they are collected via machine automation or through human input, we
endeavour to ensure we collect the appropriate metadata and information properties which are needed.
Metadata is ‘data about data’, its characteristics that allow effective and efficient referencing. A data
object’s metadata can be thought of as a ‘fact file’ about it. This may include meaning, relationships to

Our Business Plan for 2020 to 2025 Appendix C Page 14 of 24

other data, origin, usage, format etc. Metadata is fundamental to successful data governance: it acts as a
reference point to promote common understanding, describing what it means, specifying any relevant
standards and clarifying how it is used within the organisation.

The above process is already embedded as part of our “privacy by design” approach to data protection,
where we privilege the need to protect our personal data with the utmost care and privacy, particularly
when delivering new digital solutions likely to yield data and information as input or output.

Stage 2 - Collection & storage of data

Data collection occurs early in the lifecycle based on the specified data in stage one. This data could be a
raw data, file, image, or in document form. The information is typically entered or uploaded into an
application and accessible to certain roles within the organisational hierarchy on whatever devices offer an
access point to the proprietary system.

At this stage, it is important for those conducting data entry to ensure that the data they input or receive is
as accurate as possible, this will limit the data quality issues downstream.

As part of a solutions delivery process, the data storage mechanism and its associated security, availability
and recoverability is designed. Typically, this is implemented through a traditional database management
system onto physical disk, although larger distributed data management solutions are changing this
pattern. However, this design process provides valuable knowledge and accountability as part of our
governance process ensuring continued business operations through strong architectural processes.

Stage 3 - Assess and improve data

Data quality is an essential element of any data strategy as it demonstrates the effectiveness of the data
strategy and underpins the trust in our data inputs and outputs.

The “assess and improve” stage supports data quality by providing the “checks and balances” to our data,
ensuring what we’ve specified in stage 1 matches what we’ve collected in stage 2. This stage provides the
assurance that our data aligns to our requirements and governance controls, providing a measurable view
of our data.

Any identified gaps in accuracy or completeness will be addressed, as this critical to the analysis phase.
For instance, burst records maybe missing information on pipe characteristics and thus may need to be
inferred. This stage provides the assurance that our data aligns to our requirements and governance
controls, providing a measurable view of our data.

It is a necessity that we trust our data, and only though continually data quality validation can we gain the
measures by which we have confidence on our data. Without this trust, the next stages of the data lifecycle
cannot be trusted and as such, our data strategy would be ineffective.

As noted, this stage uses the information generated from stages 1 & 2 to validate our data, however, it also
looks to provide the mechanism and guidelines to correct and continuously improve our data. Where data
quality issues are found this should be highlighted back through the Requirements and Governance
process and readdressed through stages 1 or 2.

Stage 4 - Analyse data

The Analyse stage supports the use of data to generate information and provide insight. Typically
categorised under the Business Intelligence (BI) banner, this includes the reporting, dashboarding and
analytical processing of our data into information and knowledge. Simply put, how we use our data to be
informed.

Underpinning our analyse data stage is our hereditary need to optimise our “totex” management of the
asset portfolio, whilst delivering great customer service. The techniques and services used during this
stage of the data lifecycle have an inherent impact on our efficiency as a business from an Opex and
Capex perspective.

Our Business Plan for 2020 to 2025 Appendix C Page 15 of 24

We use a multitude of tools and data analysis techniques to manage information within our respective
areas of the business. Much of this is generated thanks to common statistical techniques and modelling
tools which provide the best level of information management possible.

However, we also rely heavily of ad-hoc analysis of structured data, through business intelligence platform
services for reporting and analytics dashboarding. These tools enable us to explore the data in more detail
utilising descriptive statistics techniques (mean, mode, median, and frequencies) to understand current
trends, with more qualitative data analysis, particularly when examining unwanted contacts from
customers.

All these systems and techniques support our regulatory submissions (WRMP, Business Plan, Annual
Financial Reports) but the majority of our data analysis is carried out to support our business operations.

Stage 5 - Share data

This stage of the data lifecycle relates to making data and information derived from the previous stages
available to our people, partners and customers in a secure and robust manner.

One of our goals is to support our regulators view which aims to:

• Develop a collaborative network to share best practice and develop ideas;

• Champion innovative uses of data in the water sector;

• Use data to improve customer service and support to those who need it most.

• Improve operational resilience;

• Be more transparent, which in turn drives accountability and legitimacy building trust;

• Develop materials and support to help sell the benefits of data sharing internally.

To get the most value from our data and drive different behaviours, it is key to keep our people informed.
Through the application of technology, we will be able to share our information to support our operational
teams, so they can work as efficiently as possible in a safe working environment. During AMP6 we have
invested heavily in our communication and collaborative systems, enabling the means to effectively deliver
information anytime, anywhere on any device.

To support the government’s Open Data charter and Ofwat’s customer data vision as outlined in
“Unlocking the value in customer data” report, our vision is to develop our engagement with stakeholders
(public, third party, academic), utilising our operational and environmental information to educate and
develop new techniques and understanding.

Our aim is to help customers navigate to the information they need, whilst also facilitating the collection of
the data we need from customers (for example, the new MyAccount platform will enable customers to
update their personal occupancy and billing details online, therefore facilitating and enhancing the
customer experience). To support customers and provide an inclusive service for all, we will build on our
self-service capabilities to provide richer information in a secure manner. We see this as critical to
empowering the customer to effectively manage their water use.

Stage 6 - Archive and Destroy

Stage 6 of the data lifecycle supports our responsibility to ensure our data and information is managed and
destroyed in accordance with legislations and customer expectations.

We adopt a robust data archiving and destruction policy which ensures that retired devices and media
have their contents securely removed, destroyed, or overwritten and physical documents are destroyed
appropriate to their security classification.

Our Business Plan for 2020 to 2025 Appendix C Page 16 of 24

 3.3. Requirements and Governance for the data lifecycle
The Requirements and Governance stage supports our data lifecycle, providing the business “wants” and
“needs” for data and the policies, procedures and assurance that data and information is being governed
and managed in an appropriate manner.

The requirements and governance should be validated at each stage of the lifecycle and provides the
mechanism to revert to previous stages in an iterative process where further understanding may be
required.

Requirements

Requirements are essential to great data management. Requirements set the expected outcomes required
within the data’s lifecycle and provide understanding to each stage to ensure what is being delivered meets
our expectations.

Governance

Data governance is an essential part of our overall data strategy and provides the roles, policies,
procedures and guidance to ensure accountability and ownership of our data assets. Data governance
provides the means to measure and support the delivery the Data Management programme in a
sustainable manner.

During AMP6, supporting our Information Security programmes we have developed a series of user forums
supported by a centralised Information Management Board (IMB). These forums will work to provide the
necessary assurance and governance to our Data Strategy. The diagram below depicts our governance
organisational hierarchy. Although not explicitly stated in the title, the Requirements and Governance
stages should also validate that our data conforms to our information security standards taking a
Confidentiality, Integrity and Availability (CIA) approach.
Information Management

Information Security
Securty Champions
Management Forum
Board (IMB)

Data Protection
Data Protection Forum
Champions

Data Governance Data Quality and

Forum Governance Champions

Figure 12 - Governance Boards

Although not explicitly stated in the title, the Requirements and Governance stages should also validate
that our data conforms to our information security standards taking a Confidentiality, Integrity and
Availability (CIA) approach.

Confidentiality

Our Business Plan for 2020 to 2025 Appendix C Page 17 of 24

Confidentiality is the ability to hide information from those people unauthorised to view it. It is perhaps the
most obvious aspect of the CIA triad when it comes to security; but correspondingly, it is also the one
which is attacked most often. Cryptography and Encryption methods are an example of an attempt to
ensure confidentiality of data transferred from one computer to another.

Integrity

The ability to ensure that data is an accurate and unchanged representation of the original secure
information. One type of security attack is to intercept some important data and make changes to it before
sending it on to the intended receiver.

Availability

It is important to ensure that the information concerned is readily accessible to the authorised viewer at all
times. Some types of security attack attempt to deny access to the appropriate user, either for the sake of
inconveniencing them, or because there is some secondary effect. For example, by breaking the web site
for a particular search engine, a rival may become more popular.

Our Business Plan for 2020 to 2025 Appendix C Page 18 of 24

 Our Data Achievements
4.1 Data ownership and collaboration: Open Water
Clear accountability of data is as essential as health and safety compliance - through a programme of
education and awareness on data ownership, we were able to improve the open water process readiness
and achieve the tight deadline for market opening. Our process during and after market reform, means that
we are now top of the league table for water wholesalers. We run a set of data quality reports using tools
such as Talend, to actively manage the accuracy and completeness of data. Some of the core reporting
tools which we use are:

• MDS tool (Market Dataset Synchronisation)

• Data divergence tool (Measuring the accuracy of properties and SPID details against CMOS)
• Audit and compliance tool

These reports are monitored on a regular basis to ensure we can follow up on data changes in our register.
Any issues which cause significant risk are dealt with by the wholesale team, data quality team and IT. We
have also developed a data cleansing dependency model which maps and identifies the people and data
sources affected by changes to non-household properties or meter attributes; this means that changes to
the data in our system triggers a notification to stakeholders who are responsible for the document
updates. This can be explored further in our case studies.

4.2 Information Security

Cyber and data protection training courses through a corporate Learning Management System (LMS) have
been introduced. A full program of work to be compliant with GDPR and NISD have been identified and
prioritised. A number of initiatives are being introduced and we will continue to meet the regulations
requirements and fulfil the Information Security needs through its alignment with ISO27001.

Looking after customer data is our primary concern. Initiatives to protect both physical and digital data are
currently in place. We are currently reviewing the introduction of a data classification system in conjunction
with Office 365 security controls and a Data Loss Prevention (DLP) system to monitor and manage all
data, including personally identifiable information.

Security testing for vulnerabilities and 3rd party penetration testing and remediation of critical and external
facing interfaces are established processes. Risk and privacy impact assessments and 3rd party
management is being further improved as part of our alignment with ISO27001 and GDPR requirements.
We have reviewed our contractual agreements with our suppliers and stakeholders whom we use and
share data with as clearly stated as part of our privacy policy 1.

We have also reviewed our internal breach process to ensure we duly prepare for incidents and comply
with the ICO regulation on breach reporting; therefore, we ensure to report breaches to the ICO within 72
of becoming aware of the breach.

The introduction of the monitoring system Darktrace combined with inbuilt machine learning has provided a
facility for in depth investigation view of our IT network, server, desktop systems and the data flows
providing security and infrastructure teams with alerts on detected anomalies to support our cyber incident
management processes.

1
https://www.affinitywater.co.uk/privacy-notice.aspx

Our Business Plan for 2020 to 2025 Appendix C Page 19 of 24

4.3 Pushing innovation with social media analytics
Social media analytics is fast becoming a focal point in the industry – it helps us to identify sentiment and
gives a granular picture of the sort of issues (leakage, discolouration, bursts) which affect customers on a
regular basis, interacting on often very localised issues. By using our web analytics and Facebook
sentiment data, we successfully mapped and identified web traffic during incidents at postcode district
level, which helped us to keep live updates and messages online via our website. This was hugely
beneficial to customers during our major outages in 2017 (Baldock, Letchworth) where we understood that
page views to our “in your area” app went up exponentially in those areas during incidents. This insight
helps us to plan our communication better – in areas where social media feedback is limited, we try to
identify usage of our SMS service (which allows customers to be contacted on updates to disruptions) in
order tailor our communication approach. This approach supported our customer satisfaction and social
media feedback as outlined in our case studies.

By making more use of customer calls data and analysing social media traffic during incidents we were
able to pro-actively support customers with a good knowledge of issues before they call us, thus helping us
to improve our customer satisfaction score by 40%. This can be explored further in our case studies on
social media and contact centre analytics.

4.4 Leveraging the use of data visualisation

Visualising complex data to represent network performance is
a must – through the use of our Navig-8 tool, we provide
mastered single source data on network performance and
asset maintenance, helping end users to visualise and extract
data whilst also being able to view it spatially. The data
requires minimal manipulation and thus simplifies the ETL
process and enables rapid updates of the data. In addition to
this, the tool allows us to visualise asset performance at
various spatial levels, from a macro level company view down
to localised performance issues which tend to affect individual
parts of our network (such as DMAs)This approach has greatly influenced the outcome of pressure
management and leakage targeting schemes, which are supported by the insight generated from the data
representation. In addition to this, the Navig-8 suite of dashboards enables end users to save, export and
print outputs with document meta data, which facilitates the auditing of the data source – meaning we can
ensure confidence and rigour in the governance of the information when sharing, one of our core data
principles.

4.5 Making Asset Data More Accessible

Responding to operational incidents is greatly affected by our ability to access asset performance data and
documentation; thanks to our cloud based document management system,
we are able to provide up to date documentation via a secure platform which
can be accessed from mobile devices – this provides our operational staff
with field access to the latest version of our asset documentation in a
structured and organised manner. As part of this process we have
transferred over 60000 documents onto our new platform, which allows
users to navigate through a simple frontend interface to view asset
documentation on the go. The platform also provides up-to-date document
analytics which enable document controllers to manage their respective
documents in accordance to their periodic review dates and overall validity.
This is a significant step towards achieving our goal for ISO 55001
compliance.

Our Business Plan for 2020 to 2025 Appendix C Page 20 of 24

5 Our future Initiatives
5.1 Enterprise Information Management (EIM) and People Training.
Our Enterprise Information Management (EIM) Programme is the delivery vehicle for our Data
Management vision and initiatives set out within this document. EIM’s key aim to provide a structured
approach to the delivery of our strategy, through best practice programme, project, architectural and
development processes, to ensure value to the organisation and its customers.

Through EIM we aim to support the delivery of the Data Strategy by:

• Education, through our standard learning processes and tools to embed our Data Strategy and
processes throughout the organisation.

• Data Knowledge, through strong architectural processes and knowledge sharing, proving the
collateral to our communities to understand our data and its use.

• Data Governance, through delivery of tools and processes to support our communities in their data
roles and responsibilities

• Data Security, through great Data Governance combined with Information security processes

• Data Innovation, through knowledge, we aim to implement pilot projects and initiatives to
implement data services and technologies and improve insights

• Compliance, through Data Knowledge and Governance combined with a risk-based approach to
understand how we comply with legislation and regulation.

To support the delivery of our EIM programme, we ensure to deliver robust training to our staff in order to
develop our data management skills in relation to our strategic objective, including cyber security, data
protection, data ownership, data process management and analysis of data. This journey is on-going in
AMP6 and will continue in AMP7 as we ready our people to be more data centric in thinking, a radical shift
in culture. Training will also enable us to continue our compliance with legislative and regulatory standards,
whilst pushing ISO compliance in key areas such as data quality (ISO8000:150) or cyber security
(ISO27001).

5.2 Situational Awareness

One of the biggest challenges and opportunities we currently face is the management and of growing
volume of data which is being generated, from such devices as network loggers, smart metering
technology or network contacts. With the development of further Internet of Things (IoT) devices, the
potential for data growth over the coming years will be unprecedented.

We have developed our Situational Awareness solution which provides a single plain of glass view of our
production and network telemetry data, enriched with our operational information, customer contact and
combined with geospatial data layers. The aim of this solution is to understand our operational events
through telemetry data in the context of the environment around them, in “situation”. This solution supports
our Control Vision programme which is designed to increase our operational awareness and streamline
processes to achieve our demanding outcomes, particularly in leakage, bursts, unplanned outage and
water quality commitments.

In AMP7 we aim to invest and develop this solution further, exploiting proven technologies such as
predictive analytics and Machine Learning in efforts to move to more real-time operations and event
management, reducing the amount of manual intervention.

Our Business Plan for 2020 to 2025 Appendix C Page 21 of 24

5.3 Data Science and Artificial Intelligence (AI)
Artificial Intelligence and its associated subsets such as Machine Learning and Deep Learning are set to
have mainstream adoption over the coming years. Software vendors are starting to exploit these
technologies and embed them in the information system products to provide insight and real-time event
processing at source. The Data Science practice is also making use of and maturing these techniques and
as such will become a must have for future Business Intelligence and operations.

Through the adoption of AI, we see potential in supporting both our business operational communities and
customers. Complemented with predictive analytics and automation we aim to deliver a more cost-effective
service through informed decision making.

Today we have employed Machine Learning as part of our Darktrace implementation. Darktrace is a
security monitoring solution that is actively tracking our IT infrastructure usage patterns, using machine
learning to spot anomalies and suspicious events, making our Information security operational team aware
to investigate potential issues.

Moving forward we anticipate the use of AI within our Situational Awareness application, will support our
shift to more real-time event processing, thus reducing our Time to Action and Mean Time To Repair
(MTTR).

5.4 Analytics and reporting tools

We are committed to fully migrate to a cloud first strategy by the end of AMP6, which will enable a better
working environment and provide a more scalable infrastructure. As we move into the next AMP, the
expectation of leveraging data to make more informed business decisions is ever evolving and increasing
in expectation. With various initiatives planned to tackle data quality issues as well as consolidation of
legacy systems, the expectation is that with improved data mastering, the Business Intelligence layer will in
turn improve in quality.

A well-formed governance framework is therefore required in AMP7 with the expectation of leveraging
augmented and embedded analytics with machine learning for example, generating insights on
increasingly vast amounts of data.

Qlik as well as Business Objects are

Figure 13 - Navig-8
Qlikview is already extensively used as part of the Navig-8 tool, a key asset management suite of
dashboards used for service delivery mapping (SDM).
Business Intelligence platforms currently
being used and invested in. Both within
AMP6 and AMP7 we’ll see further focus
on the Qlik products, particularly the
usage of the self-service visualisation
product; QlikSense. Qlik’s associative
model allows users to probe various data
associations across one or more data
sources. With its ability to dynamically
calculate analytics and speed in which it
identifies & connects associations, it
provides a highly valuable tool for senior
leadership to identify Wholesale or Retail
trends, issues or areas of opportunity.

Further data management tooling investment is ear-marked for AMP7. These platform capabilities are for
accessing, integrating, transforming and loading data into self-contained performance engines, with the
ability to index data and manage data loads and refresh scheduling. Talend (shown here on the right) is
our current Extract, Transform & Load (ETL) choice of tooling and examples of its usage in AMP7 include
the integration of key asset systems such as Hi-Affinity, GIS, Trace, Pioneer and AMIS. Such endeavours
will assist our company to eliminate inconsistencies through automation of manual interfaces between key
systems.

Our Business Plan for 2020 to 2025 Appendix C Page 22 of 24

As part of the Talend Data Management platform
we also have data quality processing and
stewardship functionality to build upon our data
initiatives for improved Data Quality. This tool
will become a value asset in our data
governance processes.

Figure 14 - Talend Data Management Platform

5.5 Developing our analytical “centre of excellence”

Sharing our capabilities within the business is as important as the service we provide to customers: it
enables us to make best use of resources whilst developing a collaborative view of best practice and data
analysis in general.

This is why we are working with key data specialists across the business to strengthen our data lifecycle
management, focussing on sharing analysis techniques, data processing skills, document safekeeping and
sharing valuable insight and knowledge which already exists within the business. To this end we
encourage our people who play key roles in data management and are involved in core business
processes to engage with the centre of excellence.

This group will be critical to help us deliver a successful outcome in AMP7 for Information management,
ensuring we review our reporting priorities, work to provide technical data training where required and
share important issues which may have cross – department impact.

Our Business Plan for 2020 to 2025 Appendix C Page 23 of 24

6 Summary
Our data strategy fundamentally underpins the delivery of our outcomes and performance commitments. It
is vital to the future of our business, but also customers, that we approach data with a strategic view and
build on the efforts of the already achieved initiatives from across the business. In AMP7 we plan to ramp
up our data management initiatives to support this strategy – this will be a critical success factor to the
delivery of our plan for customers.

In short, we will ensure that we keep our data

• Fit for purpose

• Secure and safe

• Legal

Whilst making it accessible to our people, customers, regulators, and our partners.

We are committed to delivering a robust lifecycle approach to data and using innovative information
technology to deliver our company vision and objectives. This will be achieved through the synergy of our
people, processes, data and our information systems, which will work in unison for the successful delivery
of our strategy.

The case studies follow as an annex to this document.

Our Business Plan for 2020 to 2025 Appendix C Page 24 of 24

PR19 Data Strategy Case Studies

Our Data Lifecycle in Motion with examples of best practice data use.
Each of the case studies
demonstrate the value added by
applying the data lifecycle to
business as usual data.

2
Our Data Lifecycle in Action
See how data driven decision making supports our service to customers.

Becoming the leading

• Each case study looks at how we have applied our community-focus water company
data lifecycle approach to meet our strategic Enough High Minimise Value for
objectives for customers. Water Quality Water Disruptions Money service
Comply with
Fulfil our AMP7 Meet regulatory
• They provide a link between data based planning in commitments. requirements
best practice
standards
key areas of the business to strategic outcomes, Operational, Customers, Financial, Asset,
which is critical to ensure the business plan Regulatory, People, Technology & IT

promises are met.

Specify
Specify: Analyse:
Address data Appropriate techniques
requirements to meet and modelling tools to Archive
our business and meet data Collect
and
customer objectives. requirements. & Store
Destroy

Collect & Store: Archive & Destroy: Requirements

Develop the right a systematic approach & Governance
solutions to get best to ensure all redundant
quality data. data is either archived
or destroyed safely.
Share Assess
Share:
Assess & Improve:
Develop appropriate
Data Quality Reporting solutions for collection
and monitoring - of data. Analyse
Quantifying risk.

3
 Using web data, social media and customer analytics
To provide a bespoke customer service and improve customer satisfaction scores by 40%.

Background Solution Benefits

During the SIM wave of 2017, we received poor
feedback and low customer satisfaction scores in three
areas:
• Leakage Issues
• Defective Stop taps
• Pressure Issues
To understand performance (particularly in relation
to SLA’s) we needed data on all jobs raised and
their overall response times. We also required
information on the causes and location of issues.
We also required information on website page
views and social media info to understand when
people looked at our website.
We decided to start using our page views data, social
media sentiment and call analytics information to
better understand the concerns of customers. This
data has been compiled into a dashboard which
provides page views, call volume trends and
geospatial distribution of inbound customer calls. The
proactive team analyse all customer call data to
reduce unnecessary technician visits.
We also deployed our IVR service to give
customers the choice to call us back if required,
without losing their space in the queue, reducing
wait times by 20 minutes.
Thanks to strong collaboration, the deployment of
the IVR service and the use of the analytical
dashboard, we achieved some encouraging results
within the first year;
• 16% reduction in very bad C-sat scores.
• A significant reduction in erroneous
technician visits, thus improving customer
feedback!
• An improvement in customer satisfaction
scores of 40% between June 2017 and April
2018.

The dashboard is shared

Customer call data, web
page views, social media
and work management
data.
Data stored in google
analytics, twitter /
Facebook API and Hi-
Affinity.
Adding location We found that our
between customer
information and call gatekeeping process
relations and the service
duration data to populate reduced erroneous
desk team to continuously
dashboard. technician visits by 60%.
improve our service.
4
 Delivering real time data updates during interruptions
Driving positive customer feedback whilst reducing unwanted contact.

Background Solution Benefits

We have developed our “in your area” mapping
application to give customers an overview of bursts,
leaks and general planned and unplanned works within
their local area. The system was substantially
revamped in 2017 to provide up to date information.
We seeked to use streetworks data and social
media sentiment analysis to reduce our negative
feedback during a major outages. The below
analysis show social media sentiment recorded
between January and June 2017 – only 11% of
customers felt positive about our service.
Neutral 66.80%
Negative 22.10%
Positive 11.10%
We developed a new strategy focused on analysing We found that customers were appreciative of the
our social media data and page views. We analysed up to date information and were happy that:
the relationship between social media activity and
page views, whilst also analysing this against network • We could keep them informed on when the
incidents (bursts, DG3 interruptions to supply). The water would be back on.
data was mapped to identify page views within certain
locations, related to incidents and its relation to • Interruptions were updated regularly on the
bursts. “in your area” web page.
• We provide active video and image content
on the state of repairs via twitter.
Overall we managed to improve positive social
media sentiment by 16% (July to December 2017).
We also toppled 100k page views in 2017 on the in
your area app.
On the 1st of August 2017, we saw 6900 page Neutral 56.70%
views on our “in your area” webpage, 50% of Negative 15.70%
which came from Letchwork, Baldock and Hitchin.
These areas were affected by a large interruption. Positive 27.60%

Data was used to target

Social Media Data Location information was Page views go up
Twitter & Facebook API, tweets and social media
(Facebook and Twitter), added to the page views exponentially during major
Google Analytics, Bursts comments in Baldock
“In your Area” page views and social media content interruptions – 25*
and DG3 data stored in area, whilst also using
, Bursts and DG3 Incident to understand source of Increase on 1st of August
Maximo and our Register. page views data to help
data. the data. 2017.
plan bottled water.
5
 Using network data to understand pressure issues
And improve customer knowledge of low pressure symptoms.

Background Solution Benefits

We currently report pressure under the DG2 metric The calls from the analysis were plotted against the The analysis provided us the certainty that
(number of properties receiving less than 15m in the low pressures identified through loggers and any that customers are receiving the right level of service
main for longer than 15 minutes on more than 5 do not correlate are investigated further and included and thus reducing the volume of disputes and
occasions in a year) which is reported through Discover in the measure. We also analysed customer calls unwanted contact. It is also helping us to shape our
Water which compares results across all water against actual communication pipe failures. Below is communication strategy, serving more information to
companies. Currently there are around 2000 properties an example for June 2017. customers.
on the DG2 register. AWL is an outlier against other £1.25
companies. Million
Committed
to reduce
DG2.
Part of the information will include awareness
for plumbers to ensure that they are installing
The service level is within the main (15m) and not at In-depth customer interviews found that in low the correct diameter internal pipework to
the customer property, hence the requirement to pressure areas, customers have little support the lowest possible pressure received
distinguish customer/network side. We decided to understanding of the causes of low pressure, and as advised by us. A capital budget of £1.25m
look at our network data to understand actual whether it is the responsibility of the water was approved for investments required to
mains pressure and head loss issues against company or the customer. increase the pressure to properties on the DG2
customer calls for low pressure. register and thus the number of DG2 properties.
Logger data was collected We added value to the More information shared
We required network Over 60% of customers
from our network customer data by carrying via our website and on the
pressure data from our interviewed lacked
telemetry system our interviews with phone to aid customers in
loggers, customer calls awareness of the root
(Waternet), customer affected customers to diagnosing cause of
related to poor pressure cause of their specific
contacts came from our better understand their pressure issue within their
and customer feedback. pressure issue.
billing system. awareness of the issue. home.
6
 Segmentation of QOS calls by Postcode Districts
Developing a spatial understanding of customer issues to provide them the right support.

Background Solution Benefits

We serve over 3.5 Million customers in the south east
of England – this equates to close to 200 postcode
districts, all with varying needs and service level issues.
We were interested in broadening our understanding of
customer issues by creating a “portrait” of our postcode
districts.
We decided to undertake a spatial segmentation of
postcode districts by grouping quality of service
(QOS) calls by code type (over 30 codes) received
within each postcode district since 1999. We used the
number calls per 1000 population as a standardised
measure across all postcodes.
The analysis provides us with a much needed
insight into customer issues spatially . We have over
95% coverage of our customer based in terms of
Qos calls, which means that we can see the issues
which customers experience throughout the year.

Segment
Segment B: 67%
A: 35%
Local Postcode
Customer district
Operation
calls data
al data Segments Segment C:
2%

We plan to develop this segmentation further by

We also wanted to develop a spatial understanding
of those issues, to link service delivery
to our customer feedback.
The initial analysis produced 3 high level
segments and revealed some interesting splits
between our urban areas and suburban/rural
postcodes, especially with water quality issues.
applying the QOS data at various
geographical levels-this will allow us to link
asset performance and works management data
with customer calls, to make sure we have
useful insight on customers to support them
when contacting us, supporting C-Mex.

We needed customer calls The data is collected via Results stored as a spatial
Data was cleansed and
information with the our service desk, who Three “core “ groups dataset and tabular list of
normalised to compare
location of those postcode collate information and is identified which segments – the
like for like call volume per
districts. We also required stored in our Billing differentiate themselves. methodology is replicable
capita.
network data. System (Hi Affinity) and re-usable.
7
 Improving data management in Open Water
Our Wholesale service desk is now top of the wholesalers' league table.

Background Solution Benefits

As Part of the market reform for commercial customers
which came into vigor in April 2017, Affinity Water
embarked on a data quality and governance journey
designed to meet the requirements set by the Market
Code, Operational code and service agreement; this
ensures that we meet the compliance requirements set
by MOSL.
We formed a coherent working group between
various functions of the business (wholesale
operations, IT and asset management) to facilitate the
updates and improvements in data quality. Tasks of
the group are to;
• Chair data resolution/improvement team.
• Maintain rules for data quality (standards and
tolerance)
• Work with data owners and stewards on data
quality improvements (with WOSD)
Over the course of the last financial year (Yr3)
operational performance standards (OPS), which
sets service level agreements (SLA) for a number of
activities (for example a meter exchange should be
completed within 22 business days.) Went from
95.81% to 99.7%, putting us in top spot within the
industry overall.
IT Service and
Delivery

• Produce and update processes for investigation

and resolution of data quality issues.
Data quality is therefore important - inaccurate
records and poor information management Active measurement of our SLA and meter Business
processes contribute to increased expenditure and exchanges has ensured we pro-actively manage WO Service Desk Intelligence
poor retailer feedback. our compliance and fulfill customer requirements
as swiftly as possible.

We need to ensure that the
data held on CMOS and in our
systems is of a high quality to
drive settlements and SLAs –
ensuring it mirrors the current
state of the market.
Information is stored in the
CMOS database and our
system – divergence of data in
monitored to enable us to
minimise manual data
cleansing.
The working group is able to
monitor and assess data
quality on SPID, address point
and database divergence to
ensure we maintain a high
standard in data quality
operational performance
standards (OPS), which sets
service level agreements
(SLA) Went from 95.81% to
99.7%, putting us in top spot
within the industry overall.
The performance data on
meter exchanges, supply pipe
changes and retailer changes
is shared amongst the 3
parties in the working group to
continue our great service.
8
 Improving Information Security with Cyber Essentials
Certification to the UK Government Cyber Essentials Plus Standard.

Background Solution Benefits

As part of the InfoSec maturity model assessment
completed in Dec 2016 by and independent partner
NCC is was agreed that AWL required a more effective
formal structured approach within its InfoSec function.
This would allow the team to concentrate efforts and
resources on core security functions, formalise its
future cyber strategy and deliver mature security
processes to the business.
A decision was made to initially certify to the Cyber
Essentials certification and then upgrade to Cyber
Essentials Plus. An initial gap analysis was performed
to review our compliance with the standards to
identify short falls and weaknesses as input into a
focused improvement plan. This included
improvements to:
– Vulnerability Management & Remediation.
– Active Directory (AD) Access Control.
– Network, Server and Desktop build hardening.
– Malware and AV detection.
Certification to the standard results in yearly
audits from our external partner to ensure
compliance with the standards clauses. This
assists the team in ensuring that Information
Security processes are fit for purpose.
Since the implementation of the standard we have
removed all critical and high criteria vulnerabilities
from our external interfaces. We have also reduced
internal critical vulnerabilities by 90%. Our AD has
been cleansed and the data is trusted acting as the
single point of truth for access control mechanisms.
The Information Security team has been imbedded
within the improvements process for our networked
equipment builds which along with systems
monitoring tools provide early warning of potential
data loss and better control of network anomalies
through improved alerting. We have improved our
AV, Malware and proxy protection provision and
have seen a 20% decline in malware penetrating
through to the user decreasing potential risk of user
induced infections. Certification to the Cyber
Essentials Plus program was granted.

We needed to ensure that the

After an initial gap analysis the Improvements to our security
Information Security team adhered The plan included areas of A third party audit against the
team identified weaknesses and function highlighted by the standard
to Government standards to fulfil improvement and a project was standard was conducted and the
potential non compliance and enabled us to meet the standards
our regulatory and Customer formulated to meet the standard. certification was granted.
instigated a change plan. clauses.
requirements for data protection.