Unified cross-agency risk visibility without compromising per-agency data isolation
Background
Mesa Verde Regional Water Authority is a multi-agency water authority coordinating bulk water supply and distribution oversight for three member municipalities in Maricopa County, Arizona. The three member agencies collectively serve approximately 88,000 service connections across a combined distribution network of approximately 740 pipe segments.
The authority's central operations center had no unified view of distribution risk across the three agencies — each agency operated its own SCADA system, and there was no mechanism for authority staff to identify which segment, across all three networks, posed the highest current risk.
The challenge
Cross-agency data sharing created two competing concerns. The authority needed unified visibility to fulfill its oversight mandate. But each member agency's governing body was protective of operational data, and the authority's charter required that individual agency data remain accessible only to that agency's own staff unless explicit consent was given.
Previous attempts to build a unified dashboard through custom SCADA integration had stalled on the data governance question — no agency would agree to expose raw SCADA data to a shared system that other agencies could also access.
The Watsynq deployment
Watsynq's multi-tenant architecture resolved the data governance question by design: each agency was provisioned as an isolated tenant within the platform. Agency staff could only see their own network's data. Authority-level staff were provisioned with read-only aggregate views — seeing risk scores and alert summaries across all three agencies, but no raw operational data.
Onboarding took six weeks, staggered across the three agencies. Each agency's GIS data, break records, and SCADA historian were ingested independently. The authority's operations center came online with a consolidated risk dashboard in week six.
What the authority could finally see
The immediate operational change after the platform went live was the authority's morning briefing protocol. Previously, the authority's director of operations began each day with phone calls to the three member agency operations leads — asking whether anything of note had occurred overnight, a manual information-gathering process that depended on each agency choosing to share operational issues proactively.
After week six, the morning briefing was replaced by a 10-minute review of the authority's consolidated risk dashboard: three separate panels showing each agency's current alert queue and top-10 highest-risk segments, plus a cross-agency comparative view that ranked all 740 monitored segments by composite risk score regardless of which agency's network they belonged to. The authority director could identify, for the first time, that Agency 2's highest-risk segment (a 1969 cast iron main in a densely developed commercial corridor) was more urgent than anything on Agency 1's or Agency 3's lists — and could flag it for Agency 2's attention without needing the full context of each agency's internal queue.
This cross-agency visibility was operationally valuable before the risk model had even influenced any capital decisions. The authority used the cross-agency comparison to recommend a joint inspection program for the six highest-risk segments across all three networks — arguing that consolidated inspection contracting would reduce per-segment inspection cost compared to each agency procuring independently. The three agencies agreed, and the combined inspection contract was executed in Q4 2025 at a per-segment cost approximately 22% below the rates each agency had paid individually in prior year inspection work.
The data isolation design validated in practice
The data governance concern that had blocked previous cross-agency dashboard attempts — that operational data from one agency would be visible to the others — was the most closely watched aspect of the deployment by the member agencies' governing bodies. One agency's governing board had explicitly requested a third-party review of the access control architecture before authorizing their data to be included in the deployment.
That review, conducted by the authority's IT security consultant, confirmed that the tenant isolation was technically enforced at the data layer, not just at the user interface layer. Agency staff credentials only had database-level access to their own agency's tenant. Authority staff credentials had read access to aggregate risk score outputs only — not to raw operational telemetry, sensor readings, or break event records from any individual agency. The confirmation of this architecture resolved the governing board's objection, and the final agency came online in week five as planned.
The architecture also proved its value in a practical test during month four: Agency 3 experienced an operational incident during a planned valve replacement that temporarily affected pressure readings across several monitoring nodes in their zone. The anomalous pressure data was visible in the authority's aggregate view as an elevated alert cluster in Agency 3's area — but the specific sensor IDs, pipe segment identifiers, and operational context behind the alert were accessible only to Agency 3's staff. The authority could see that something was happening; they could not see the operational details. Agency 3's staff investigated and resolved the issue without the authority's involvement. The data governance design had worked as intended.
Coordinated capital planning: the next phase
The deployment's most consequential long-term benefit — still in early stages as of this writing — is the potential to coordinate capital replacement sequencing across the three agencies. Currently, each agency plans its annual replacement queue independently; the authority provides bulk water supply coordination but does not influence individual distribution system capital decisions.
With a single cross-agency risk ranking available, the authority is beginning discussions about whether segments that are geographically adjacent but administratively in different agency networks can be coordinated for joint replacement procurement — particularly in corridor areas where replacement would require shared street closure permits and traffic management.
"The platform gave us a shared language for risk that we didn't have before. When we talk about segment priority now, we're talking about the same number — not three different agencies with three different opinions about which corridor is most concerning."
— Operations Director, Mesa Verde Regional Water Authority
The cross-agency procurement opportunity is modest in the near term — a few corridor segments where the geometry and timing align — but it establishes a coordination model that scales as more replacement cycles are planned with the risk data available. The shared risk language that the platform provides has reduced the friction in those coordination conversations substantially.