Your organization’s data is a strategic asset. Just like your finances and customer relationships, it needs proper management. When critical data is disorganized, organizations can face penalties for not complying with regulations, rising costs for storing and managing duplicate data, and other expenses. Moreover, they cannot be sure their business decisions are based on correct information. To minimize those risks, you need proper data governance.
So, what is data governance? In this article, we will explore the meaning and benefits of data governance for the enterprise, and then talk about the basic implementation steps.
Data governance (DG) is a collection of data management practices and processes that help an enterprise manage its internal and external data flows. By implementing DG, your business can improve data quality and help ensure the availability, usability, integrity and security of its data assets.
Gartner defines data governance as “the specification of decision rights and an accountability framework to ensure the appropriate behavior in the valuation, creation, consumption and control of data and analytics.”
When developing your DG program, you should tailor the data governance definition to your company’s concerns and goals, so it is meaningful for you. We will talk about this process when we discuss the implementation process.
There are several other terms that help define data governance:
- Data governance program covers the technical, business and organizational factors required to provide a business with high-quality data. Data owners, data stewards and other stakeholders must collaborate to build a sound DG strategy and a clear policy that describes all procedures, methods and technologies to be used throughout the data lifecycle.
- Data Governance Office (DGO) is a strategic team responsible for measuring success and gathering metrics. The Data Governance Institute defines DGO as “a centralized organizational entity responsible for facilitating and coordinating Data Governance and/or Stewardship efforts for an organization. It supports a decision-making group, such as a Data Stewardship”
- Data stewardship is an operational concept that focuses on the implementation and coordination of policies and procedures. Data stewards are responsible for managing critical data assets, including making data-related decisions, issuing recommendations and developing policies.
- Data quality is a key objective of data governance. It includes accuracy, integrity, accessibility, consistency, completeness, reliability and timeliness (age of data).
- Master data management (MDM) is a discipline used to define and manage master data assets — key data that critical to business operations and analytics, such as data about customers, finances, products and services, and organizational structure.
Why data governance matters
Data governance initiatives are often driven by the need to comply with internal policies, regulatory mandates (such as SOX, GDPR and HIPAA), frameworks (like COBIT 5) or standards (such as ISO/IEC 38500). But the benefits of establishing clear rules and procedures for data-related activities go beyond compliance. Here are some of the other common benefits of a sound data governance program:
- Stronger security, which is achieved by locating critical data, identifying data owners and data users, and assessing and remediating risk to critical data
- Increased data quality, which enables better corporate decision-making
- Improved operational efficiency, thanks to processes and procedures that enable faster and simpler management of data
- Reduced data management and storage costs
- Fewer security violations, due to enhanced training on proper handling of data assets
Data governance initiatives can be very complex and expensive to implement. Here are the steps involved and the aspects that require special attention.
Step #1. Prepare a value statement and build a roadmap.
Your DG program starts with an initial assessment of the current state of data management, roles and responsibilities, and data-related problems. This assessment will help you define your goals and develop a roadmap that identifies areas for improvement and a plan for achieving results. Remember that broad organizational changes often meet with resistance, so develop strong supporting points and give the full picture of the initiatives required on both the business and technical sides. Also be sure to anticipate questions and concerns, such as which metrics will be used to evaluate the program’s success.
Step #2. Identify and engage the right people.
Now it’s time to explain your ideas to the right people. To find your stakeholders, consider roles and responsibilities. For example, the DG program will need someone with decision-making authority and someone to define data quality standards.
Step #3. Develop a data governance policy.
A data governance policy defines the guidelines for ensuring the proper governance of an organization’s data. A data governance policy often covers the following points:
- The scope, purpose and structure of the data governance program
- Definitions of the roles responsible for the creation and use of various sets of information
- Rules for ensuring compliance with applicable laws, regulations and standards
- Rules and principles of data ownership, access, protection, classification, usage, storage and deletion
- Requirements for data quality audits, including metrics for evaluating success
- Relationships with other policies, such as a data retention policy or privacy protection policy
- Other supporting documents
Step #4. Implement the policy.
Implementing a data governance policy can take months, so it’s wise to start with the most important processes. To prioritize, consider factors such as regulatory requirements, impact on business initiatives and business priorities.
Step #6. Continuously assess progress.
Data governance is not a one-time project but an ongoing process. As internal policies, government regulations and business requirements change, your DG program must adapt. Be sure to regularly assess whether your processes and technologies continue to support the program’s goals and make adjustments as needed.