logo

Data Governance Framework: Key Questions to Consider

The importance of a formalized data governance program rises with the amount of data in the organization. Smaller companies often have separate data governance processes that help with a limited scope of data-related problems, but larger enterprises commonly need to get a more formal corporate data governance program.

The need for data governance originates from several issues: unreliable and poor-quality data can leave users unable to quickly find the data they need, which in turn can impede decision making, limit the efficiency of business processes, interfere with meeting regulatory requirements like GDPR and HIPAA, and hurt customer satisfaction.

To implement a data governance program, you need to start by building a data governance framework.

What is data governance framework?

Data governance is a collection of data management policies and procedures that help an organization manage its internal and external data flows. By implementing a data governance initiative, your company can improve data quality and help ensure the availability, usability, integrity and security of its business data.

A data governance framework is a set of guidelines and rules used for building a model for managing enterprise data. The framework sets the rules for data ownership and establishes the methods for defining processes for governing how data should be used, when it is used and who can use it to ensure accountability. The framework offers additional value by helping you build more effective procedures to ensure regulatory compliance by providing standardized data systems and data policies.

The Data Governance Institute defines a data governance framework as “a logical structure for classifying, organizing, and communicating complex activities involved in making decisions about and taking action on enterprise data.”

The key questions to answer before creating a data governance framework

To succeed with a data governance project, it’s not enough to find a couple of data stewards and tell them to create a couple of information policies. Rather, an effective data governance program requires careful planning, the right people and proper technologies for specific tasks like records management.

Here are 5 important questions that will help you develop a framework that works for your organization. Remember that data governance is a cycle, not a linear project, so you will need to regularly revisit questions you’ve already worked on.

1. Why do you need data governance?

It’s important to place your data governance framework in context by reviewing the specific challenges caused by your current data management processes. Do they hinder your compliance efforts? Have you experienced issues with e-discovery during litigation? Do employees waste time searching for information they need? Do they make decisions based on outdated or incomplete data?

Documenting these challenges will help you develop a strategic roadmap that identifies focus areas for improvement and details a plan for achieving results.

2. What do you want to accomplish?

The goals for your data governance initiatives will depend on your industry, business model, corporate hierarchy and other organizational characteristics, as well as your current information management practices and the type of content you have.

Common goals include improving the following:

  • Data security and compliance. Compliance with legal regulations and standards is often the primary driver for implementing a data governance program. Organizations with this goal concentrate their efforts on sensitive data protection, data privacy, risk assessment and controls to manage risk
  • Data quality. Data governance can also help organizations ensure that users have access to complete and accurate data for better corporate decision-making. To achieve this goal, the data governance program will focus on making data more accurate, complete and consistent across its lifecycle.
  • Information sharing. The third common goal of data governance is enabling employees to quickly find the information they need. Organizations with this goal will focus on making data searchable through data classification and tagging.

3. Who will be involved in your data governance program?

Data governance can’t exist in a vacuum, so it is important to identify the people who are responsible for specific processes. Some roles you need to define are:

  • Data Governance Council (or Data Governance Committee)This team runs the data governance effort, including developing policies and making decisions related to issue resolution.
  • Data stakeholders You need to identify the people who own and use specific data assets, such as individuals and teams in your human resources, IT, risk management, compliance and legal departments. Their insights and needs should be considered in decisions about policies, procedures, business rules and technology approaches. Involving all key stakeholders is essential to success.

4. How will the program operate?

Consider how your data governance team will define roles and responsibilities; establish policies for data quality and usage; monitor the effectiveness of those policies; prioritize their efforts; and make other decisions. For example, how will they ensure that policies are created, modified and retired policies according to your data governance principles? How will the program support data privacy, improve data access, enable proper data classification, and enforce retention schedules?

Before you begin shopping for new technology solutions, be sure to explore how the tools you already have might support your new data governance standards and workflows.

5. How will you assess whether the program is supporting your business success?

You also need to define metrics that will help monitor how well your data governance program is moving towards your goals, as well as identify quick wins and long-term improvements.

Useful metrics include:

  • Cost of data management. This can include both reduced costs (e.g., less data storage required thanks to data cleanup) and avoided costs (e.g., eliminating the need to increase headcount)
  • Achievement of objectives. Examples include improved customer satisfaction or retention, and a reduced number of security incidents.
  • Data steward progress and effectiveness. This includes headcount of data professionals trained, specific projects governed, and number of issues elevated and resolved.
  • Data management process maturity. This is calculated on a scale from 1 to 5 according to the Data Governance Maturity model, based on assessment of various elements of the data governance program.

Conclusion

Many data-related problems, such as poor data quality and difficulty locating content, can be alleviate by proper data governance. In addition, a strong data governance program can change your company culture. By making adherence to data governance principles the norm, you can enhance security, data quality and operational efficiency while reducing data management and storage costs.

Product Evangelist at Netwrix Corporation, writer, and presenter. Ryan specializes in evangelizing cybersecurity and promoting the importance of visibility into IT changes and data access. As an author, Ryan focuses on IT security trends, surveys, and industry insights.