So, what is Data Governance?
Does your business manage large amounts of data?
The goal of data governance is to build trust in your data and manage the risks of using poor quality data. It should ensure that the data you hold is consistent, trustworthy and doesn’t get abused.
Understanding these factors and integrating data governance becomes increasingly important as a business scales and data volumes grow, impacting business processes and decision-making. Unlike Data Protection and Information Security, there isn’t a single ISO standard or set of regulations to help define what ‘good’ data governance looks like. For any business setting out on a data governance journey this makes the area difficult to navigate and complex. So, we’re going to break it down for you.
What is Data Governance?
According to IBM, data governance is the support of an organisation’s data management through the use of policies, processes and structure. It is designed to provide security, trust and confidence around the stakeholders within a company. This is vital as an organisation grows and scales, when accruing more assets and data sources; this could be new team members or new customers.
When considering the stakeholders involved, there are several situations where a strong data governance framework adds value to a company. Procurement needs data to ensure effective stock management and reduce costs associated with manufacturing. Managers need accurate data to support strategic decision making. Marketing and sales teams use data to understand their customer’s wants and needs.
What are the benefits of Data Governance?
Data governance concerns all elements of running a business. It includes all tasks which you do to ensure the integrity of your data (security, privacy, quality, usability), and the actions people take in managing and using this data i.e. processes to follow and the technology used to store, manage, use and dispose of data. With its all-encompassing nature in mind, there are some clear benefits to establishing robust data governance:
Make better, efficient decisions
Improve cost controls
Improve efficiency
Enhance compliance to regulations
Build more trust with stakeholders
Manage risk
Allow appropriate sharing of data
How do I embed Data Governance in my organisation?
When building a data governance framework within your organisation, it is important that the policies, procedures and structures used manage data across the data lifecycle (plan, create, store, use, share, archive, destroy) and account for the data’s creation, ongoing management or care and data protection processes. When working with clients on how best to achieve this, we use our seven step model to evaluate their data governance maturity. This allows them to assess the current state of these foundational capabilities and identify improvements. We always advocate a value focussed approach to doing this:
Select an important business problem that needs data and data governance capabilities to solve
Build the elements of the data governance framework you need to solve the problem and ensure that the change embeds and issues cannot re-occur.
Move on to the next problem, reusing existing elements of the framework and building incrementally as you go.
This value driven approach avoids what we call ‘shelfware policies’ and doing things for the sake of best practice and helps to maintain interest whilst keeping stakeholders on-side.
Step One: Policy, Process and Standards
Within this section of evaluation, it is important to assess whether data is seen as an asset, and thus supported with established processes. These processes should be consistently and regularly evaluated to drive best practice and efficiency.
Step Two: Risk Management
Here, we are evaluating risk. Is there a risk management process in place? Do the stakeholders understand where potential for risks to arise may come from, and is there a system in place for managing this?
Step Three: Data Quality
What we’re looking for here is whether a system for proactive monitoring and improvement of data is in place. Does the organisation have a list of definitions and KPIs? Is there an established process through which the business can raise, address and resolve data quality issues?
Step Four: Ownership and Stewardship
For data governance to be effective, it is vital that a sense of ownership and accountability is embedded within the organisation’s culture. Within roles, there should be clarity over how performance is managed and who ‘owns’ the data. A supporting team of data stewards and a governance forum should be a core part of the regime.
Step Five: Data Security
Within the organisation, all data and information should be governed by ‘role based access controls’ which are regularly evaluated and re-attested. Any data, whether stored or being used, should be encrypted and backed-up. Moreover these backups should be tested regularly to ensure the organisation can recover from a data loss/corruption event.
Step Six: Data Protection
To ensure the protection of data, the organisation should ensure privacy by design that is fully compliant with GDPR requirements. Any legislative and public sentiment change should be monitored, and when building the data systems, ethical requirements should be considered.
Step Seven: Enabling Technology and Architecture
Data management tools should be widely rolled out and adopted by all stakeholders, to ensure an effective and efficient data governance framework within the organisation.
When considering your own business’ data governance, or embarking on the creation of a data strategy it can often feel complex and lead to uncertainties in the best approach. This is why our evaluation framework exists. Get in touch to find out more about how it could be applied to your organisation.
