Data Governance

According to DAMA International, "Data Governance is the exercise of authority and control (planning, monitoring, and enforcement) over the management of data assets.”^[1] Data governance is the discipline of cataloging and defining important data, assigning ownership of data and incorporating governance of data into the everyday business process.

source: DAMA.Org

What Data Governance is Not

Data Governance is frequently confused with other closely related terms and concepts, including data management and master data management.^[2]

Data Governance is Not Data Management

Data management refers to the management of the full data lifecycle needs of an organization. Data governance is the core component of data management, tying together nine other disciplines, such as data quality, reference and master data management, data security, database operations, metadata management, and data warehousing.

Data Governance is Not Master Data Management

Master data management (MDM) focuses on identifying an organization's key entities and then improving the quality of this data. It ensures you have the most complete and accurate information available about key entities like customers, suppliers, medical providers, etc. Because those entities are shared across the organization, master data management is about reconciling fragmented views of those entities into a single view—a discipline that gets beyond data governance. However, there is no successful MDM without proper governance. For example, a data governance program will define the master data models (what is the definition of a customer, a product, etc.), detail the retention policies for data, and define roles and responsibilities for data authoring, data curation, and access.

Data Governance is Not Data Stewardship

Data governance ensures that the right people are assigned the right data responsibilities. Data stewardship refers to the activities necessary to make sure that the data is accurate, in control, and easy to discover and process by the appropriate parties. Data governance is mostly about strategy, roles, organization, and policies, while data stewardship is all about execution and operationalization. Data stewards take care of data assets, making certain that the actual data is consistent with the data governance plan, linked with other data assets, and in control in terms of data quality, compliance, or security.

Data Governance Process

The Process Stages of Data Governance^[3]
To truly manage data as a valued enterprise asset, data governance must be managed as a business function like finance or human resources. The primary business processes (illustrated in the figure below) enable data governance and stewardship, which include processes that cleanse, repair, mask, secure, reconcile, escalate, and approve data discrepancies, policies and standards. There are over twenty distinct processes segmented into four core process stages – all of which are iterative and encompass many parallel activities depending on the stage of maturity:

source: Informatica

Discover processes capture the current state of an organization’s data lifecycle, dependent business processes, supporting organizational and technical capabilities, as well as the state of the data itself. Leverage insights derived from these steps to define the data governance strategy, priorities, business case, policies, standards, architecture and the ultimate future state vision. This process runs parallel and is iterative to the Define process stage as Discovery drives Definition, and Definition drives more targeted focus for Discovery.
Define processes document data definitions and business context associated with business terminology, taxonomies, relationships, as well as the policies, rules, standards, processes, and measurement strategy that must be defined to operationalize data governance efforts. This process runs parallel and is iterative to the Discover process stage as mentioned above.
Apply processes aim to operationalize and ensure compliance with all the data governance policies, business rules, stewardship processes, workflows, and cross-functional roles and responsibilities captured through the Discover and Define process stages.
Measure and Monitor processes i) capture and measure the effectiveness and value generated from data governance and stewardship efforts, ii) monitors compliance and exceptions to defined policies and rules, and iii) enables transparency and auditability into data assets and their life cycle.

A data governance initiative must build competencies, assign roles and responsibilities and invest in technologies to enable these core processes no matter the scope and scale of your business objectives. A pilot data governance project focusing on improving the quality or security of a single data item, phone number as an example, should follow the same approach as a holistic data governance function that’s managing all business critical data assets.

The Importance of Data Governance

Why Data Governance Matters^[4]
Most companies already have some form of data governance for individual applications or business departments, although it is not necessarily comprehensively institutionalized. The systematic introduction of data governance is therefore often an evolution from informal rules to formal control.

Formal data governance is normally implemented once a company has reached a size at which cross-functional tasks can no longer be implemented efficiently.

Data governance is a prerequisite for numerous tasks or projects and has many clear benefits:

Consistent, uniform data and processes across the organization are a prerequisite for better and more comprehensive decision support;
Increasing the scalability of the IT landscape at a technical, business and organizational level through clear rules for changing processes and data;
Central control mechanisms offer potential to optimize the cost of data management (increasingly important in the age of exploding data sets);
Increased efficiency through the use of synergies (e.g. by reusing processes and data);
Higher confidence in data through quality-assured and certified data as well as complete documentation of data processes;
Achieving compliance guidelines, such as Basel III and Solvency II;
Security for internal and external data by monitoring and reviewing privacy policies;
Increased process efficiency by reducing long coordination processes (e.g. through clear requirements management);
Clear and transparent communication through standardization. This is the prerequisite for enterprise-wide data-centric initiatives;
Further, specific benefits result from the specific nature of each data governance program.

More than ever, data governance is vital for companies to remain responsive. It is also important to open up new and innovative fields of business, for example by big data analyses, which do not permit the persistence of backward thinking and overhauled structures.

Data Governance Framework

Framing Data Governance^[5]
Data governance is a combination of strategy and execution (Jill Dyché and Evan Levy Customer Data Integration:Reaching a Single Version of the Truth). It’s an approach that requires one to be both holistic and pragmatic: • Holistic. All aspects of data usage and maintenance are taken into account in establishing the vision. • Pragmatic. Political challenges and cross-departmental struggles are part of the equation. So, the tactical deployment must be delivered in phases to provide quick “wins” and avert organizational fatigue from a larger, more monolithic exercise.

To accomplish this, data governance must touch all internal and external IT systems and establish decision-making mechanisms that transcend organizational silos. And, it must provide accountability for data quality at the enterprise level. The SAS Data Governance framework (illustrated below) is a comprehensive framework for data governance that includes all the components needed to achieve a holistic, pragmatic data governance approach.

source: SAS

The top portion of the framework – Corporate Drivers – deals with more strategic aspects of governance, including the corporate drivers and strategies that point to the need for data governance. The Data Governance and Methods sections refer to the organizing framework for developing and monitoring the policies that drive data management outcomes such as data quality, definition, architecture and security.

The Data Management, Solutions and Data Stewardship sections focus on the tactical execution of the governance policies, including the day-to-day processes required to proactively manage data and the technology required to execute those processes.

While the framework can be implemented incrementally, there are significant benefits in establishing a strategy to deploy additional capabilities as the organization matures and the business needs require new components. It’s important to develop a strategy that can address short-term needs while establishing a more long-term governance capability.

Benefits of Data Governance

Benefits of Data Governance Include:^[6]

Decrease the costs associated with other areas of Data Management.
Ensure accurate procedures around regulation and compliance activities.
Increase transparency within any data-related activities.
Help with instituting better training and educational practices around the management of data assets.
Increase the value of an organization’s data.
Provide standardized data systems, data policies, data procedures, and data standards.
Aid in the resolution of past and current data issues.
Facilitate improved monitoring and tracking mechanisms for Data Quality and other data-related activities.
Increase overall enterprise revenue.

Data Governance Drivers and Regulations

The Drivers and Regulatory Requirements of Data Governance^[7]
While data governance initiatives can be driven by a desire to improve data quality, they are more often driven by C-Level leaders responding to external regulations. In a recent report conducted by CIO WaterCooler community, 54% stated the key driver was efficiencies in processes; 39% - regulatory requirements; and only 7% customer service. Examples of these regulations include Sarbanes–Oxley Act, Basel I, Basel II, HIPAA, GDPR, cGMP, and a number of data privacy regulations. To achieve compliance with these regulations, business processes and controls require formal management processes to govern the data subject to these regulations. Successful programs identify drivers meaningful to both supervisory and executive leadership.

Common themes among the external regulations center on the need to manage risk. The risks can be financial misstatement, inadvertent release of sensitive data, or poor data quality for key decisions. Methods to manage these risks vary from industry to industry. Examples of commonly referenced best practices and guidelines include COBIT, ISO/IEC 38500, and others. The proliferation of regulations and standards creates challenges for data governance professionals, particularly when multiple regulations overlap the data being managed. Organizations often launch data governance initiatives to address these challenges.

References

↑ Definition: What is Data Governance? DAMA International
↑ What Data Governance is Not Talend
↑ The Process Stages of Data Governance Rob Karel
↑ Why Data Governance Matters Bi-Survey.com
↑ Framing Data Governance SAS
↑ What are the Benefits of Data Governance? Dataversity
↑ The Drivers and Regulatory Requirements of Data Governance Wikipedia