Data governance

Summary

Data governance is a term used on both a macro and a micro level. The former is a political concept and forms part of international relations and Internet governance; the latter is a data management concept and forms part of corporate data governance.

Macro level edit

On the macro level, data governance refers to the governing of cross-border data flows by countries, and hence is more precisely called international data governance. This new[when?] field consists of "norms, principles and rules governing various types of data." [1]

There have been several international groups established by research organizations that aim to grant access to their data. These groups that enable an exchange of data are, as a result, exposed to domestic and international legal interpretations that ultimately decide how data is used. However, as of 2023, there are no international laws or agreements specifically focused on data protection.[2]

Micro level edit

Here the focus is on an individual company. Here data governance is a data management concept concerning the capability that enables an organization to ensure that high data quality exists throughout the complete lifecycle of the data, and data controls are implemented that support business objectives. The key focus areas of data governance include availability, usability, consistency, data integrity and data security, and standards compliance. The practice also includes establishing processes to ensure effective data management throughout the enterprise, such as accountability for the adverse effects of poor data quality, and ensuring that the data which an enterprise has can be used by the entire organization.

A data steward is a role that ensures that data governance processes are followed and that guidelines are enforced, as well as recommending improvements to data governance processes.

Data governance encompasses the people, processes, and information technology required to create a consistent and proper handling of an organization's data across the business enterprise. It provides all data management practices with the necessary foundation, strategy, and structure needed to ensure that data is managed as an asset and transformed into meaningful information. Goals may be defined at all levels of the enterprise and doing so may aid in acceptance of processes by those who will use them. Some goals include:

  • Increasing consistency and confidence in decision making
  • Decreasing the risk of regulatory fines
  • Improving data security
  • Defining and verifying the requirements for data distribution policies[3]
  • Maximizing the income generation potential of data
  • Designating accountability for information quality
  • Enabling better planning by supervisory staff
  • Minimizing or eliminating re-work
  • Optimizing staff effectiveness
  • Establishing process performance baselines to enable improvement efforts
  • Acknowledging and holding all gain

These goals are realized by the implementation of data governance programs, or initiatives using change management techniques.

When companies desire, or are required, to gain control of their data, they empower their people, set up processes and get help from technology to do it.[4]

Data governance drivers edit

While data governance initiatives can be driven by a desire to improve data quality, they are more often driven by C-level leaders responding to external regulations. In a recent report conducted by CIO WaterCooler community, 54% stated the key driver was efficiencies in processes; 39% - regulatory requirements; and only 7% customer service.[5] Examples of these regulations include Sarbanes–Oxley Act, Basel I, Basel II, HIPAA, GDPR, cGMP,[6] and a number of data privacy regulations. To achieve compliance with these regulations, business processes and controls require formal management processes to govern the data subject to these regulations.[7] Successful programs identify drivers meaningful to both supervisory and executive leadership.

Common themes among the external regulations center on the need to manage risk. The risks can be financial misstatement, inadvertent release of sensitive data, or poor data quality for key decisions. Methods to manage these risks vary from industry to industry. Examples of commonly referenced best practices and guidelines include COBIT, ISO/IEC 38500, and others. The proliferation of regulations and standards creates challenges for data governance professionals, particularly when multiple regulations overlap the data being managed. Organizations often launch data governance initiatives to address these challenges.

Data governance initiatives (Dimensions) edit

Data governance initiatives improve quality of data by assigning a team responsible for data's accuracy, completeness, consistency, timeliness, validity, and uniqueness.[8] This team usually consists of executive leadership, project management, line-of-business managers, and data stewards. The team usually employs some form of methodology for tracking and improving enterprise data, such as Six Sigma, and tools for data mapping, profiling, cleansing, and monitoring data.

Data governance initiatives may be aimed at achieving a number of objectives including offering better visibility to internal and external customers (such as supply chain management), compliance with regulatory law, improving operations after rapid company growth or corporate mergers, or to aid the efficiency of enterprise knowledge workers by reducing confusion and error and increasing their scope of knowledge.[citation needed] Many data governance initiatives are also inspired by past attempts to fix information quality at the departmental level, leading to incongruent and redundant data quality processes. Most large companies have many applications and databases that can not easily share information. Therefore, knowledge workers within large organizations often do not have access to the data they need to best do their jobs. When they do have access to the data, the data quality may be poor. By setting up a data governance practice or corporate data authority (individual or area responsible for determining how to proceed, in the best interest of the business, when a data issue arises), these problems can be mitigated.

Implementation edit

Implementation of a data governance initiative may vary in scope as well as origin. Sometimes, an executive mandate will arise to initiate an enterprise wide effort, sometimes the mandate will be to create a pilot project or projects, limited in scope and objectives, aimed at either resolving existing issues or demonstrating value. Sometimes an initiative will originate lower down in the organization’s hierarchy, and will be deployed in a limited scope to demonstrate value to potential sponsors higher up in the organization. The initial scope of an implementation can vary greatly as well, from review of a one-off IT system, to a cross-organization initiative.

Data governance tools edit

Leaders of successful data governance programs declared in December 2006 at the Data Governance Conference in Orlando, FL, that data governance is between 80 and 95 percent communication."[9] That stated, it is a given that many of the objectives of a data governance program must be accomplished with appropriate tools. Many vendors are now positioning their products as data governance tools; due to the different focus areas of various data governance initiatives, any given tool may or may not be appropriate, in addition, many tools that are not marketed as governance tools address governance needs and demands

See also edit

References edit

  1. ^ "FAQ". Digital Trade and Data Governance Hub. Retrieved 2023-02-20.
  2. ^ Bernier, Alexander; Molnár-Gábor, Fruzina; Knoppers, Bartha Maria. "The international data governance landscape". Journal of Law and the Biosciences. 9 (1). Oxford University Press. doi:10.1093/jlb/lsac005. PMC 8977111.
  3. ^ Gianni, Daniele (2014). "Data Policy Definition and Verification for System of Systems Governance". Modeling and Simulation Support for System of Systems Engineering Applications. pp. 99–130. doi:10.1002/9781118501757.ch5. ISBN 9781118460313.
  4. ^ Sarsfield, Steve (2009). The Data Governance Imperative. IT Governance Publishing. ISBN 9781849281102.
  5. ^ Warburton, Daniel (2017-03-15). "The Data Governance Report 2017 – Your Copy". CIOWaterCooler.co.uk. Retrieved 2023-02-20.
  6. ^ "eCFR — Code of Federal Regulations". eCFR.gov. Retrieved 2023-02-20.
  7. ^ "Rimes Data Governance Handbook". RIMES. 2013-10-16. Archived from the original on 2016-03-05. Retrieved 2023-02-20.
  8. ^ Dai, Wei; Wardlaw, Isaac (2016). "Data Profiling Technology of Data Governance Regarding Big Data: Review and Rethinking". Information Technology, New Generations. Advances in Intelligent Systems and Computing. Vol. 448. pp. 439–450. doi:10.1007/978-3-319-32467-8_39. ISBN 978-3-319-32466-1.
  9. ^ Hopwood, Peter (June 2008). "Data Governance: One Size Does Not Fit All". DM Review Magazine. Archived from the original on 2008-09-28. Retrieved 2023-02-20. At the inaugural Data Governance Conference in Orlando, Florida, in December 2006, leaders of successful data governance programs declared that in their experience, data governance is between 80 and 95 percent communication. Clearly, data governance is not a typical IT project.

External links edit