Data Governance – The Basics
What is Data Governance, and Why is it Important?
Data, the digital building blocks of information, is a valuable corporate asset outlasting applications and processes. Data is used as input into tactical and strategic decisions. Analysis of data allows organizations to learn and grow. Data is received from and transmitted to customers and business partners. Data is reported to investors and regulators and used by the media. Data flows through every process your organization runs and is used by every individual your organization employs. As important as your central nervous system is to your body, data is to your organization. Data signals when you should move, how fast, and in what direction. If those signals are faulty, poorly managed, or constantly in conflict, you may find yourself paralyzed into inaction or moving in the wrong direction at the wrong speed.
So, what needs to be done to ensure your data is highly managed, valued, and leveraged? Data Governance provides a substantial part of the answer.
Data Governance is the process and people charged with directing, guiding, and regulating the usage of an organization’s data assets in order to optimize its value and control associated risks.
Data governance is no different than any other form of corporate or jurisdictional governance, with the exception that the items being governed are a firm’s data assets. Data Governance, above all else, is about people and their behaviors related to creating, using, and managing data.
What Data Should be Governed?
Ultimately, all of your organization’s data should be governed, but it is not realistic to tackle all of it at once. Combining & applying the dimensions of criticality, commonality, and quality to your organization’s data assets to establish a prioritized list of data categories is a key initial step on the path to data governance.
Some data is more critical than others. Its degree of importance is driven by its usage – i.e. the criticality of the processes, reports, or decisions relying upon that data. Each organization will have a different view on its most critical processes and decisions and, therefore, pieces of information. To make things more complex, this view will change over time.
Additionally, some data is more highly shared than others. Customer and Product data may be used repeatedly across many of your organization’s processes, while other information may be limited to use by a single function. A good indicator of the importance of data subject to your entire enterprise is its level of sharing or common use.
Finally, some data is simply better than others. Higher quality, well-protected, and well-understood data typically needs less attention than data that is defective, accessed incorrectly, and interpreted inconsistently.
However, be forewarned that this prioritization process alone has the potential to drag on due to unresolved conflict and an overly broad span of coverage. Be sure that basic decision-making roles, processes, and timeframes are in place prior to embarking on this initial step. But most importantly, get started and realize that you will not get it perfect the first time through.
Who Governs Data and How?
“Govern”: to control the actions or behavior of; guide; direct; regulate; make policy
The above definition implies a certain degree of power bestowed upon those chosen to govern. The giving of power can easily become a controversial matter at any organization. Each organization should uniquely base its decision on how to structure and distribute governance responsibilities based on its size, culture, and existing formal and informal power base. However, there are a set of guidelines to follow and questions to answer that will make the process easier.
Guideline: When forming the initial data governance team, select a group possessing the following attributes:
- Experience implementing organizational governance
- Extensive data management experience from both a business and technology perspective
- Strong communication skills and ability to understand and work with others
- Understanding of the current culture and formal/informal organizational structures at your firm/agency
- Demonstrated ability to get things done.
While there may be no one person on the team that embodies all of the above characteristics, the combined group should cover all of them. Once this team is formulated, they should set about answering the following questions internally and with various players outside their team spanning multiple organizational levels.
- Setting the Stage:
- What is the objective(s) of the effort?
- How will success or progress be measured?
- What is your current view of the management practices, usage practices, quality, & accessibility of the organization’s data?
- If this effort could solve one and only one issue with data, what would it be?
- What should the scope of data governance be, i.e. what should be included under the data governance umbrella?
- Organizational Model & Structure:
- Who (roles and organizational location) should govern data and why?
- How centrally or de-centrally should governance responsibilities be allocated? Why?
- How formal or informal should governance responsibilities & policies (rules) be? Why?
- How should data governance interact with any other existing governance functions?
- How involved do you want to be in the governance process, and why?
- Governance Execution
- How inclusive should policy-setting decisions be, and how long should it take to make them?
- How should compliance with governance policies and standards be monitored?
- How should compliance be rewarded and/or non-compliance be punished?
- What technologies should the governance process leverage?
Guideline: Best Practices for governance implementations:
- Data Governance does not have a definitive life. It is a way of conducting business that should endure.
- The data content is owned by the business. Data systems are run by IT. Data Management spans both constituent groups. Don’t drive the effort exclusively from one side or the other.
- Making Progress Early
- Identify a key champion and key advocates early in the process. The champion must have influence & respect outside his/her immediate formal authority base.
- Be patient: Start implementing in a small, targeted area and show some results quickly. A bigger change will come later.
- Be patient: Let success drive adoption in the early stages, not a mandate. A bigger change will come later.
- Expanding Coverage
- Be flexible: participation, advocacy, scope, and direction will change over time.
- Be consistent on the core set of guidelines/policies. While flexibility is needed, the overall direction and, most important, tenets must be stable in order to drive the desired behaviors over time.
- Be inclusive: Understand diverse views and opinions to help formulate better overall approaches and adoption tactics – avoid “groupthink” and top-down, middle-out-only approaches.
- Constantly accomplish something of value & communicate its benefits. The saying, “what have you done for me lately” is truer than you may think.
- Operating the Governance Function
- Purely central and purely local approaches to governance rarely work. Default to a hybrid (federated) operating model at the outset, picking up participating localities as the effort progresses.
- Technology is a key enabler but never the core focus. Leverage technology to track, automate, control, and assist with communications.
- Know when and where mandates are necessary and be consistent with their application.
- Don’t forget about monitoring, measuring, and motivating compliance. This is where the rubber meets the road, can be more difficult to implement than you think, and is a true barometer of how deeply people believe in the stated data governance purpose.
While data are the raw facts that identify, describe, and define something – there is more to data governance than ensuring that those facts are well-managed. There is other information about data that tells an organization how to interpret data, where to get it, who authorizes access, and how it is created, changed, and used. Governance establishes a framework of standards and consistency around a set of topics and defines who is ultimately responsible for defining, adhering to, and measuring compliance with each of these areas. A good data governance function addresses each of the following areas:
- Data Acquisition & Integration – What data sources should be used (external and internal), and what sources are being used? For homogeneous data coming from multiple sources, what is the proper priority of sources, and how are entities uniquely identified? For heterogeneous data, how should the data relate to each other and new data be derived from the intersection?
- Data Usage – Which processes, systems, and reports use the data and why? How does the data flow along the process and system information supply chain, and do the parties involved understand and agree to their direct dependencies and dependents?
- Data Quality – How complete, accurate, and valid is the data in relation to its stated usage purposes? What risks is the organization exposed to due to defects with the data (non-conformance to stated business rules)?
- Data Persistence – Where and how should data be stored; how long should data be kept readily available, archived, and purged; how many redundant copies of the same data should be kept, and how many actually exist?
- Data Definition – What are the conceptual, logical, and physical names and descriptions of the data; how does it relate to other data attributes and objects (entities); what type of data is it, and what domain of values are allowed?
- Data Security – Who authorizes access to the data, and what mechanism(s) are used; how is the data classified from sensitivity and privacy perspective; how is the data protected from loss, theft, and unauthorized intrusions?
When first establishing a data governance function, it is not necessary to immediately cover all of the above areas. Touch upon each area, but pick two or three areas to dive into fully for a target process (ex: Billing) or data category (ex: Customer Data). Typically, the most realistic path is early and quick results leading to the communication of benefits and voluntary, organic adoption and growth. Expand the coverage of data/processes and governance topics with each successive governance iteration until you have reached the desired level of maturity across your organization.
Data is an extremely important asset to any organization. By leveraging a well-planned Data Governance effort, the value your organization receives from your data in relation to the associated data acquisition, management, and usage costs and risks will increase significantly.