Data Governance: The Basic Information

WHO is involved with Data Governance?

Data Governance is of concern to any individual or group who has an interest in how data is created, collected, processed and manipulated, stored, made available for use, or retired. We call such people Data Stakeholders. Often, Data Stakeholders are OK with letting various IT Management and Data Management teams decide how to do the tasks we’ve listed above. But sometimes, these activities require decisions that really should be made by groups of stakeholders according to an agreed-upon process for making those decisions; that’s when Data Governance comes into play. Such decision-making (and other activities) are facilitated and coordinated by centralized resources; in The DGI Data Governance Framework, we describe a Data Governance Office (DGO). We also describe roles and responsibilities for Data Stewards across the organization.

WHAT does Data Governance mean, and what does it do?

Data Governance means “the exercise of decision-making and authority for data-related matters.”

More specifically, Data Governance is “a system of decision rights and accountabilities for information-related processes, executed according to agreed-upon models which describe who can take what actions with what information, and when, under what circumstances, using what methods.”

When people refer to Data Governance, they might be talking about:

• organizational bodies
• rules
• decision rights (how we “decide how to decide”)
• accountabilities, or
• monitoring, controls, and other enforcement methods

Data Governance programs can differ significantly, depending on their focus (on Compliance, on Data Integration, on Master Data Management, etc.) Regardless of the “flavor” of governance, however, every program will have essentially the same three-part mission :

1. to make/collect/align rules,
2. to resolve issues, and
3. to monitor/enforce compliance while providing ongoing support to Data Stakeholders.

WHEN do organizations need formal Data Governance?

Organizations need to move from informal governance to formal Data Governance when one of four situations occur:

1. The organization gets so large that traditional management isn’t able to address data-related cross-functional activities.
2. The organization’s data systems get so complicated that traditional management isn’t able to address data-related cross-functional activities.
3. The organization’s Data Architects, SOA teams, or other horizontally-focused groups need the support of a cross-functional program that takes an enterprise (rather than siloed) view of data concerns and choices.
4. Regulation, compliance, or contractual requirements call for formal Data Governance.

WHERE in an organization are Data Governance Programs located?

This varies. They can be placed within Business Operations, IT, Compliance/Privacy, or Data Management organizational structures. What’s important is that they received appropriate levels of leadership support and appropriate levels of involvement from Data Stakeholder groups.

Note: Data Governance programs are rarely successful if they fall under Application Development on the corporate org chart, since it is often AppDev teams who are called upon to make compromises as part of satisfying other stakeholders’ needs. Likewise, Data Governance programs that report into a Project Management Office may be compromised, since Project Managers who are charged with finishing projects on time and on budget may be dis-incented to bring light to the types of data-related issues that require governance attention.

WHY use a formal Data Governance Framework?

Frameworks help us organize how we think and communicate about complicated or ambiguous concepts. The use of a formal framework can help Data Stakeholders from Business, IT, Data Management, Compliance, and other disciplines come together to achieve clarity of thought and purpose.

The use of a framework can help management and staff make good decisions – decisions that stick. It can help them reach consensus on how to “decide how to decide.” That way, they can more efficiently create rules, ensure that the rules are being followed, and to deal with noncompliance, ambiguities, and issues.

HOW does an organization “do” Data Governance?

First, they decide what’s important to them – what their program will focus on. Then they agree on a value statement for their efforts. This will help establish scope and to establish SMART goals, success measures, and metrics. Next, develop a roadmap for their efforts, and they use this to acquire the support of stakeholders. Once achieved, they design a program, deploy the program, go about the processes involved in governing data, and perform the processes involved in monitoring, measuring, and reporting status of the data, program, and projects.

Data Governance programs tend to start by focusing their attention on finite issues, then expanding their scope to address additional concerns or additional sets of information. And so, the establishing of Data Governance tends to be an iterative process; a new area of focus may go through all of the steps described above, at the same time that other governance-led efforts are well-established in the “govern the data” phase.

HOW MUCH Data Governance do we need?

As little as will help you meet your goals. The DGI Data Governance Framework can be applied to pervasive, “big-bang” programs. But it was specifically designed for organizations that intend to apply governance in a limited fashion, then scale as needed. All the 10 components of Data Governance described in the framework will be present in the smallest of programs and projects; the level of complexity will grow as the number of participants or complexity of data systems increases.

By standardizing your teams on the terminology and concepts described in the framework, you’re training your Business, IT, and Compliance staff to communicate with each other in a way that leads to realizing value from your data assets, managing cost and complexity, and ensuring compliance. A “act locally, but think globally” approach to Data Governance means your teams will be ready when it’s time to tackle large or complex data-related issues.

HOW do we assess whether we are ready for Data Governance?

It’s important to assess readiness for Data Governance before you move from your current state to a more formal approach to governance and stewardship. Why? There may be a valid reason why the current model is in place. Likewise, there may be a good reason why change could be detrimental to the enterprise, a particular program or project, or even an individual’s career. Red flags include:

• Refusal of business groups to get involved
• Refusal of leadership to sponsor a Data Governance effort
• The decision to implement a bottom-up program when the decisions and rules that must be implemented clearly must come down from the top of the organization
• The decision to empower a group (an outsourcer, partner, or team) to make data-related decisions for a data-related effort where they would benefit from NOT
  • considering an enterprise view
  • involving data stakeholders
  • correcting data issues
  • acknowledging data issues

BONUS QUESTION

What’s the most overlooked aspect of Data Governance?

Communication skills of those staff who sit at ground zero for data-related concerns and decisions. They need to be able to articulate many stakeholders’ needs and concerns and to describe them in many vehicles and mediums. Often, the staff who sit in these positions don’t have writing or public-speaking backgrounds, and they need help learning data-specific communication skills, creating communication plans, and developing email templates that ensure all stakeholders get the right level of information at the right time, in the right sequence to avoid political issues.

Luckily, training can provide these skills to data-savvy staff. With the right communication pieces sitting at the ready, your Data Governance team can go about the business of governance, confident in their ability to bring alignment to your diverse data stakeholder groups.