Introducing Data Governance
Introducing Data Governance
David Schlinker, Senior Data Architect
May 4, 2019
In today’s world of “give it to me raw” Big Data, one might think that data governance is no longer worth the time, effort, or money. That is not the case. As volumes, types, and uses of data increase dramatically, the need for Data Management and Data Governance has become even more important. Furthermore, massive security breaches at Facebook, LinkedIn, Marriot, Yahoo, etc have escalated the need for formalizing Data Management, specifically Data Governance. We will discuss the significance of Data Governance and the challenges that Data Management professionals face in this myriad of data complexity.
Why Data Governance Matters
Depending on your point of view, data is either a strategic business asset that can significantly improve your bottom line, or it is a security threat and a compliance risk. The truth be told, it’s both.
Analytics. The use of data for strategic purposes has grown exponentially over the past two decades. Numbers vary but one estimate suggests that 90% of the data in the world today was generated in the past two years (Forbes May 21, 2018). However you slice it, the numbers are staggering. Demand for Data Scientists – the people we used to call Statisticians – has exploded as more and more organizations look to exploit data in new and creative ways. Artificial Intelligence is one of those ways and is becoming mainstream. Those not jumping on the AI bandwagon are losing competitive advantage.
Security and Compliance. Government regulations such as Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA) and Europe’s General Data Protection Regulation (GDPR) are forcing more and more companies to implement Data Governance or shore up existing policies and procedures. Violating these rules can result in significant penalties. The maximum GDPR penalty is $30 million or 4% of revenue, whichever is greater. These numbers catch the attention of CEOs and CFOs, and even get a few fired. And the fines are not the only consequence. Theft of customer information creates a public relations dilemma and revenue losses as customers leave.
What is Data Governance?
While there are many definitions of Data Governance, the one I most often use with clients is an adapted version from Robert Seiner’s book Non-Invasive Data Governance (Technics Publications 2014):
Data Governance is formalizing behavior around the definition, creation, and usage of data to manage risk, improve quality and improve usability.
The key word here is “formalizing”. Almost every person in an organization demonstrates behaviour toward data of some sort. This behaviour may be good or bad. But most importantly, for many organizations, this behavior is informal. There are typically very few enterprise level rules about how to manage data. Imagine an organization that performs finance and accounting functions without any rules or guidelines – no Generally Accepted Accounting Principles (GAAP), no internal audits, no SOX. More and more executives are recognizing the deficiencies in data governance and the role of Chief Data Officer, almost unheard of twenty years ago but now commonplace.
The industry-recognized Data Management Association (DAMA) wheel illustrates Data Governance as being at the core of an organizations data management practices.
Like an Internal Audit department, Data Governance is an “oversight” function. It provides rules and guidelines through data management principles, policies, and procedures. It is supported by formalized organizational structures and roles. Depending on the size and culture of an organization, Data Governance committees are formed at a strategic level and at a cross-business unit level. Ownership and management of data are assigned and formalized by the role of Data Steward. Typically, the Data Steward is defined for each data domain or subject area. In large organizations, a single data domain may require multiple stewards for different parts of the domain – such as different types of customers being comprised within a Customer domain. The Data Steward roles should reside in the business units, which have distinct data creation, retention, and distribution requirements. The IT department fills the technical roles that support the Data Stewards.
Data Management professionals have never faced such a challenging time as now. Finding the right balance between “data freedom” and “data governance” is very difficult. Modern Data Lake architectures provide instantaneous access to large volumes of structured and unstructured data in one place so that marketing, operations, maintenance, and research departments can all gain access to the same data stored in different formats. Data Lakes, when built right, provide a competitive advantage, reduce costs, and improve customer service. The questions is: how do you do all this while providing consistent, high-quality data and avoid security breaches and compliance failures? This is where good Data Governance comes in. Some key Data Governance practices include the following:
• Minimize bureaucracy. Bureaucracy in governance cannot be avoided, but it can be minimized by streamlining the decision-making process. Data Governance committees should be formed with clear responsibilities and decision-making authority. Keep membership lean as these committees often get too large and inefficiencies crash the party.
• Embed Data Stewardship responsibilities into existing business roles. Data stewardship is already happening informally in most organizations. When introducing formal Data Governance, try to leverage this work and put it into a Data Governance context. This will help to address concerns about added workload.
• Keep the rules simple and concise. Data Governance principles, policies and procedures should be as simple as possible. Try to apply an agile approach while still achieving the goals of Data Governance.
• Communicate. Implementing Data Governance is a Change Management exercise. Apply Change Management principles to your Data Governance implementation. The most important of these is communication and follow-up.
• Start from the top. Start with Data Governance principles. These are derived from the Corporate Strategy, security and compliance constraints, and business requirements. Principles drive Data Management and Data Governance Policies. Policies drive the Data Governance Strategy and Goals. The Strategy and Goals drive the Framework. The Framework drives the Procedures. The Procedures drive the Forms and Data Governance Tools. It’s pretty well a chain reaction and you need good Data Governance to make it happen.
In summary, Data Governance is a capability that enables an organization to ensure that high data quality exists throughout the complete lifecycle of the data – from data creation to retirement. Data Governance is put into practice as a means to optimize data availability, usability, consistency, integrity, and security. An effective Data Governance practice must establish the processes to ensure effective data management throughout the enterprise such as accountability for the adverse effects of poor data quality and ensuring that the data which an enterprise has can be used by the entire organization. This comes with committed Data Owners and qualified Data Stewards.
Mr. David Schlinker is a Senior Data Architect affiliated with IT Architects in Calgary, Alberta, and has worked in various industries, including Energy, Mining, Utilities, Telecommunications, Transportation, Manufacturing, and Retail. IT Architects (www.itarchitects.ca) is an information consulting firm specializing in business process optimization, system evolution planning, and the deployment of leading-edge technologies. If you require further information, David can be reached at firstname.lastname@example.org or 403-874-9927.