Published: August 1, 2022

Data governance is a set of processes that ensures enterprise data complies with industry standards and policies when it enters a system. Critical for business intelligence, it’s been around since the 1980s, though mainly insurance and finance companies implemented it earlier. Data governance came into focus in the 2000s when instances of misuse of user information prompted the formation of data protection guidelines, but it’s much more than that.

Get our BI Tools Requirements Template

Information governance is more than protecting data from falling into the wrong hands. It’s a discipline that comprises methods and policies for integration, storage, access, usage, retention and purging of business data. It supports BI tools in giving you timely, secure access to quality assets to drive decision-making and business strategy.

This article discusses the below aspects of information governance.

• Why It Matters
• Goals
• Implementing Data Governance
• Data Governance and GDPR
• Best Practices

Data Governance vs. Data Management

Users often find the two terms confusing. Data management comprises the processes used to plan, enable, specify, create, obtain, maintain, use, retrieve and control data. On the other hand, data governance is a subset of data management. It includes processes to ensure accountability and ownership of data assets.

Information governance standards will be different for diverse domains. For instance, rules for healthcare data will be different from, say, finance or insurance.

Data security is another term that people mistakenly use in place of governance. It, in turn, is a subset of information governance; compliance includes adhering to security regulations.

Importance

With increasing data volumes, organizations have greater demands to comply with regulatory requirements to find critical information fast. However, data regulations keep changing, and staying compliant can be a struggle.

An effective governance strategy enables well-defined data processes, accountability and audit-backed risk management. It streamlines operations and improves efficiencies, boosting performance and revenue.

An effective data governance process needs to address the below questions.

• What data do you have?
• Where is this data?
• Why do you need this data?
• Who has access to and owns this data?
• How do you control, protect and maintain this data?

BI tools like Cloudera, Alteryx and Talend come equipped with data quality management, regulatory compliance, risk management and auditing capabilities.

Goals

When you implement governance, you should have the following goals:

• Establish internal rules for data usage
• Implement compliance requirements
• Protect data quality
• Ensure implementation oversight
• Reduce costs
• Manage risks

However, according to Gartner, by 2025, 80% of organizations trying to scale digital businesses will fail because they don’t take a modern analytics and data governance approach. It means wasted investment and loss of market reputation and revenue.

Eliminate the Risks of Selecting the Wrong Software with SelectHub

What does a “modern approach” mean? It involves incorporating three vital elements in your information governance strategy – people, processes and technology. Called PPT in short, it’s a cross-domain model for organizational efficiency, and it works equally well for information governance.

People — stakeholders and employees — are your greatest assets. It would help to get them invested in your strategy by showcasing the benefits it can yield. Hire the right people; data engineers and solution architects are excellent technical resources. Have the right processes with the right technology to make it happen.

How do you get teams to care about information management?

Data governance coach Nicola Askham says,

It’s all about understanding and explaining what’s in it for them. No one is going to get excited if it just sounds like extra work for no benefits, so for each and everyone you speak to you need to know what benefits implementing data governance will bring them. You need to do the research and preparation but it will pay off in the long run.”

Implementing Information Governance

The data governance market is expected to grow from $1.81 billion in 2020 to $5.28 billion in 2026, at a CAGR of over 20.83%.

Compliance is one of the primary reasons for enterprises adopting information governance. But, there is a troubling lack of follow-through in many companies. Compliance is dismally low at 10%, even in heavily regulated sectors like finance and banking (15%), government (19%) and healthcare (19%).

The two most obvious reasons are a glut of information and data mismanagement. With a “store-everything” mentality, organizations are drowning in information.

What’s more, about 80% of data that enterprises store is considered redundant, obsolete and trivial (ROT) and not used at all.

It could result from poor data management strategies and stop-gap compliance measures to meet frequently changing data regulations. It can prove to be costly in the long run and damage the company’s reputation. Besides, enterprise BI adoption slows down with persisting silos leading to multiple versions of the truth and data security issues.

Get our BI Tools Requirements Template

A comprehensive data governance strategy should address the following areas.

• Data ownership
• Data architecture
• Metrics-based governance
• Data acquisition
• Data discovery, mapping and modeling
• Data warehouses and BI systems
• Data quality
• Data security
• Big data integration and interoperability
• Creating and maintaining records
• Quality, well-documented metadata
• Formal data archiving process
• Data loss prevention mechanism
• Deleting old data with no business value
• Training

Roles and Responsibilities

An information governance strategy defines processes, assigns responsibilities, and ensures quality through role-based access permissions. Unregulated data access could impact downstream systems and data users.

So, who owns data governance in an organization?

Though roles and responsibilities vary with organization size and domain, here’s a simple enterprise model.

• The data governance board formulates policies, monitors implementation and prioritizes various aspects of the strategy as the need arises.
• The executive team develops governance workflows and processes based on the committee’s suggestions.
• Data stewards manage all major and minor technical, legal, regulatory and operational data concerns like information retention, usage, purging and more. They work to build trust by creating standard data definitions and ensuring compliance. To avoid penalties and fines, they stay informed about the latest local, national and international data laws.
• Other stakeholders include data owners for different teams, such as for sales, revenue, workforce management and more. Data consumers input information into the system and use the available insights per their organizational roles.

Information Governance and GDPR

Data volumes have been growing exponentially; it’s expected to grow to more than 180 zettabytes by 2025 compared to 64.2 zettabytes in 2020. Data confidentiality issues aren’t new; whenever two or more parties share data, the risk of breaches and misuse exists.

Interestingly, the GDPR doesn’t talk about data governance verbatim. But, the only way an organization can secure individual data privacy is with an effective information governance and management strategy. GDPR lists the specific requirements for organizations to control and protect data, which comes under the purview of data governance.

The two overlap in more than one area. Let’s see how.

Identification and Classification of Personal Data

One of the first steps of data governance is data classification, so the organization can quickly identify by labeling what qualifies as personal information. It enables organizations to understand how they use personal data and apply security measures by defining access rights based on data sensitivity levels.

As a data subject, you have the right to share or withhold your personal information when you access enterprise data. Remember the accept/decline/ manage permissions screen you see when accessing a website? That’s GDPR in action.

Data Management

Information governance, based on data management, includes:

• Facilitating data discovery.
• Correcting inaccurate and incomplete assets.
• Purging redundant information and discontinuing data processing.

Similarly, GDPR gives data subjects the right to request rectification and update personal information and discontinue data processing. It includes the Right to be Forgotten – a data subject can request that the organization erase their personal information.

Enterprises need the capabilities and the technology to respond to these requests.

Data Security

Individual data security is at the core of the GDPR and part of an effective information governance strategy. Organizations can go in for anonymization and encryption and have safeguards to restore data availability in case of technical issues or security breaches.

Reporting and Documentation

An efficient data governance strategy requires the company to document all compliance policies, rules and regulations; GDPR compliance documentation is a part of it. GDPR requires businesses to provide evidentiary documentation to prove they comply with data regulation requirements. It includes records to show the organization collected your personal information legally and kept it secure.

Data regulations like The Sarbanes Oxley Act and the California Privacy Rights Act of 2020 contain provisions that affect enterprise governance, risk management, auditing, fraud and corruption. Tools like Informatica help enterprises manage GDPR compliance through data protection controls, monitoring, alerts and visualizations for risk exposure and remediation.

Get our BI Tools Requirements Template

Best Practices

Governance requires a fine balance between consistency through strictly implemented policies and flexibility.

Follow these best practices to get the most out of your information governance strategy.

Start Small

As mentioned above, data governance has three essential elements – people, processes and technology. It can seem overwhelming for an organization to try and make all these components work together from the beginning.

Start small. Build each component on the one before it — start with engaging the people first, then work in the processes and finally, incorporate the technology. If the people aren’t on board with your strategy, your methods will fail and adopting new technology won’t do you any good.

Hire the right people to create your information management strategy and ask for input on the best data governance platforms to adopt. Automated workflows free technical resources for other, resource-intensive tasks, something to keep in mind when buying software. Reach out to us to streamline your software selection.

Get Stakeholder Buy-in

Before you implement a governance strategy, get your stakeholders interested in the benefits of compliance; build a business case. Highlight the current state of data quality in your organization, the impact of bad data and how governance compliance can yield greater returns. Show data management goals are realistically achievable; break them down into smaller, tangible milestones.

Link the milestones with business use cases to show it can be done. Remember to cover your bases – define processes to address issues when something goes wrong. Create a framework so everyone knows what they must do – assign clear-cut roles and responsibilities, including data ownership for each department.

Track Progress

Define metrics and KPIs in advance to monitor whether your information governance strategy is as good as it looks on paper. You can track how far you’ve come with governance implementation by setting starting metrics. Show that it works by celebrating wins, however small. Be flexible and proactive; don’t hesitate to change the plan if something’s not working and you have a better option.

Encourage Over-Communication

Change can be unsettling for anyone. Ensure that you communicate early and often with your team at all stages of implementation. Effective team communication will show you how well your strategy is working even before your metrics do. When you are in the loop, you can spot gaps and discrepancies and tweak the plan to what works best for your company.

In many enterprises, chief information officers (CIOs) and chief data officers are the point persons for all things data. Data owners and team leaders can communicate with them directly or through the executive team leader about the status of the governance strategy.

Weave It Into Business Processes

Treating a data governance strategy as a separate project doesn’t work and can slow down compliance. Incorporate it into business workflows; governance is a long-term practice that will reap rich dividends over time.

When comparing data management solutions, it’s easy to get overwhelmed by all the features and functionalities. Get our requirements template to shortlist your business needs and select the right tool for your organization.

Get our BI Tools Requirements Template

To Wrap Up

Keeping up with the latest data regulations and managing exponentially large data volumes is more complex now than ever before. Though there is no textbook formula to implement an information management strategy, finding what works in alignment with your organization’s data culture is critical to making the most of BI opportunities.

Does your company have a data governance strategy in place? Let us know in the comments!

Contributing Thought Leaders

Known as The Data Governance Coach, Nicola is a consultant who helps organizations understand and manage their data better.

For almost two decades, she’s helped her corporate clients better manage their data, reduce costs, inefficiencies, and remain competitive. Typically people turn to her because their data is a mess, and they need help unraveling it.

Nicola runs four popular training courses every year because she feels it’s essential to give people the data skills to solve problems and make better-informed decisions.