Data governance is important, it provides the ability to manage the life cycle of data through the implementation of policies, processes and rules in accordance with the organisation's strategic objectives.
The allocation of owners
One of the tasks that concerns data governance is the allocation of owners to data, and to define stewardship roles for the data. Data owners (also known as data custodians) are accountable for taking decisions relating to the data e.g. defining policies relating to the use of the data. They assess the sensitivity of the data they own and classify the data according to the various data protection categories supported by the architecture.
Policies take into account the provenance of the data
The data custodians agree the security arrangements associated with the data and they define user access policies for the data they own. These policies take into account the provenance of the data and the sensitivity of the data created as a result of merging data sets. The policies define the data retention period for the data, including arrangements for data archiving and data disposal.
Data governance is also concerned with the arrangements for ensuring the data is available when required so that the business continuity requirements can be met. This includes ensuring that the disaster recover arrangements are tested regularly.
In order to track data throughout its lifecycle, metadata needs to be captured and stored at all the stages involved, such as data ingestion, data standardisation and data linkage, data integration and data publication, as well as data archive and data disposal. The data governance function needs to monitor the quality of metadata captured and ensure that remedial action is taken to capture missing metadata or to resolve ambiguities in metadata.
The data governance function also encompasses conducting quality reviews of individual data repositories to check for data quality issues (including a root cause analysis) and to ensure solutions are implemented for systemic errors which lead to data quality issues.
The approach taken for data governance can vary depending on the organisational size and structure. One option is for each team involved with processing data to conduct self-assessments against agreed data principles and standards. The principles and standards would be defined and agreed by the data architecture function, and informed by the need to comply with legislation (e.g. relating to data privacy) and ethical standards (relating to the use of data).
Evidence of compliance is being captured correctly and consistently
Where there is a centralised data architecture team, this team can conduct audits of the various teams that handle data in order to check that the governance process is being followed and that evidence of compliance is being captured correctly and consistently. Periodically, the data government framework and processes would need to be reviewed so that any process issues identified as part of these periodic reviews are addressed.
In practice, for large organisations, there may be several different specialised governance teams which monitor different data lifecycle activities, for example, data acquisition, data publication to external parties, data exploitation, and data disposal. It is important that an over-arching data governance framework describes the roles and responsibilities for each governance team and how they fit in to the overall governance process.
Sometimes, there will be issues with complying with some data principles and data standards and the data governance function needs to define processes for resolving these issues or to agree concessions and to monitor the completion of tasks and adherence to conditions imposed.
Architectural frameworks (e.g. DAMA International and TOGAF) provide guidance on how to provide data governance.
How does data governance contribute to your organisation? Comment below!
2 comments
Comment by Mark Matten posted on
Certainly the lack of data governance is contributing to our organisation and in a negative way (inefficiencies, compliance and corporate risk).
It would be interesting to hear about the ROI (financial or less tangible) benefits of existing DG functions, and how they're structured, in departments.
Comment by chrismachin posted on
Thanks for your comment! ROI will depend on what can be re-used from existing governance processes. For example, it may only be necessary to fill gaps within the existing processes to address certain governance functions, which would have a much faster ROI. The benefit of a centralized data governance approach includes an assessment of the maturity of the whole organisation to identify where improvements are required.