Data Governance and the Board has been saved
Perspectives
Data Governance and the Board
Data is one of the most important assets of any enterprise, yet many organisations do not include the data perspective in their business planning and operations. As a result, data quality, usability, availability and integrity suffer. This can lead to mistrust, inefficiencies and heightened risks.
The proper care and handling of data by people as well as systems should be an important aspect of managing this important asset. With appropriate metrics, ownership and processes, data quality goals become part of everyday life and an integral part of operations.
Involving data stakeholders in data decisions empowers them with confidence in the data’s integrity. This requires a thought-out approach to data governance.
Why organisations need data governance
Data governance refers to the policies and processes by which an organisation manages the definition, use, quality, consistency, usability, security and availability of its data and information. It is about knowing the quality of data and that it is fit for use.
A data governance programme is about specifically managing data, based on meeting business requirements.
Data governance ensures the active involvement of data owners and users in the data management, quality and governance. This empowers data owners and users, assigning them accountability and ownership over the data they rely on.
Business decisions have to be supported by reliable data. The company’s knowledge workers must have the data they need, when they need it.
Decision makers not only need to have the right information at the right time, but they need to have confidence in the accuracy and validity of that data for it to be effective.
Many organisations expend resources to migrate to new systems without considering the data requirements. The end result is that the data “mess” of the old system is recreated in the new system which fails to deliver the promised advantages.
Requirements for use and quality of the data need to be defined upfront, before implementation is considered.
Data deficiencies are risks to business stability, success and obligations. For example, when organisations have teams that work in silos, duplicated information produces inconsistent and unreliable data that can make it difficult or impossible to deliver programmes. Working across the organisation to define common data requirements fosters common goals and enables efficient business development and service improvements.
Similarly, organisations must be equipped with policies and procedures. Staff training should be tracked, so that any data breach can be handled efficiently. Mishandling data can lead to embarrassing, costly and brand-damaging privacy, security and reporting breaches. Data users and owners that are involved in caring for data are better equipped to prevent costly breaches and to handle them if they do occur.
It is not enough to rely on a few key individuals and many “magic” spreadsheets. Having well documented data requirements, data definitions and data processes ensures that the organisation’s employees are working towards a common goal, and that information and knowledge are shared.
Enterprise risk is mitigated by being able to track, monitor, and consistently reproduce data performance.
Data governance framework
Data governance provides a structured and defined process that can be followed in a “business as usual” manner to involve the appropriate people in defining information requirements. Business needs drive data requirements and definitions, to influence information technology strategies and provide technical solutions, options and plans.
A data governance programme establishes information-centric processes across the enterprise and standardisation of shared concepts, such as consistent and sustainable definition of business terms across systems and applications.
Employing a data governance framework and instilling diligence requires significant and sustained executive sponsorship, business collaboration and culture change management. In addition, several key processes around data issue management and monitoring need to exist to support the execution.
The right governance framework offers an end- to-end view of data governance. This framework forms the basis for better managing the entire data value chain across the organisation from quality, consistency, storage, usability and security perspective, (see box on “Data Governance Framework”).
Supporting the framework is an operating model that describes how data governance actually works. It includes an organisation structure, roles and responsibilities, interaction model, standards and processes (see box on “Data Governance Operating Model”).
The data governance operating model must have the power to mandate the Data Governance Office and all other data governance resources to perform the roles and responsibilities required to manage data as an enterprise resource and asset. All parties performing data governance or management activities must be accountable for the successful performance of their roles.
Role of the board
The board should clarify roles, accountabilities, and decision-making processes for management of data within the organisation, with focus on the following:
• Decision principles. Clear guidelines for decision-making roles, processes and behaviours, and a common language to facilitate cross-functional communication.
• Decision rights. Exact nature of each individual’s role in decision processes that provide clarity, eliminate ambiguity and reduce cycle time.
• Management committees. Defined group of individuals who meet with a common mandate. Decision-making authority may not rest with the committees.
• Enablers. Organisational systems that propel or block effective decisions, such as processes, policy, systems and organisational structures.
The proper use of enterprise data is a concern for the board. In addition to the review and endorsement of the data governance framework and operating model, the board’s agenda on organisation strategy needs to align with strategic, regulatory and privacy requirements for data.
Data that supports the enterprise reduces corporate risk and fosters growth.
This article first appeared in the Q2 2020 issue of the SID Directors Bulletin published by the Singapore Institute of Directors.