Data Governance

1. Establish “Why” – Do I need a Data Governance Program

When launching a data governance practice, a critical first step is to ensure you identify the key reasons your organization needs to boost its governance and management of your data.

This is imperative because as you implement and operationalize your program, you must align stakeholders with the drivers and justify formalizing a data governance program. Formulating a few clear use cases for your organization aids in aligning resources and priorities as you proceed.

There are three recommended best-practice use cases to consider when starting a program:

Compliance and Risk

Compliance with data protection regulations and risk management is often the first and most apparent driver for justifying data governance policies and controls. Risk of this nature is a board and executive-level issue. Identify critical compliance requirements specific to your business, perform an assessment of your compliance risk, and establish a core program that will help control it.

Business Value

Data flows through the information systems of every business, is involved in every business process, and drives strategic and tactical decisions through analytics and reporting. Every company gains value from managing its data assets with more diligence. This value comes in many variations, from increased customer satisfaction and retention, increasing top-line revenue, reducing costs, expanding into new markets, and developing a competitive advantage. Identify an ongoing or upcoming strategic initiative or project in your organization that depends on accurate and trusted data to ensure success.

Operational Productivity

With controls in place to drive a higher level of data quality, organizations benefit from business process improvement. A data program that implements data element defaults and derivations based on business scenarios begins to streamline processes and reduces time spent on triage and re-work of data-driven issues, thus reducing IT and business costs. Start by looking at your master data maintenance processes for customers, vendors, or materials and identify opportunities to improve data integrity. As organizations create trusted information sources and their users learn where to access the information they can rely upon, they quickly find that people work smarter, not harder.

2. Establish Initial Roles

A common pitfall is thinking that Data governance is “all about the data”; however, it has a lot more to do with people and processes than data alone. When organizations start thinking about the people part, they can get hung up on where to start. Questions arise around who is going to lead it? How many roles do we need? In what departments?

To get moving, start simply by identifying the foundational roles you need to establish to get started. A common best practice operating model for establishing a governance program consists of executive sponsors, a data governance office or chairperson(s), a data governance board, and the data community and specific working groups. The operating structure should be customized to reflect the uniqueness of each company.

The first and most critical role is the overall executive sponsor or sponsors of the program. Leadership at the top must visibly support the program as it rolls out and make it a priority for resource allocation. For years now, these executive sponsors have come from the senior executive level or C-suite. Organizations should consider their unique scenario and be aware that in extreme cases of non-compliance to data protection regulations, this can lead to dismissal or criminal prosecution. Your sponsor or sponsors are responsible for aligning data governance goals with business goals, developing the vision and objectives, and approving funding and resources for governance efforts.

Data Governance “Office”

Governance boards and councils are the best practice approach for aligning multiple functions and resources to get work done quickly. Boards and councils succeed most often when led by a chairperson or persons.

When starting a program, it’s best practice to fill the leadership role with a full-time person so they can focus entirely on the delivery and success of the data program. However, it can be rare for some organizations to have a full-time data governance director or manager. Hence, organizations have to look for a chairperson that already has a “day job” in another function. It’s also rare to find one person with the business management skills and the technical data management skills to span the breadth needed when rolling out a program.

Therefore a recommended approach is to define two chairpersons to lead the governance board, one from the business and the other from the technical data management arena. Identify your business DG chairperson from a business function who knows best how data impacts the business. It is a best practice that this individual is director level or higher rank. It helps significantly if this person is influential and can demand that data governance policy and compliance happen. Identify your technical

DG chairperson with the best data management expertise to recommend capable technology solutions to business data problems.

Data Governance Board

In most organizations, data governance is often organized as a board or committee as it is proven effective in gaining rapid alignment and promoting collaboration across functions. In each organization, the size and membership of the initial board can vary, with some organizations taking the executive board approach and others adopting a steering committee. When establishing your board, a  best practice is to ensure the membership is diverse, includes a mix of business and technical folks, includes directors, managers, and workers, and spans multiple business functions. The chairperson(s) will lead this team through data issue prioritization, aligning data ownership, driving data decisions, policy and standards approval, and resource allocation.

Data Community & Data Working Groups

Every organization has a data community of providers, maintainers, and consumers. As you initialize your program, you’ll start formally identifying processes, metrics, policies, and standards, and you will need to inform and educate these people. In addition, you may form data working groups to remediate specific data issues and will need to tap into this group’s expertise.  Lastly, it’s essential to define an initial framework for when and how this operating model will make decisions about data-related issues. Most data governance boards meet monthly to establish priorities and make decisions on policies and controls. However, as an organization is ramping up a governance program, more frequent meetings or specific working groups may be warranted.

3. Define Data Domains

With people identified to make decisions about data priorities and issues, organizations begin to focus on defining their data domains, critical data elements in those domains, and data ownership for those elements. When deciding what data domain or data object(s) to start with, a best practice is to start with a small scope and look for one of the following scenarios:

• Identify compliance or regulatory risk that must be addressed
• Identify a strategic or operational improvement initiative that requires complete and accurate master data; or,
• Identify a critical report (or set of reports) that is heavily relied upon for making decisions.

Once you’ve chosen one of the above scenarios, then identify the most critical data elements for that scenario. Then, begin building your data catalog by documenting those data elements and capturing metadata about those key elements, including data types, allowed values, and the business impact or criticality if missing or incorrect. Metadata and data catalog tools can expedite and automate building out your data dictionary or data catalog. For some organizations, implementing a data catalog tool right away provides significant value; for others, you may leverage existing technology tools and people skills. Performing this activity will align people on data definitions and business use of the data and establish priorities of what data is essential and the impacts if it’s inaccurate or missing. Finally, be sure to identify and assign data owners for each element to begin establishing the concept of data stewardship.

4. Document Data Flows

Now that we have defined “why,” “who,” and “what” of our governance program, we start to develop “how.” Starting with your identified data domain and critical data objects, document where that data comes from, how it was created, and if it experiences any transformations as it flows through information systems and its lifecycle. This data flow is referred to as data lineage and is essential when governing data to ensure that data movement and transformations are visible and understood. Tools are emerging that can connect to data sources and crawl through the code that moves data and present data lineage information to your business and technical data stewards. Depending on the volume of data and systems in scope initially, an organization starting out may derive significant value from a data lineage platform. However, many organizations can get started leveraging existing modeling or diagramming tools and focus on the critical domain, systems, and data elements to build out a high-level data flow. 

A recommended approach is to document enough depth in your data flow to understand and communicate to stakeholders where the information originates and propagates and any transformations in the pipeline. As the program matures, organizations will benefit in time saved from leveraging tool automation in this function. During this step, you are also ensuring to document and define your authoritative data sources for data — which sources or systems are your systems of record and which are systems of reference as data flows around the ecosystem.

5. Establish Data Governance Policies & Standards

An effective foundational and modern data governance program must keep the data governance bureaucracy lean and agile. However, every program must define policies and standards and hold people and functions accountable to those policies and standards.

In this step, you will create policies that drive compliance and adherence to your data controls. When defining your policies and standards, it’s essential to adhere to the following principles:

• Create policies that are clear and usable to drive compliance with data protection regulations and internal information requirements
• Define and approve data standards for critical elements clarifying what an acceptable value, format, and structure for those elements is
• Ensure the overhead for establishing and enforcing policies doesn’t inhibit the adoption of your program, limit growth, or inhibit scalability; and
• Complement these governance policies and standards with defined stewardship.

Policy and standards must be easily findable, consumable, and understood by your data community. Be sure to manage them from a central repository and have established regular communication of newly approved policies or standards or changes to existing.

6. Establish Data Controls

In this step, the goal is to establish controls to manage the quality of business-critical data discussed above. Three methods can be applied when determining how to govern master data. These methods are:

Proactive controls put in place systematically at the point of entry or origination of the data to check for a condition, derive data, or identify default data are active controls. Select this method for the most critical elements where the most substantial business impact is. These controls often require changes or enhancements to operational data management systems.

Predictive or Reactive controls put in place through data quality monitoring or auditing methods are reactive; however, if managed through regular (daily/weekly/monthly) stewardship, issues can often be avoided before they occur. This method is chosen for critical elements that may not be selected for active controls due to timing-sensitive factors when entering the data and is often the best starting point for organizations just starting to form data governance controls because the time and effort to implement is often far less than a more complex point of entry controls.

Process controls leverage policies, procedures, or work instructions not through an automated process but through human review or approval. This method is chosen when the data being governed does not require one of the first two methods or is not cost-effective to govern the element systematically. 

The quickest and most cost-effective method for most organizations to establish data governance is to utilize predictive data quality monitoring controls. Each governance method requires owners and stewards to perform the following:

• Identify the priority data to control or monitor (identifying the business impact)
• Define critical business rules for that data element: when it must be complete, when it must be a certain value, etc.
• Implement the control, and if it’s reactive, establish the metric or acceptable threshold for quality (it may not always be 100%)

Lastly, it is vital to develop a feedback mechanism such as a data issue management process for your data consumers, stewards, and owners to report issues. 

This includes establishing a resolution process that will articulate how you will prioritize identified issues, timing expectations for resolution (SLA), and which problems require board-level review and resolution approval.

7. Communicate & Educate

Data governance is still considerably reliant on people collaboration and process changes despite data tools and technological advancements.

With your initial data governance operating model and framework defined, you must now attend to communication, education, and change management.

Implementing a successful Data Governance Program will require a cultural shift in how data is created, viewed, and managed. Policies and standards cannot be set and enforced without focused communication among stakeholders. This communication and collaboration will boost positive outcomes around the alignment of data management to business priorities, data knowledge transfer across functional silos, and escalate more robust organizational data stewardship.

Communication provides transparency into the policies and processes of the Data Governance program. It directly shapes the perception of data quality and progress across the organization to drive momentum and garner support for data governance efforts.

The Data Governance Program chairperson(s) should:

• Engage executive leadership and request vocal and regular support
• Cultivate relationships across all functions to understand forces resisting change and incorporate findings into communication messages; and,
• Develop a communication plan to disseminate information describing the why, who, what, and how of the program, highlight accomplishments, and subsequent focus areas.

8. Modernize & Improve

Once your organization has established a foundational data governance practice, it’s important to expect that you will need to improve and refine the program continuously. Your chairpersons and stakeholders will identify aspects of the program that require refinement. You may have started your program without fit-for-purpose data tools to get moving. Now is when you must consider what it takes to scale your program to the enterprise, include more domains, more data, more systems, involve more people, and do it all more rapidly. Assess your program and determine where improvements and modernization will drive the most value in your program. Look to modernize and automate capabilities in your program with modern data tools such as integrated data catalogs, data lineage, or data quality platforms.