Article
Enterprise data governance: Fundamentals to best practices
What is enterprise data governance?
Enterprise data governance ensures that data is accessible, accurate, and usable. It is based on a set of policies and procedures developed and enforced by a team within an organization. In some cases, the enterprise data governance team is dedicated to this function. In others, it is a cross-functional, working team comprised of representatives from across the organization.
Organizations use enterprise data governance to ensure that data is handled correctly through its entire lifecycle—creation, storage, usage, and archiving or destruction. Responsibilities include:
- Designing and developing the infrastructure, including selecting the supporting technology
- Creating and maintaining the related processes and policies
- Defining which individuals or roles have what rights related to data, such as creating, accessing, auditing, and safeguarding it
Enterprise data governance effectively manages and scales governance efforts with policies that help answer important questions, such as:
- What data does the organization have?
- Who owns the data?
- Where does this data reside?
- What is the data used for?
- How is data accessed?
- What data is shared?
- What reports or metrics need to be generated using this data?
- Where and how does the data flow through the organization?
- Who determines how data is defined, modified, and used?
Essential components of enterprise data governance include the following.
- Enterprise data governance framework—provides direction for managing the program, including who can access and use it and in what ways.
- Data governance roadmap—defines enterprise data governance roles and responsibilities along with the objectives for the program.
- Data governance team—includes individuals responsible for executing and overseeing initiatives. Common enterprise data governance teams include:
- Enterprise data governance tools—purpose-built software for various functions including data analytics, data cataloging, lineage tracking, data quality management, and data security management.
- Data analytics—involves collecting, processing, analyzing, and visualizing data using various methods and tools to extract actionable insights from raw data.
- Data catalog—stores all data in a repository to make assets accessible from a centralized view. A data catalog uses metadata to provide details about the information in the data catalog. This includes definitions, descriptions, linkages, owners, quality indicators, sources, and usage history.
- Data lineage—tracks how data was used, who accessed it, and the associated timeline.
- Data quality management—specifies processes and procedures that ensure data remains correct, comprehensive, consistent, current, and reliable. This includes creating and enforcing guidelines and metrics for assessing, tracking, and remediating errors.
- Data security management—protects data confidentiality, integrity, and availability (i.e., CIA (Confidentiality, Integrity, and Availability) triad). Enterprise data governance provides direction for identifying and classifying data according to its sensitivity and risk level, implementing data access controls, applying encryption, and monitoring and auditing data activities and incidents.
- A team leader
- Data stewards
- Data owners
- Data custodians
- Line of business representatives
Enterprise data governance challenges
Compliance requirements
Compliance regulations driven by governments and industries continue to evolve at a rapid pace. Enterprise data governance processes and procedures must contend with data proliferation and ever-changing rules for how data is managed, including enforcing data privacy and security requirements.
Data access bureaucracy
The protections and processes that come with enterprise data management programs can impact productivity. This not only undercuts the value of data as it is not accessible in a timely manner, but can also lead to workarounds that undermine the program.
Data control
The controls needed for enterprise data governance are often conflated with those used by IT and security teams with ruinous results. IT and security teams are primarily focused on data access controls and threat protection to mitigate risk and threats. Business teams look to data as a tool for driving value and strive for ways to access and use it. This often puts the two groups at odds with data caught in the middle.
Data ownership
Enterprise data governance efforts are challenged by the concept of data ownership. In reality, all data is owned by the organization. However, content creators and users believe that they own the data and may resist efforts to control “their” data.
In some cases, data ownership is perceived to be the domain of IT, since IT manages the systems used to create, share, and store it.
Enterprise data governance programs must contend with the challenges associated with perceived and actual data ownership and the oversight and management of that data.
Demonstrating business value
Despite the importance of enterprise data governance, organizations often fail to implement processes to document and measure the results of the program. Enterprise data governance is a resource-intensive function that often comes under scrutiny, with teams finding themselves scrambling to demonstrate defensible business value based on quantifiable metrics, such as data quality and actionable insights derived from the data.
Disparate data sources
Enterprise data management encompasses all data regardless of where it is created or resides. With the data diaspora caused by cloud computing and the pervasive use of SaaS tools, enterprise data management has been challenged to gain control of these disparate data sources and provide centralized access.
Lack of functional leadership
While organizations generally have an executive sponsor for enterprise data governance, there is often a lack of a functional leader who oversees the day-to-day operational aspects of it. Another challenge with leadership is that individuals in charge often do not understand the nuances of the function.
Enterprise data governance efforts are often hampered by a lack of resources—from budget to staffing. In some cases, IT teams are overwhelmed and cannot take on the additional responsibilities; in other cases, limited IT resources are misallocated to enterprise data governance functions that should be handled by other groups.
When enterprise data governance programs are initiated, it is common to add responsibilities, such as data owner or data steward, to existing roles rather than having a dedicated position. While this is effective in the short term, it is not scalable and usually results in lackluster performance.
Poor data context and quality
Data context and data quality determine the value of data and thus are of paramount importance to enterprise data governance programs. However, within enterprise organizations, priority is often placed on gathering data and less or none on how it is organized, which impacts data context and quality.
Poor data context creates a lack of clarity as to how data is meant to be used and inhibits effective enterprise data governance efforts.
Poor data quality is a challenge because it leads to a lack of trust and poor outcomes related to analytics. Enterprise data governance must take into account the myriad reasons for poor data quality, such as inaccuracies, age, and improper usage.
Rapid proliferation of data
The volume and velocity of data proliferation of data have quickly overwhelmed many a well-intentioned enterprise data governance program. The challenge is that enterprise data encompasses far more than that generated by business units.
The influx of big data creates a volume multiplier that is often overlooked. This unstructured data strains existing systems and databases as well as introduces different storage environments (e.g., data lakes) that require different governance policies and procedures than structured or even semi-structured data.
Siloed data
Data silos undermine the efficacy of enterprise data governance, because information is either hidden or inaccessible. Challenges related to data silos are created by:
- An accelerated pace of data collection
- Communication barriers
- Corporate cultures
- Growth and turnover of new technologies and enterprise infrastructure
- Legacy data locked in old systems
- New data sources
- Teams using multiple disconnected applications and systems (e.g., marketing, sales, finance, and engineering)
Support for self-service analytics
A shift to self-service business intelligence and analytics has created enterprise data governance challenges as more users demand increased access to data. Enterprise data governance programs struggle to balance their objective of ensuring data confidentiality, integrity, and availability with making it quickly and easily accessible to a broad range of users.
Unintentionally hidden data sources
With data being generated from so many sources, it is often inadvertently hidden within groups. As teams generate data, it is often stored locally and drawn on by other team members, but remains hidden from the organization at large.
Enterprise data governance benefits
As organizations depend on data for nearly every aspect of their business, the benefits of enterprise data governance take on particular importance. Benefits of enterprise data governance include:
- Addresses foundational data challenges, including:
- Assures that data reflects reality to effectively support decision-making
- Automates data-related tasks, including:
- Enables data democratization by giving users access to the data they need when they need it
- Ensures the confidentiality, integrity, and accuracy of data
- Facilitates enhanced collaboration between teams
- Fosters a culture of data sharing and quality
- Gives accurate status of ongoing activity, inventory, and resource availability
- Helps maintain a single version of the truth for data assets
- Logs data lineage to simplify root-cause analysis and impact analysis
- Minimizes friction between diverse data practitioners across an organization
- Protects data to adhere to security and privacy mandates
- Provides a management framework and structure for the creation, quality, handling, and security
- Reduces time lost on decisions made based on erroneous or outdated information
- Streamlines operations, reducing costs and increasing productivity
- Supports compliance with regulatory, legal, and industry requirements
- Tracks and manages all data in an organization
- Unifies enterprise data governance and management
- Ensuring consistent data interpretation
- Identifying opportunities to streamline data management efforts
- Making data assets reusable
- Recording relationships between various assets
- Reducing the number of errors in records
- Data cataloging
- Data discovery
- Data glossary creation
- Data lineage
- Data profiling
- Data quality checks
Enterprise data governance frameworks
An enterprise data governance framework is the foundational model for strategy and compliance. It serves as a blueprint for how the program is executed.
An enterprise data governance framework should address the unique requirements of the organization, including the types of data systems used, organizational tasks and responsibilities, and industry and government regulatory requirements.
Elements of and considerations for an enterprise data governance framework include:
- Data scope, including analytical, master, operational, transactional, and big data
- Data standards and policies
- Description of the data flows (e.g., inputs, outputs, and storage requirements)
- Metrics for measuring strategy execution and success
- Mission statement for the program
- Organizational structure, including roles and responsibilities, such as:
- Rules, procedures, and processes for how data flows are managed and controlled
- Technology and tools used to execute the program
- Accountable owner
- Business team
- Data council members
- Executive sponsor
- Head of data
- IT liaison
Recommended steps for creating an enterprise data governance framework include:
- Define data sources
- Identify data consumers and owners
- Establish processes and procedures for validating data and ensuring data integrity
- Determine risk and data security requirements for data types
- Implement processes for monitoring and enhancing the framework
Enterprise data governance processes
To be successful, enterprise data governance must be included in every aspect of an organization’s data creation, management, and protection. Recommended enterprise data governance process guidelines include the following elements.
- Assignment of clear roles and responsibilities for managing and using data
- Audits and quality control processes and metrics
- Documentation and communication of enterprise data governance processes and procedures
- Establishment of a chain of command and escalation paths for resolving data issues or conflicts
- Guidelines to ensure the effective and efficient use of data
- Parameters for data integrity
- Processes and tools to monitor and improve data quality
- Visibility and access to relevant information about the organization’s data assets
Enterprise data governance best practices
Best practices used by organizations that have successfully implemented enterprise data governance programs include the following.
- Automate wherever possible
- Build a business case that includes specific objectives
- Communicate details about the program, detailing what, why, and how
- Determine success metrics and establish baselines using qualitative and quantitative criteria
- Develop a robust data governance framework
- Establish a cross-functional advisory group and assign roles and responsibilities to each team member based on their expertise and authority
- Identify and document every data domain
- Implement enterprise data governance programs with the big picture in mind
- Measure results against baselines, report results to all constituents using visualization, and adapt the enterprise data governance program to ensure continuous improvement across all areas (e.g., data quality scores, data access rates, and data compliance)
- Monitor progress
- Provide training to all constituents
- Research and invest in the right technology to support the program
- Secure an executive champion and sponsor
- Start small and use and validate the approach through this “pilot” test
Committing to enterprise data governance
Enterprise data governance is not a one-time effort; it must be inculcated into the organization’s culture with support from all levels of leadership. In addition to embedding enterprise data governance into operations, it must be continually monitored and updated to ensure that it meets the business and regulatory requirements of the organization.
How mature is your identity security strategy?
Discover the 5 horizons of identity security.